Hillstone Networks’ proven Infrastructure Protection solutions provide enterprises and service providers with the visibility and intelligence to comprehensively see, thoroughly understand, and rapidly act against multilayer, multistage cyberthreats.

  • Manage security risks within enterprises with complete user, application, and device visibility to see everything regardless of location. Intelligent analytics understand what’s really going on and differentiate good from bad traffic. Real-time, high-performance controls to act and mitigate risks from attack and breaches.
  • An integrated platform that ties together internal observations and alerts with external threat intelligence to create a holistic and comprehensive view of an organization’s evolving attack surface and security posture, enabling deeper insight and increased ability to spot hard-to-locate and sophisticated multilayer, multistage attacks.
  • Meet increasing security and compliance mandates by delivering solutions that serve any location, protect any platform, and any application hosted anywhere.
  • Comprehensive solution suites, augmented with AI/ML and threat feeds, that can deploy and scale access controls and visibility into today’s dynamic datacenters, applications, clouds, and mobility architectures while improving total-cost-of-ownership.

Security for Network
Function Virtualization (NFV)

Hillstone CloudEdge NFV Solution

High-Performance, Elastic and Highly Compatible

Hillstone CloudEdge for NFV accommodates virtualized environments with a high-performance, elastic and highly compatible security solution. Easily adapting to a wide variety of NFV environments, CloudEdge provides advanced next-gen firewall services for virtual networks and applications that can be automatically deployed and configured, and scale as needed.

Requirements for NFV and VNFs

Most organizations have adopted some form of virtualization to accommodate dynamic applications and business operations. However, this option typically virtualizes only compute, storage and switching resources – not the devices that run at Layers 3 to 7. In a Network Functions Virtualization architecture, all network functions, like firewalls, routers and load balancers, are virtualized as Virtual Network Functions, or VNFs.

The key functional requirements of a VNF are self-service and self-configuration, to allow automatic deployment and configuration by customers or tenants; support for multiple cloud platforms that span hybrid and heterogeneous clouds; scalability and elasticity to support dynamic workloads and applications; and Management and Orchestration (MANO), to support the daily operations of a cloud administrator as well as service chaining and upgrades.

CloudEdge for NFV

Hillstone CloudEdge offers the advanced security and flexibility required by highly dynamic business applications and operations in an NFV environment. It provides the compatibility, elasticity, high performance, and open API that are all crucial in an NFV solution.

Hillstone Key Features

Highly Compatible

CloudEdge is compatible with a wide variety of NFV environments, from major hypervisors like ESXi, Hyper-V and Xen, to platforms such as VMware, ZTE, OpenStack and Huawei, to public clouds including AWS, Azure, Ali Cloud and more.

Automatic Deployment and Initial Configuration

Hillstone provides VNF images in multiple formats to meet the requirements of various NFV architectures. Virtual resources are pre-configured via embedded agents to streamline deployment.

Automatic License Management

To ensure VNF modules can closely follow user requirements to start, adjust, or shut down, Hillstone offers a License Management System (LMS) for VNF deployments. With the help of LMS, licenses are automatically assigned or recycled whenever a VNF module starts, adjusts, or terminates to help ensure that network services scale along with customer requirements.

Elasticity and High Performance

Hillstone VNF can automatically adjust virtual resources, like vCPU and memory, as needed. Without re-deploying the VNF module, new resources can be assigned and a new license with higher capacity loaded via the LMS. When increasing virtual resources can no longer increase VNF performance to the level needed, a VNF can enable the support of SR-IOV and further improve the interface throughput to nearly line rate.


As part of self-management, a VNF must provide a northbound interface to upper-level management software that allows users to manage their services via a single portal. Hillstone CloudEdge VNF includes a REST API, a popular interface standard supported by major management platforms like AWS, Azure and OpenStack. CloudEdge also offers three NFV orchestration solutions for integration with other MANO structures.

Comprehensive Server Protection with Unparalleled Visibility and Efficacy

Artificial intelligence is used to apply advanced analysis and logic-based techniques, including machine learning, to interpret events, support and automate decision making and help admins take sound and effective action to respond to threats and attacks. Hillstone’s AI-driven security solution offers a powerful suite of tools to help detect and prevent both known and unknown cyberattacks.

Why AI-Driven Security is a Must


Digital transformation has led to information and data increasing at explosive rates, and as a result, data and network security can no longer be performed with traditional threat detection and prevention techniques, whether manual or automated.

In addition, today’s Advanced Persistent Threat (APT) attacks usually involve a targeted, sophisticated and multi-stage process, known as the cyberattack kill chain. A typical APT involves multiple phases using different behavior and the attack tools, which are constantly modified to avoid static or signature-based detection.

Because of all these dynamics, security and IT teams are turning to AI and ML technologies to address threat defense battles that otherwise would be impossible by human or manual processes alone.

How Hillstone’s AI-Driven Security Works

Hillstone’s AI and ML technologies work effectively across the entire attack detection, analysis and response phases. These techniques monitor behaviors along the attack path, then build models for standard profiles or baselines of behavior for users and other entities. Anomalous activity is flagged as suspicious, and security admins are alerted for further analysis. The AI engines also automatically ingest other forensic information from sources, such as threat intelligence and reputation, to reduce noise and enhance accuracy.

Traffic analysis is another area where Hillstone’s AI-driven security shines. Given that the volume of network traffic is massive, it is impossible for a human alone to conduct real-time monitoring and analytics. AI or ML-based techniques can help establish normal traffic baselines, with comprehensive visibility, and abnormal or suspicious behavior can be identified, analyzed, and alerted.


AI or ML-based data modeling for malware detection provides superior protection even against zero-day exploits. Hillstone’s AI-driven security learns the characteristics of malware families and models them to detect both known and mutated threats, and presents the data to admins with enriched forensic information.

SOAR (Security Orchestration, Automation and Response) in the Security Operation Platform, or SOP, is another important function of AI-driven security. With AI and ML, many routine and repetitive tasks can be defined and built into playbooks. The playbooks then can be initiated when a given event or data access occurs, relieving SOC staff and others from lower-level tasks.

Available on Hillstone Solution

The I-Series Server Breach Detection System (sBDS) incorporates AI techniques to provide post-breach detection for critical servers. Hillstone’s AI-driven security solution delivers a powerful suite of tools to accurately, efficiently and flexibly help detect and prevent cyberattacks.

Hillstone Server Breach Detection System (sBDS)

Hillstone Server Breach Detection System (sBDS) I-Series product line detects and helps mitigate advanced multi-stage, multi-layer, threats that target critical servers and hosts. Hillstone’s breach detection solution can analyze, detect and block advanced threats targeting critical servers and hosts.