huawei nip2000/5000 nip2100/2200/5100 - FTP Directory Listing

brickborderΑσφάλεια

3 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

230 εμφανίσεις


1

/
5









Advantages



Comprehensi ve defense against new threats



Defense agai nst the l atest mal icious software, zero
-
day attack,
and
Botnet



Defense against application
-
l ayer DoS attacks: DNS, HTTP, SIP



More than 200 security researchers for coll ecting gl obal threats
and upgradi ng si gnature i n real ti me



Accurate detecti on and i ntell igent i nterception



Accurate detecti on wi th the vul nerabi
lity detection technology



Traffi c basel ine sel f
-
l earning wi thout threshold configuration
errors



Automatic i nterception of attacks on key servi ces wi thout
manual i ntervention



Easy to use and l ow TCO



Zero confi gurati on network access wi thout parameter
modi fi cation



Central i zed securi ty management and real
-
time securi ty
moni tori ng



Vi sual appl icati on traffic



Hi gh avai l abil ity



Carri er
-
cl ass hardware desi gn, support for temperature
moni tori ng and hot
-
swap fans and power suppl i es



Support for HA depl oyment i n
active
-
acti ve and active
-
standby
modes



Support for hardware bypass


Product Overview

Proactive and Comprehensive Protection

The NIP effecti vel y prevents potenti al or unknown threats wi th mul ti ple
advanced detecti on
technologies:



Wi th the i ntel ligent protocol i dentification technol ogy, the NIP
automatically di sti nguishes appl ications from protocols wi thout
manual setti ng of protocol ports.



Wi th the mul ti ple reassembl y technology on l ayers 2 to 7 and the
protocol
restorati on technol ogy, the NIP can present payload at the
appl i cati on l ayer and the fi le l ayer cl early and detect attacks,
avoi di ng the i nterference of evasi ve technologies.



Wi th the detecti on technologies based on vul nerabil ity and attack
features, the N
IP detects and defenses known threats, such as
vul nerabi lities expl oi tation, worms, and Trojans i n real ti me.



Wi th protocol anomaly detection, traffic anomaly detection, and
heuri sti c detecti on technol ogies, the NIP detects attacks caused by
unknown vul ner
abil ities and mal icious software.

Virtual patching
: Among al l i ntrusi on detecti on technol ogies used by
the NIP, the most i mportant one i s the vul nerabil ity
-
based detection
technol ogy. This technology can effectively prevent threats caused by
vul nerabi litie
s, such as overfl ow attack and worm i nfecti on.
Compared
wi th tradi ti onal attack feature
-
based detection technologi es, the
vul nerabi lity
-
based detecti on technology does not generate fal se
posi ti ves and can better tackl e attacks usi ng evasi on technologies.

R
el yi ng on more than 200 seni or researchers and gl obal data acqui si ti on
and attack di scovery capabi l ities, Huawei securi ty research team
provi des customers wi th the l atest securi ty reports,
and rel ease patches

Huawei Network Intel l igent Protection (NIP) systems prevent l arge and
medi um
-
si zed enterpri ses, i ndustri al users, and operators from network
threats and hel p them mai ntain
uni nterrupted servi ces. Usi ng a modul ar
engi ne desi gn and mul ti ple advanced detection technol ogies, the NIP
provi des vi rtual patching, web appli cation protection, cl ient applicati on
protecti on, mal icious software control, anti
-
DoS, and application
awarenes
s and control functions. Therefore, the NIP guarantees business
conti nuity, data securi ty, and regulatory compliance for these
organi zations.

Desi gned wi th carri er
-
cl ass rel i abi lity and supporti ng mul ti ple speci al
protocol s such as MPLS and VLAN, the Huawe
i NIP can be fl exi bly
depl oyed i n vari ous scenari os. The NIP supports zero confi guration
network access mode and automatically i ntercepts threats wi thout
compl ex si gnature adjustment and manual setti ng of network parameters
and threshol d basel i nes. The NIP

si gni ficantly reduces the depl oyment
compl exity and the total cost of ownershi p (TCO).

