Next Generation Firewall Tianqing Hanma T Series

Description

Tianqing Hanma T SeriesfirewallsbeQixinghen (Chinese company name)Launched a new generation of T-bit level high-performance firewall products. Innovative use of SDN hardware switching and multi-core CPU service module combination of architectural design, providing up to 1.2T non-blocking data processing capacity.

by means of a highsuretyGrade VSOS security operating system and high-performance application layer traffic processing engine, from the multi-dimensional perspective of business, users, applications and behaviors, reconfigures the functions of security control, traffic classification, attack protection, VPN, application identification, anti-virus, intrusion fire prevention, behavioral management, Web protection, multi-layer nested QoS, user authentication and so on. It provides intelligent control means such as user policy, application policy and behavioral policy, which truly realizes the deep integration of L4-L7 layer services and provides users with high-performance, highly reliable integrated security protection.

Support with Tian Tian advanced persistent threat detection and management system (APT), Tian Tian intrusion detection and management system (IDS), Venus Eye threat intelligence, Flow Eye security domain flow monitoring system, Tian Xun intranet security risk management and auditing system, Tai Heinformation securitySystem of Operations Center (SOC) linkage for higher dimensional collaborative protection.

Tianqing Hanma T series next-generation firewall system also has software-defined wide-area network (SD-WAN) function, real-time dynamic path selection, WAN optimization, dynamic VPN tunneling, data compression, end-to-end QoS SD-WAN solution. It meets the demand for multi-path, flexible and low-cost WAN connectivity, realizes fast and secure access for branch offices and mobile users, and can provide the reliability and high efficiency required by the business.

multiplane system architecture

Qisda T series firewall adopts the design of separating control and service in software architecture, which is divided into two parts according to the type of service: Control Plane (CP) and Data Plane (DP). CP mainly handles management services such as authentication, configuration, routing, logging, and high availability, and provides management interfaces such as WebUI, command line, cloud management platform The DP handles network layer, application layer analysis and firewall policy enforcement. Each CP or DP is bound to a logical processor to avoid negative impact on performance due to system scheduling.

Qisda adopts the original dual-plane dynamic diverter architecture for traffic distribution. When a data packet arrives at Qisda T series firewall, it is first classified initially by the intelligent splitter. The intelligent splitter decides which processing core to deliver the packet to based on the currently enabled upper-layer functions and the packet's network layer and application layer information. Intelligent splitter ensures that the packet can complete all the required processing on a single processing core (for some special cases, the system still provides inter-core message interoperability mechanism), avoiding the high overhead of accessing memory across nodes, which is a key technology to ensure the concurrent performance of multiple cores.

Integrated Message Processing Engine

Qisda uses an integrated message processing engine to complete the unified parsing of messages. The engine first analyzes the user-configured functions and decides what to analyze, and then uniformly processes all the contents that need to be parsed from layer 2 to layer 7 at one time and sends the results to the policy control module. The policy control module matches the user-configured policies with the parsing results for subsequent processing of the message.

All-in-one message processing engine with intelligent splitter completes all the work from message reception, message parsing, policy control and message sending on the processing process of a single processing core. Once parsing, unified processing, avoiding repeated work and message copying between multiple modules and processes. In the unified processing of policies, a higher level of abstraction can be performed based on user policies, application policies, security policies, etc., to formulate advanced policies based on basic policies.

ClearHumas T-Series firewalls have the industry's most powerful security controls.

Qisda T series firewall adopts the design of separating control and service in software architecture, which is divided into two parts according to the type of service: Control Plane (CP) and Data Plane (DP). CP mainly handles management services such as authentication, configuration, routing, logging, and high availability, and provides management interfaces such as WebUI, command line, cloud management platform The DP handles network layer, application layer analysis and firewall policy enforcement. Each CP or DP is bound to a logical processor to avoid negative impact on performance due to system scheduling.

