Huawei proposes a new idea to cope with APT attacks from passive congestion to active congestion

Huawei proposes a new idea to cope with APT attacks from passive congestion to active congestion

Recently, Huawei attended the 2014 trend CIO Summit, with nearly 300 leading global cloud computing vendors and leading domestic industries, CIOs and CSO of well-known enterprises discuss hot topics such as cloud data center security architecture, big data security, and mobile device security management. Huawei also shared how Huawei's security solution uses big data analysis technology and security co-defense philosophy to help enterprises build a defense system in depth, respond to APT attacks, and protect the security of key information assets.

At present, a new type of threats that are organized, targeted at specific targets, with great damage and sustained duration have posed unprecedented challenges to enterprise network security. This attack is also known as an APT (Advanced Persistent Threat) attack. APT attacks usually take legal channels, exploit zero-day vulnerabilities, and adopt social engineering methods. Prior to the emergence of APT, threats mainly came from external sources. Defense was concentrated on network boundaries, and protection policies were dominated by "blocking. After APT appears, the probability of border defense is greatly increased, and it is lurking inside the enterprise network to wait for the opportunity. Therefore, protection strategies should be transformed to "encirclement" to build defense around key information assets.

This will lead to significant changes in the existing information security protection system. First, the protection at network boundaries needs to be more rigorous. The security gateway must not only defend against common threats with known features, but also quickly identify unknown threats. There are two main solutions in the industry: credit system and sandbox. Second, for attacks that have crossed the boundary line of defense, it is necessary to combine devices across the network for collaborative defense. Comprehensive Analysis of the clues behind APT attack latent, identification and blocking isolation through its behavior characteristics. Third, it is necessary to encrypt and protect key information assets and strictly control information transfer. This is exactly the idea that Huawei's security solution should respond to APT attacks to protect key information assets of enterprises. Qian xiaobin, Chief Security architect of the Huawei switch and enterprise communication product line, clearly pointed out this point in his keynote speech at the trend CIO Conference: "entering the APT era, the enterprise's APT attack protection needs to change its mind from passive blocking to active blocking, and establish an active threat protection system so that the company can't get in, take it away, and cannot open it '."

The following firewalls of Huawei have built critical information security protection systems in the APT age. As a product that highly matches the network isolation gateway model proposed by Forrester Research, it has complete protection functions and excellent performance, and plays an important role in preventing APT from stealing key information assets at all stages.

At the border, the next generation firewall is used to block high-risk applications and known malicious websites, reducing the risk of traditional attacks on the network. At the same time, through the linkage with Huawei's security cloud, relying on the sandbox deployed on the cloud and the credibility system built based on massive data analysis and statistics, Huawei's next-generation firewall can promptly and accurately identify unknown threats. In the enterprise intranet, the Agile Controller in the Huawei Agile network will collect security logs of devices across the network, and discover the malicious behaviors of latent attacks through comprehensive analysis in a timely manner, and intelligently schedule devices across the network for blocking and isolation. During the data transfer stage, Huawei's next-generation firewall will strictly check the types and content of transmitted files, effectively preventing leakage of key information assets from the inside out.

Customers learn about the next generation firewall, Anti-DDoS, and other network security products at the Huawei booth.

[Edit recommendations]

Huawei promoted Pearl River digital's triple play bandwidth to 20 m. Huawei built high quality and large capacity, flexible access to safe city network Huawei joins hands with Jianyin to hold Modular Machine Room Financial Industry Forum Huawei shakes hands with uk scc big Layer 2 network ice-breaking Big Data Huawei eLTE successfully guaranteed the torch transfer and assisted Nanjing smart qingao (responsible editor: lin TEL :( 010) 68476606]