HUAWEI

NIP2000/5000

NIP2100/2200/5100


2

/
5






























Function Overview

peri odi cally (weekl y) or i mmediately (when a major vul nerabil ity i s
i denti fied). These patches are di stri buted to customers' IPS devi ces
through the cl oud securi ty center so th
at the IPS devi ces can defense
agai nst attacks i mmediately after the rel ease of the patch.

Client protection
:

Wi th the emergence of Web2.0 applicati ons,
more and more attacks target browsers and the popular PDF, SWF,
JPEC, and Offi ce fi l es. Due to the vul nerabili ti es of cl i ents, a l arge
number of personal computers become zombi es caused by hackers,
and i mportant
information such as bank account and network password
i s stol en.

The NIP can deepl y parse and detect the coded or compressed content
based on protocol s and fi l e format (for exampl e, i n GZIP or UTF
format). It automatically ski ps the part i rrel evant to thre
ats i n the
parsi ng process. The NIP provi des compl ete protection for browsers
and fi l es and hi gh onl ine performance.

Malicious software control
:

The NIP can defense Troj ans,
adware, and mal icious software, and i ntercepts them based on the
communi cati on and

broadcasti ng traffi c characteri sti cs. Thi s reduces IT
cost and prevents i ntrusi on or di scl osure of pri vate and propri etary
i nformation.

Web application protection
:

Many enterpri ses and i nsti tutions
have mi grated applications to the Web servi ce pl atform. I
ntrusi on i nto
and attacks on the Web server may have di sastrous effect on these
organi zations. For example, through an SQL i njection attack, a hacker
may change web pages, obtain the admi nistrator password, and cl ear
the data of the enti re websi te.

The NIP

uses a
n

acti ve securi ty mode i ndependent of attack features
or mode matching technologies to guarantee i mplementation of proper
appl i cati on behaviors. Wi th thi s mode, the NIP can i dentify good
appl i cati on behaviors and prevent mal icious behaviors.

Applica
tion awareness and control
:

The NIP can i dentify
more than 1000 network appl ications and full y monitor and manage
vari ous network behavi ors, such as i nstant messagi ng (IM), onl ine
games, onli ne vi deo, and onli ne stock tradi ng. Thi s enables enterpri ses
to i
denti fy and prevent unauthori zed network behaviors, better
i mpl ement securi ty pol icies, and i mprove the worki ng efficiency of
empl oyees.

Wi th preci se bandwi dth al location strategi es, the NIP restri cts the
bandwi dth used by unauthori zed applicati ons such as

P2P, onl ine
vi deo
,

and l arge fi le downl oadi ng. The NIP reserves suffi ci ent
bandwi dth for office applications such as OA and ERP, i mproving the
network access speed.

Infrastructure protection

Wi th the powerful DDoS attack preventi on and the traffic model
sel f
-
l earni ng capability,
the NIP can automatically detect and i ntercept
DoS attacks or t
raffi c surge caused by vi ruses.

As a resul t, the NIP
protects network i nfrastructure such as routers, sw
i tches, VoIP
systems, DNS, and Web servers from attacks and ensures conti nuous
avai l ability of key servi ces.

Easy Deployment

The NIP, pre
-
confi gured wi th default mature securi ty polici es, supports
zero confi guration network access. Based on advanced engine
technol ogi es and
hi gh
-
qual ity vulnerability
-
based si gnature of the
pol i ci es, the NIP provi des hi gh
-
precisi on detection capabil ity and
automatically i ntercepts major and severe threats of servi ces wi thout
manual i ntervention.

The NIP supports i n
-
l i ne deployment i n transpare
nt mode and off
-
line
depl oyment. The network and securi ty administrator can sel ect the
worki ng mode for a devi ce because the i nterfaces of the devi ce can
work i n i n
-
l i ne or off
-
l ine mode wi thout network readj ustment.

