This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
Get Pricing/Info Find a Reseller Live Chat Support More Contacts

Total: 0 products

  • Choose product to compare

Cancel
Compare with CISCO
Compare with H3C
  • Choose product to compare

Cancel
Compare with CISCO
Compare with H3C
  • Choose product to compare

Cancel
Compare with CISCO
Compare with H3C
  • Choose product to compare

Cancel
Compare with CISCO
Compare with H3C

CIS-Cybersecurity Intelligence System

Detects events based on APT kill chains and real-time awareness of security posture

Updates

WORLDWIDE

CIS-Cybersecurity Intelligence System

Cybersecurity Intelligence System (CIS) defends against APT attacks by utilizing technologies such as Big Data analytics and machine learning. To guard key information assets, the CIS accurately identifies and defends against APT attacks. It can restore the kill chain of an APT by extracting key information from mass data, assessing risks in multiple dimensions, and correlating isolated anomalies based on Big Data analytics.

Specifications

Features Descriptions
Traffic Collection Parses HTTP, DNS, and mail protocols, restores HTTP files and mail attachments, and captures packets based on packet capture rules
Log Collection Collects syslogs from ArcSight and FireHunter, and netflow logs from Huawei routers, Huawei switches, and flow probes
C&C Anomaly Detection Detects DGA and Fast-Flux domain names
Event Correlation Analysis Provides predefined rules for logs and allows users to define correlation rules and sub-rules
Traffic Baseline Anomaly Detection Allows users to configure traffic control rules and supports vertical and horizontal scanning
Traffic Anomaly Detection Detects unauthorized access, threshold-exceeding traffic rates, and threshold-exceeding access frequency
Mail Anomaly Detection Analyzes mail sending servers, senders, and recipients, allows users to define the mail whitelist and blacklist, and detects mail attachments
Covert Tunnel Detection Detects Ping Tunnel, DNS Tunnel, and file evasion
Reputation Management Supports local IP reputation query, DNS reputation generation, and file reputation query
Attack Path Visualization Displays attack transmission paths, including attacks from the Internet to the intranet, transmission within the intranet, and C&C connections from the intranet to the Internet
Network-wide Threat Posture Analyzes threats, malicious and suspicious mails, malicious and suspicious files, targeted hosts, and malicious domain names; and displays correlated events and traffic anomaly events
Smart Search Searches for data and drills search results
Blacklist and Whitelist Management Manages mail, URL, IP address, and domain name blacklists and whitelists

For Partners

If you are already a partner, please click here to get more marketing resources,
Click here to visit partner zone to check enquiry status, manage orders, get support, or learn more about Huawei partners.

Huawei Enterprise APP

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved.