Search

  • Overview
  • Benefits
  • Architecture
  • Key Technologies
  • Products

Multilayer Ransomware Protection

With ransomware attacks spiking in recent years, this malware is evolving to become stealthier, faster, and more impactful, often evading common antivirus software.
Ever-evolving ransomware is challenging the traditional siloed protection measure, which is usually using behavioural-based detection, signature-based detection, network traffic monitoring and data backup for restores. However, Huawei innovatively developed the MRP techonology, Network-Storage Collaboration Multilayer Ransomware Protection, creates a dual protection for your data.
First defense line, Network, detects the ransomware accurately and prevent it from proliferating horizontally. Second and the last defense line, storage, identifies the ransomware and prevent the data from encrypting and tampering, using the backup recovery and air-gap recovery to ensure the service recovery. Additionally, the unique network-storage collaboration delivers three capabilities: Accurate identification, Comprehensive protection, Fast recovery, building a highly secure protection system.

Benefits

Accurate identification

Up to 99.9% of ransomware can be identified pre-, in-, and post-attack via network and storage collaboration.

Comprehensive protection

2 lines of defense, 6 layers of protection, and the auto-learning ramsomware virus lib. provide comprehensive ransomware protection.

Fast recovery

The network-storage collaboration technology allows to take proactive actions to protect data, delivering the fastest data recovery in the industry.

Architecture

Architecture

Architecture

More Accurate Identification

Added I/O-based and entropy-based storage detection mechanisms, up to 99.9% identification accuracy through the network-storage collaboration, cover pre-, in-, and post-event.

Harder to Attack

Building an in-depth system with two lines of defense and six layers of protection, makes IT systems harder to be attacked. The innovative network-storage collaboration protection mechanism is updating the network security and storage interception blocklist in real time based on the captured threat file features.

Faster Service Recovery

Huawei storage provides protection actions: snapshot, backup, and Air-GAP. Based on the network-storage collaboration recovery mechanism, actions are triggered in advance, greatly reducing the recovery time to the second-level.

Huawei

Key Technologies

E2E Data Encryption

Protocol-layer encryption NFS, CIFS/SMB.
Advanced Encryption Standard (AES)-256 encryption of production and backup data.
Encryption during air gap replication.
Encryption during remote replication of data and copies.

Air Gap Replication

By setting the replication Service Level Agreement (SLA), data copies are automatically and periodically replicated from the production or backup storage to the isolation environment. The replication link is active only during replication, which ensures data copies are offline most of the time, reducing the possibility of attacks.

File System WORM and Secure Snapshot

A protection period can be set for production or backup data to prevent data modification or deletion during this time range.
Secure snapshots ensure storage data is read-only and cannot be modified or deleted within a specified time range.

Ransomware Detection

A baseline model is established based on historical data to check for any abnormalities in the changed feature values of the metadata of copies.
Abnormal copies are further compared to determine file size changes, entropy values, and similarities.
The Machine Learning (ML) model is used to determine whether file changes are caused by ransomware encryption, flagging them accordingly.

Intelligent threat detection

The intelligent clustering algorithm prevents brute force cracking. The CDE can detect 100 layers of compression nesting.

Intelligent threat handling

Network security collaboration restores ransomware attack paths based on threat events, delivers linkage policies, automatically isolates lost hosts, and handles threats in minutes.

Products

OceanProtect Backup Storage

OceanProtect Backup Storage

Offering superb performance,efficient reduction. Stability, and reliability, to help users implement efficient data backup and reduce TCO

Huawei HiSec Insight Security Situation Awareness System

Huawei HiSec Insight Security Situation Awareness System

Built on Huawei's mature commercial big data platform — FusionInsight — HiSec Insight (formerly CIS) performs multi-dimensional correlation analysis of massive data based on an Artificial Intelligence (AI) detection algorithm. It proactively detects a wide range of security threat events in real-time, tracing the attack behavior of the entire Advanced Persistent Threat (APT) attack chain. The system also collects and stores multiple types of network information, helping users detect threats, conduct forensics, and ultimately eliminate threats.

Data center management

Data center management

For intelligent and unified management of data center storage, Huawei provides a data management engine (DME) platform. Through a unified management interface and open northbound and southbound APIs, Huawei centrally manages Huawei storage, third-party storage, switches, and hosts, and implements resource provisioning, O&M, protection, and future mobility.

OceanStor Dorado All-flash storage

OceanStor Dorado All-flash storage

Providing high performance of up to 21,000,000 SPC-1 IOPSTM, six-nines reliability(99.9999%), and intelligent acceleration for critical services.

 OceanStor Scale-Out Storage

OceanStor Scale-Out Storage

The Huawei OceanStor distributed storage series helps enterprises unlock the value of massive data, offering diversified storage for applications such as virtualization and cloud resource pools, big data analytics, High Performance Computing (HPC), video, content repository, backup, and archiving.

HiSecEngine USG6600E Series AI Firewall

HiSecEngine USG6600E Series AI Firewall

Next-generation firewalls designed for medium- and large-sized enterprises, institutions, and next-generation data centers, they provide NGFW capabilities and collaborate with other security devices to proactively defend against network threats and resolve performance deterioration problems.

FireHunter6000 Series Sandbox

FireHunter6000 Series Sandbox

Using virus-based and reputation-based scanning, static analysis, and virtual execution technologies as well as Huawei’s unique behavior pattern library, the FireHunter6000 series is capable of detecting unknown malicious files and providing accurate detection reports accordingly. It interworks with other security devices to quickly block advanced malicious files, preventing unknown threats from spreading and protecting core information assets for enterprises. The FireHunter is especially applicable to finance and government agencies, energy providers, and high-tech enterprises.

TOP