Professional Documents
Culture Documents
(HSA) Introduction
2
Challenges in
Security Auditing
3
Security Incidents Require Better Forensics
Are you prepared to answer the what, how, when, who of each security
incident in your network?
4 4
Log Management Requires Modernization
• Massive amount and diverse types of logs require specialized log management services.
5
Hillstone Security Audit Platform (HSA)
Value Proposition
6
Security Audit Expert – HSA
• Hillstone security audit solution, HSA, provides online access behavior monitoring and
security auditing functions to meet log management and regulatory compliance needs.
High
Powerful and
Multi-type performance Massive log Visualized
convenient
log support log storage log report
processing log query
7
Complete Audit Solution
• Hillstone HSA provides a complete security audit solution with full support for Hillstone security
products, and integration with third-party standard log equipment.
X Series E Series T Series
Data Center Firewall NGFW Intelligent NGFW
sBDS IPS
Breach Prevention HSA Intrusion Prevention
Security Management Platform
Third-party syslog
CloudHive CloudEdge
8
Support Multiple Log Types
Session Log
• HSA supports NAT, Session, URL, email, IM, and
threat protection logs. It also supports IPv4 and
Government Carrier
IPv6 logs. HSA meets the log auditing requirements
for different application scenarios of carriers,
NAT Log
universities, governments and enterprises.
Threat
Log URL Log
• HSA supports the standard syslog log format for Education
receiving and storing logs from third-party devices.
IM Log
9
High Performance and Capacity
• Hillstone HSA provides high-performance log processing capability. The log storing speed of a single
device ranges from 3,000 to 100,000 EPS.
• The performance and capacity can easily scale by adding more devices. For each additional HSA
device, the log processing performance can be increased by up to 100,000 EPS. At the same time,
the storage space is improved.
10
Convenient Log Query
• Support multi-condition query for massive log information. Provide real-time query and display by
adopting a unique massive data query technology.
• Support custom queries, query condition saving, query task notifications, distributed queries, etc..
• Support real-name audit. HSA can be linked with the billing system, which synchronizes the user name
and IP correspondence to the HSA. In this way, the logs received by HSA is directly associated with
the user name that enables real-name audit.
APPs
TIME
LEVEL Protocol
S/D IP Content
11
Comprehensive Monitoring of Device Status
• Real-time monitoring of key information of the device itself and the docking devices.
Customized monitoring
12
Visualized Log Monitoring and Reporting
• Monitor the status of the device itself and the resource usage in real-time.
• Present the log storage status and log collection trend graph that allows the admin to see the log
record at a glance.
• Provide multiple report templates, support multiple report format and custom statistics.
13
Real-time Alarm
• Generate alarms with predefined conditions, such as hardware status, statistics of logs, etc.
• Support alarms with customized conditions
14
Flexible Deployment Scenarios
HSA(master) HSA(master)
Logs Logs
HSA ( slave )
HSA ( slave )
Logs
15
Hillstone Security
Audit Platform
(HSA) Portfolio
16
HSA Specifications
Log Processing · Binary NAT Log: 270,000EPS · Binary NAT Log: 100,000EPS · Binary NAT Log: 50,000EPS
Performance · SYSLOG Log: 60,000EPS · SYSLOG Log: 15,000EPS · SYSLOG Log: 7,000EPS
Storage 180 days NAT Log for 40G Link 180 days NAT Log for 8G Link 180 days NAT Log for 2G Link
HDD 128 TB 16 TB 4 TB
Power Supply Single/Dual Power Supply 750W Single/Dual Power Supply 495W Single Power Supply 450W
Product Form 2U 2U 1U
17
vHSA: Virtual Hillstone Security Audit Platform
Specification vHSA-2
Memory Minimum 4G
Disk 2TB
Hypervisor Support VMware EXSi 5.1 / 5.5 / 6.0, VMware Workstation 12 or later version, KVM
18
Deployment Scenarios
& Winning Cases
19
Security Audit: Carriers and Telco
Solution Benefits
• Meet regulatory compliance requirements
20
Security Audit: Education Services
Internet
The Hillstone Next-Generation Firewall is deployed at the
campus network perimeter; with firewall and NAT features
enabled. HSA is deployed in tapping mode to record staff
and student internet usage logs.
Solution Benefits
• Meet regulatory compliance requirements
• Address requirements for real-name access Authentication and
Billing System
• Improves efficiency and reduces administrative
overhead
Features
• Logs: NAT, URL, IM on/offline logs
• Real-name log auditing
• Simple and instantaneous log queries
Students Teachers Campus DC
21
Security Audit: Government/Enterprises
Solution Benefits
• Meet regulatory compliance requirements
22
Security Audit: Virtualized Data Center
Hillstone CloudHive and CloudEdge are deployed on a
virtualized datacenter, providing protection between
VMs and North-South traffic. vHSA is deployed in
different areas of the Cloud Datacenter for audit.
Internet
Branch Office
Datacenter firewall is deployed at the datacenter perimeter. HSA
HSA is deployed in tapping mode to record internet
access logs and threat protection logs.
N
Solution Benefits
vHSA vHSA
• Meets regulatory compliance requirements Security Security
Zone A Zone B
S Level 2
• Provides centralized audit for both Cloud service Level 3
Features
• Logs: NAT, URL, IM on/offline logs
VPC VPC VPC VPC
• IPS and AV security logs
• Statistics reporting
• Session logs Virtualized Data Center
23
Configuration Recommendation
Recommended Products
Recommended Products
Customer Link (180-day NAT log processing
(180-day NAT, URL, IM log processing)
capability)
<1G Link E3662 and below, 1 HSA-4D E3662 and below, 1 HSA-4D
24
Winning Cases: HSA
Al Majamma University Guangdong University of People's Public Security Aipu Networks China Unicom
Education Foreign Studies University of China ISP ISP
UAE, HSA3D, T5860 Education Education China, HSA10, E5260 China, HSA10, X7180
China, HSA10, E6160 China, HSA10,E2800
Government Pharmaceutical Ministry of Agriculture of Industrial Bank China National Aviation KingMed Diagnostics
Organization Peru Finance Fuel Healthcare
Government Government China, HSA10, E2300 Energy China, HSA3, E2300
Thailand, HSA3D, E3960 Peru, vHSA, T1860 China, HSA3, E5760
25
+1 408 508 6750
inquiry@hillstonenet.com
5201 Great America Pkwy, #420
Santa Clara, CA 95054
www.hillstonenet.com
26