The NIP detects speci al network encapsu
l ati on data such as MPLS,
VLAN trunk, and GRE data, and faci litates fl exible deployment.

High Availability

The NIP provi des rel i abi lity and avail ability at the hi ghest l evel when
the IPS i s depl oyed i n i n
-
l ine mode. NIP supports hi gh rel iabil ity
confi gurat
ion (acti ve
-
standby mode and acti ve
-
active mode), hot
-
swap
redundant power suppl y, hot
-
swap fan, and the electronic hard di sk
sol uti on.

The NIP provi des software bypass and hardware bypass
functi on (fai l
-
open). A module or even the entire IPS can be bypass
ed
when i t works abnormal ly.

Centralized Management and Reports

The NIP can moni tor, upgrade, and del iver pol icies at mul tiple devices
i n a central i zed manner based on the Web
-
based management mode
or through NIP Manager, the centralized management
software.

The NIP provi des mul tiple pre
-
defined policies to sati sfy customers'
needs of customi zed pol icies.

Wi th ri ch l og stati sti cs and reporti ng functi ons, the NIP Manager
presents the real
-
ti me network status, hi stori cal i nformation, attack
ranki ng, and traffi c trend i n di fferent granul ari ties and di mensi ons.
This
keeps users i nformed of network heal th status

and provi des gui dance
for network hardeni ng and IT activity i mplementati on.


3

/
5





Front end of the server



Intercepts worms and vul nerabilities that
target servi ces
and pl atforms; prevents data damage, tamperi ng, l eak, or
zombi e caused by mal icious software.



Prevents the servers from DoS/DDoS attacks.



Defenses agai nst new attacks on Web appl i cations, such
as SQL i nj ection, cross
-
si te scri pti ng, scanni n
g, guessi ng,
and snoopi ng attacks.



Provi des IDC val ue
-
added servi ce
.

Internet access point



Restri cts the traffi c of P2P and network vi deo applications
to guarantee the bandwidth of normal servi ce
.



Restri cts the use of IM, game, and stock software to
guarantee the worki ng efficiency of employees
.



Restri cts the use of onl i ne storage, Web mail, and IM to
prevent i nternal i nformation of enterprises from bei ng
di scl osed
.



Prevents data l oss, damage, or zombi e caused by network
threats to cl i ents on an i ntra
net and the browser
.

Typical Application

Network bypass monitoring
-

IDS



Detects vi ol ations of IT pol ici es on the network.



Compl i es wi th government's compulsory standards for
confi dential networks or confi denti al
-
associ ated networks.



Assi sts the network management system

i n network
mai ntenance and provi des key troubl eshooti ng i nformation.



Hel ps the organi zation to obtain certification of standards
necessary for company l i sti ng and i nvestment i nvitati on.

WAN edge



Isol ates networks l ogi call y.




Prevents the i ntrusi on of worms or Troj ans from extranets.



Moni tors di scl osures of i ntranet i nformati on to extranets.



Detects and prevents mal i cious behaviors such as attack
probes from extranets.


4

/
5




Model

NIP2100

NIP2200

NIP5100

NIP5200



Product
performance

Hi gh
-
end megab
it

Low
-
end gi gabit

Mi d
-
range gi gabi t

Hi gh
-
end gi gabit

Extension and I/O


Dedi cated
management
port

1×GE(RJ45)

1×GE(RJ45)

1×GE(RJ45)

1×GE(RJ45)

Fi xed i nterface

4×GE(RJ45)

4×GE(combo)

4×GE(RJ45)

4×GE(combo)

4×GE(RJ45)

4×GE(combo)

4×GE(RJ45)

4×GE(combo)

Extensi on sl ot

2×FIC

3×FIC

3×FIC

3×FIC

Extensi on
network port

4×GE(RJ45)

