Huawei security: dancing internationally

Huawei security: dancing internationally

As "a place to talk about security", the annual RSA conference will become a benchmark for the development of the security industry. This year is no exception. As a representative of the Chinese RSA 2014 Security Conference, Huawei has its own opinions on the security industry trend reflected by this RSA conference. This will also become an important guide for the future of this local vendor.

　The RSA Conference reflects the direction of security change

Today, we are facing a new IT application environment and threat situation. For organizations, the simple deployment of security devices is insufficient to defend against threats. They need to integrate various security protection measures and information, this Service prevents new risks caused by new IT vulnerabilities and application methods (such as mobile access and personal applications), and allows you to visualize and manage the overall security situation, so that you can immediately discover potential security problems.

According to Wu Haitao, head of Strategy and Business Development Department of Huawei enterprise network product line, this RSA Conference shows that the main development trends and innovations of the security industry will focus on the following aspects: first, from focusing on real-time defense to global defense, the Organization should comprehensively and visually view the security situation, and discover threats based on big data security analysis and take targeted measures. Second, instead of limiting feature-based threat discovery, Alibaba Cloud uses the machine self-learning mechanism to put security devices in the customer's actual application environment. Through a period of self-learning and optimization, establish a normal model for enterprise IT applications. Once an enterprise's traffic or application characteristics violate the normal model, an alert is issued or a security policy is executed for protection. Third, policy deployment is automated, it includes seamless, unified, and automatic, that is, seamless fixed and mobile policies, seamless and unified management of virtual and physical environment policies, and dynamic adjustment and automatic delivery of policies, this requires unified management and visualization of fixed and mobile, physical, and virtual network environments in the architecture, and a policy automation mechanism, this is also a basic technology for future cloud-based security services.

Wu Haitao also said that in the future, the cooperation and integration capabilities of the industrial chain will become another key point between manufacturers. According to the participants of various manufacturers, Security Solutions in the mobile and cloud environments are gradually being implemented. Redefining security has become a hot topic. The security industry is experiencing rapid technological and conceptual changes. The Exhibitors can be divided into two categories. One is closely linked to the background of mobile and cloud applications, emphasizing their own product advantages, and the other is closer to this, emphasize the use of big data analysis technology to provide overall security intelligence analysis and strategies, and emphasize the seamless, visual, and unified management of the overall security solution in traditional, mobile, and cloud environments. In particular, it is worth noting that: security management has been mentioned as a very important position. Mobile and BYOD security is declining, but the solution is maturing. cloud data center security solutions are implemented.

Wu Haitao believes that big data security analysis requires several key capabilities: efficient Big Data Analysis cloud platform, big data analysis model and algorithm, cross-platform cross-vendor heterogeneous information collection mechanism and big data sources.

Develop security services along the correct track

As a representative of Chinese Enterprises "going out", Huawei has been paying close attention to the latest development trends of the industry since making full use of its enterprise-level business, and has developed its own development strategy accordingly. At this RSA conference, Huawei was pleased to find that its security business strategy is very consistent with the security industry trend.

At present, Huawei's Overall Ideas in the security field include: first, security collaboration across the network should be realized, that is, security analysis and linkage defense capabilities across the network; second, it is necessary to implement automatic security deployment and Policy Automation Based on the SDN concept. Third, security software and capabilities should be decoupled from security hardware through componentization, this gives security products more flexible deployment capabilities and richer business models. Wu Haitao said that in the future, Huawei will focus on building security analysis and situation awareness capabilities using big data, especially building advantages in key technologies such as algorithms; creating a unified smart security model not only provides products and solutions, but also provides effective security information, information processing and analysis methods and effective defense, this will determine Huawei's future security solution architecture, interface standards, and industrial chain cooperation direction.

At present, enterprise networks face the following major challenges: BYOD gradually disappears network boundaries, attacks become discrete and diversified, and attack behavior gradually changes from known to unknown. The Organization's network security protection needs to change from a single product to the concept of network-wide security collaboration. For Huawei, its agile network concept fits this trend. With an agile network, organizations can step from single point of defense to full-network defense. In an agile network environment, Huawei proposed the "network-wide security co-defense" concept. Its essence includes three key points: Big Data Analysis, security resource center, sandbox, and reputation.

Big data analysis is highly correlated with agile networks. The whole process from data collection and analysis to security situation awareness and response is completed by Campus Controller. For example, Huawei's next-generation Anti-DDoS service is a manifestation of its big data analysis capabilities. It has achieved four transformations: Protection against large-scale large-volume DDoS attacks and protection against DDoS attacks on mobile terminals, protects the application layer against DDoS attacks and data center DDoS attacks. In an agile network environment, the security resource center places all security products in a more centralized location to form a security resource center that virtualizes security products into different security capabilities. The entire security center's brain is Controller, and all network security control can be completed in the control center. The Controller can perform big data analysis and security response. It enables the agile switch to direct the business traffic of the data center to the security resource center and notify the security resource center of the types of security checks, this is an overall collaborative process, and it is also a new capability that agile networks can bring to safety. Sandbox technology is mainly used to defend against advanced threats such as APT attacks. Based on the sandbox and Reputation System, Huawei's next-generation firewall can implement feature-based threat protection, you can also protect unknown threats based on the Local Sandbox or cloud sandbox.