If you need help, please click here:
SecoManager — a security controller developed by Huawei for a variety of security scenarios, including data centers and campus networks — provides network-wide security policy management, security service orchestration, and high-performance log management.
While SecoManager automatically generates and deploys security policies based on user service partitions and application service orchestration, it deploys security services within minutes — effectively reducing security Operations & Maintenance (O&M) costs. Additionally, in collaboration with Software-Defined Networking (SDN) controllers and the HiSec Insight Network Security Situational Awareness System — a big data-based intelligent analytics system — SecoManager effectively handles threats in mere minutes, significantly improving the threat defense capability of enterprise networks.
Automated policy orchestration based on customer business partitions and applications, deploying security services within just minutes.
Dynamic policy optimization based on application visualization and mutual access analysis, reducing O&M costs by 80%.
Collaborative network and security association, with closed-loop threat handling in mere minutes.
Collection and storage of millions of logs, facilitating Network Address Translation (NAT) source tracing.
|Parameters||SecoManager Security Controller|
|Basic NE Management||
Device discovery, device management, virtual system management, configuration consistency check, and device Single Sign-On (SSO).
Resource pool management
Resource pool adding, deletion, modification, and query.
Address, service, application, and network partition management.
Security policy, Virtual Private Cloud (VPC) policy, security service, and task deployment.
Big data security collaboration
Receives threat handling requests from the big data security analysis system and sends them to threat blocking devices.
Network topology awareness and service chain-based traffic diversion policy delivery.
|Policy Orchestration||Automatic delivery of security policies based on network partitions, application mutual access relationships, security services, and VPCs.|
|Policy Tuning||Policy tuning based on redundancy analysis results.|
|Policy Simulation||Analysis of policy change impacts on application services based on simulation results before policy changes.|
|Log Management||Query of millions of IPv4/IPv6 session logs, NAT-Port Range logs, and user port pre-allocation logs.
Identity association tracing based on the logged mappings between pre-NAT and post-NAT IP addresses and ports, implementing various types of security audits and forensics.