Seven-tuple access control:

Access license control parameterized by source address, destination address, source port (source security domain), destination port (destination security domain), service type, APP type, and user;

Seven-tuple session control:

Session license control parameterized by source address, destination address, source port (source security domain), service type, APP type, and user: total new connection rate/total connections, new connection rate per source IP/total connections per source IP, new connection rate per destination IP/total connections per destination IP;

Apply behavioral controls:

In-depth APP or various types of network protocol detail parameters, to achieve fine network behavior management and logging;

Flow Control:

Nested traffic and QoS control with multi-layer pipes parameterized by source address, destination address, service type, APP type and user.

Based on multi-dimensional strong security control, it can realize strong security control capability for users, thus effectively improving the overall security protection level and guaranteeing the stable and reliable operation of core business.

At the same time, Tianqing Hanma T series of next-generation firewalls support deployment in all kinds of network environments, thus realizing the effective landing of the core value of firewalls in the new generation of business environments.

Intrusion Prevention and Virus Filtering

Supports leading intrusion prevention technology and virus filtering. The products use a variety of patented and innovative technologies to provide customers with intrusion prevention and anti-virus performance for up to hundreds of gigabytes of traffic.

The ultra-high performance is due to the use of tagged fusion integrated matching technology, which is structured to maximize the fusion of modules where redundant functions exist, thus avoiding repetitive data reduction and analysis processes.

Application Behavior Control

Intelligent application identification uses technologies based on Deep Packet Inspection (DPI), Deep Flow Inspection (DFI) and Network Behavior Analysis (NBA) to achieve accurate identification of mainstream applications.

Application control provides leading application behavior control functions based on intelligent application recognition, which can achieve fine control based on the depth of information and content of the application.

Advanced Persistent Threat (APT) Protection

Supports linkage with Qixing TianTep Advanced Persistent Threat Detection and Management System (APT)

APT adopts sandbox detection technology, which has precise detection effect on unknown Trojans, viruses and malicious codes, realizing effective protection against unknown threats, advanced persistent threats and 0DAY attacks.

Threat Intelligence Cloud Dynamic Protection

Supports linkage with QixingVenusEYE Threat Intelligence Cloud to provide dynamic security protection functions based on real-time updated threat intelligence.

Full support for security in IPv6 environments

Comprehensively supports IPV6/V4 dual-stack environment working at the same time, and all security protection functions intrusion prevention, anti-virus, application control, QoS flow control, APT protection, threat intelligence protection, etc. are supported in dual-stack environment.

Virtualized Firewall

Supports underlying hardware virtualization based on Hypervisor technology. Each virtual firewall runs in complete isolation and has no influence on each other, and the software version can be upgraded and restarted independently for virtual firewalls, and HA deployment between virtual firewalls can be realized.

Each virtual firewall provides complete security features, including firewall, intrusion prevention, antivirus, application behavior management, flow control, VPN, and IPv4/IPv6 dual stack.

cloud firewall

Provides rich software-defined interfaces, can interact with cloud management platform through vCenter-PlugIn or LBaaS-Driver, FWaaS-Driver, and can be adapted to VMware, KVM and other environments, and supports the deployment of a variety of cloud platforms, providing high-performance, high-reliability, flexible and elastic for north-south traffic, east-west traffic. It provides high-performance, highly reliable, flexible and elastic four or seven layers of security protection for north-south and east-west traffic.

Vcloud Cloud Log

Provide firewall log cloud storage and analysis services, firewall, NAT, system and security logs can be reported to the cloud in one click , support WeChat push alarms, WeChat report push, any time and place of the log query.

Software Defined Wide Area Network SDWAN

Integrated software-defined wide area network (SDWAN) technology enables reliable assurance of critical services, service acceleration, application traffic management, service-integrated security, and simplified network management.

Domestic exclusive SDWAN+NGFW integration and convergence solution for the vertical intranet of government departments such as headquarter/provincial/prefecture/county and township, and the internal production environment of large-scale enterprises.

SDWAN features include:

Multi-link load/automatic routing based on link quality/multi-link replication for critical services/data compression/TCP bilateral acceleration, etc. Common service acceleration 2x-20x.

Dedicated network users:

Dramatically improve the business experience, enhance business reliability, complete security features such as video conferencing

Internet group network users:

Dramatic savings comparable to dedicated lines / VPN encryption / complete security features