BYPASS
2Li ne(LC/UPC)

BYPASS

8×GE(RJ45),

8×GE(SFP)

4×GE(RJ45)

BYPASS
2Li ne(LC/UPC)

BYPASS

8×GE(RJ45), 8×GE(SFP)

4×GE(RJ45)

BYPASS
2Li ne(LC/UPC)

BYPASS

8×GE(RJ45),

8×GE(SFP)

2×XE, 2×XE+8GE

4×GE(RJ45)

BYPASS
2Li ne(LC/UPC)

BYPASS

8×GE(RJ45), 8×GE(SFP)

2×XE, 2×XE+8GE

Functions and

Features


Server protecti on

Al l
-
round server protecti on, addressi ng probl ems i ncl uding system and servi ce vul nerability exploits, brute force, SQL
i nj ecti on, and cross si te scri pti ng

Cl i ent protection

Securi ty protecti on for web browsers and pl ug
-
i ns
(Java and Acti veX)

P
rotecti on for fi l es wi th common formats: PDF, Word, Fl ash, and AVI

D
efense against operati ng system vulnerabili ti es, detection of i nfected systems, and detecti on of spyware and adware

Infrastructure
protecti on



M
al formed packet attack
prevention, speci al packet control, scanni ng attack preventi on, TCP/UDP fl ooding attack
preventi on



A
ppl i cation
-
layer DDoS attack prevention: HTTP, HTTPs, DNS, SIP, and so on



T
raffi c model sel f
-
l earning: setti ng the threshold of traffic attacks based on nor
mal traffic stati sti cs

Network
appl i cati on
management

Identi fication and management of more than 1000 appl ication protocols, coveri ng mainstream applicati on protocols
i ncl uding P2P, IM, online games, stock software, voi ce appl ication, online vi deo, stream
ing media, Web mail, mobile
termi nal s, and remote l ogin

Al arm response

Real
-
ti me alarm, audible al arm, Sysl op, SNMP Trap, E
-
mail, sendi ng short messages, thi rd
-
party devi ce l inkage, IP
address i sol ati on, attack packet capturi ng, and real
-
ti me sessi on i nte
rcepti on

Devi ce
management



GUI
-
based confi guration, hi erarchical management, permissi on
-
based access control, and central ized device
management



P
eri odi c upgrade of engine reposi tory, rol l
back of engi ne reposi tory, and
I
ntranet upgrade

Log and report
moni tori ng

Devi ce status moni toring, event i nformation record backup, l og queryi ng and fil tering, real
-
time moni toring of network
status, and speci al i zed reports

Depl oyment and
avai l ability



Speci al ized management port: In
-
l ine IPS deployment, off
-
l ine IDS

deployment, and hybri d deploymen
t



Hardware bypass and HA

Specifications


5

/
5


Integrated System


Di mensi ons
(H×W×D) (mm)

442×560×43.6

442×415×130.5

442×415×130.5

442×415×130.5

Power suppl y

AC: 100 V to 240 V 50/60
Hz, supporti ng
redundancy

AC: 100 V to 240 V 50/60
Hz,
supporti ng redundancy

AC: 100 V to 240 V
50/60 Hz, supporti ng
redundancy

AC: 100 V to 240 V 50/60 Hz

DC:
-
48 V to
-
60 V

supporti ng redundancy

Maxi mum power

150 W

300 W

300 W

300 W

Operati ng
envi ronment

Temperature: 0°C to
40°C

humi dity: 5% to 95%,
non
-
condensi ng

Temperature: 0°C to 40°C

humi dity: 5% to 95%,
non
-
condensi ng

Temperature: 0°C to
40°C

humi dity: 5% to 95%,
non
-
condensi ng

Temperature: 0°C to 40°C

humi dity: 5% to 95%,
non
-
condensi ng

MTBF

12.67 years

12.67 years

12.67 years

12.67 years