SecoManager Security Controller
Business-driven policy management with intelligent network-security collaboration.
SecoManager Security Controller
SecoManager — a security controller developed by Huawei for a variety of security scenarios, including data centers and campus networks — provides network-wide security policy management, security service orchestration, and high-performance log management.
While SecoManager automatically generates and deploys security policies based on user service partitions and application service orchestration, it deploys security services within minutes — effectively reducing security Operations & Maintenance (O&M) costs. Additionally, in collaboration with Software-Defined Networking (SDN) controllers and the HiSec Insight Network Security Situational Awareness System — a big data-based intelligent analytics system — SecoManager effectively handles threats in mere minutes, significantly improving the threat defense capability of enterprise networks.
Automated Orchestration
Automated policy orchestration based on customer business partitions and applications, deploying security services within just minutes.
Intelligent O&M
Dynamic policy optimization based on application visualization and mutual access analysis, reducing O&M costs by 80%.
Network-Security Collaboration
Collaborative network and security association, with closed-loop threat handling in mere minutes.
Log Management
Collection and storage of millions of logs, facilitating Network Address Translation (NAT) source tracing.
Specifications
Parameters | SecoManager Security Controller |
Basic NE Management | Device management Device discovery, device management, virtual system management, configuration consistency check, and device Single Sign-On (SSO). Resource pool management Resource pool adding, deletion, modification, and query. Object management Address, service, application, and network partition management. Policy management Security policy, Virtual Private Cloud (VPC) policy, security service, and task deployment. |
Policy Collaboration | Big data security collaboration Receives threat handling requests from the big data security analysis system and sends them to threat blocking devices. Controller collaboration Network topology awareness and service chain-based traffic diversion policy delivery. |
Policy Orchestration | Automatic delivery of security policies based on network partitions, application mutual access relationships, security services, and VPCs. |
Policy Tuning | Policy tuning based on redundancy analysis results. |
Policy Simulation | Analysis of policy change impacts on application services based on simulation results before policy changes. |
Log Management | Query of millions of IPv4/IPv6 session logs, NAT-Port Range logs, and user port pre-allocation logs. Identity association tracing based on the logged mappings between pre-NAT and post-NAT IP addresses and ports, implementing various types of security audits and forensics. |
Technical Support