National Research and Education Network
Education Cloud Data Center
Design & Simulation
Planning & Analytics
Enterprise Data Center
Server - Intelligent Computing
Enterprise Cloud Communications
Network Management System
Nine Steps to Response to the Pandemic Using Technology
Tackling the Emergency Together
Ubiquitous Connectivity Makes Digital Transformation Possible
Economical and Powerful AI Computing
Horizon Digital Platform
Connecting the Physical and Digital Worlds to Help Customers Achieve Successful Digital Transformation
253 Fortune Global 500 Companies Choose Huawei as Digital Transformation Partner
Secure And Resilient Solutions
Buy from Huawei
If you want to get more information about your project, you can submit your information and we will contact you as soon as possible.
If your company has signed an eDeal contract with Huawei, please buy your required product/solution via the link below.
Buy from resellers
Search for a nearby reseller and get direct contact information.
Become a Partner
Resources and Support
Huawei Authorized Learning Partner
Huawei ICT Academy
Huawei ICT Competition
Enterprise Training Service
Built on Huawei's mature commercial big data platform — FusionInsight — HiSec Insight (formerly CIS) performs multi-dimensional correlation analysis of massive data based on an Artificial Intelligence (AI) detection algorithm. It proactively detects a wide range of security threat events in real-time, tracing the attack behavior of the entire Advanced Persistent Threat (APT) attack chain. The system also collects and stores multiple types of network information, helping users detect threats, conduct forensics, and ultimately eliminate threats.
Huawei HiSec Insight is designed for threat detection, threat blocking, forensics, source tracing, and threat response and handling, enabling full-process, closed-loop threat handling.
Self-evolving AI-powered threat detection engine accurately detects more than 95% of threats.
Threat knowledge graph-based inference analysis and visualized policy orchestration slash Operating Expenditure (OPEX) by 30%.
Open digital security base enables rapid application development.
|Product Model||HiSec Insight|
|Functions and Features|
|Big Data Platform||Supports the Hadoop commercial platform and encrypts HBase and Hive data based on customer requirements.|
|Traffic Collection||Parses common protocols such as TLS, ICMP, HTTP, mail protocol, DNS, FTP, NFS, and SMB, restores files, and captures packets based on rules.|
|Log Collection||Collects syslogs from third-party systems and security devices, and NetFlow logs from network devices and security devices.|
|C&C Anomaly Detection||Detects DGA domain names and malicious C&C flows.|
|Encrypted Communication Analytics (ECA)||Supports encrypted traffic detection without decryption, such as C&C communication detection and penetration scanning.|
|Event Correlation Analysis||Provides predefined rules for logs and allows users to define correlation rules and sub-rules.|
|Traffic Baseline Anomaly Detection||Allows users to configure traffic control rules and supports vertical and horizontal scanning.|
|Traffic Anomaly Detection||Detects unauthorized access, threshold-exceeding traffic rates, and threshold-exceeding access frequency.|
|Mail Anomaly Detection||Analyzes mail sending servers, senders, and recipients, allows users to define the mail whitelist and blacklist, and detects mail attachments.|
|Covert Channel Detection||Performs Ping Tunnel, DNS Tunnel, and file anti-evasion detection.|
|Web Application Attack Detection||Detects attacks on web applications.|
|Asset Risk Management||Allows users to add assets, divide asset groups, and query the asset risk list.|
|Security Policy Control Service||Obtains environment information from the environment awareness service, comprehensively determines risks together with other risk information, and dynamically delivers instructions to the trusted proxy control service based on the decision result.|
|Security Collaboration||Collaborates with security devices, network devices, and EDRs to handle threats.|
|SOAR||Orchestrates the manual threat handling actions through the predefined or user-defined playbook to implement automatic investigation and evidence collection as well as attack containment, effectively improving event handling and O&M efficiency.|
|Reputation Management||Supports local IP reputation query, DNS reputation generation, and file reputation query.|
|Attack Path Visualization||Displays attack transmission paths, including attacks from the Internet to the intranet, transmission within the intranet, and C&C connections from the intranet to the Internet.|
|Network-Wide Threat Situation||Displays the comprehensive situation, intranet threat situation, website security situation, asset security situation, vulnerability situation, and threat event situation.|
Share link to：