Huawei NIP6000 Next Generation Intrution Prevention System

Huawei’s NIP6000 series is an advanced intrusion prevention system designed to provide application and service security for enterprises, IDCs, campus networks, and carriers.

The NIP6000 series utilizes context, application, and content awareness to defend against unknown threats by implementing accurate detection and optimized management. For customers, application and security measures ensure comprehensive protection of valuable network infrastructures, servers, clients, and bandwidth performance.

NIP6000 IPS Cisco Check Point Sourcefire

Product Highlights

New hardware and software architecture, providing industryleading performance

Multi-level detection for comprehensive protection

Dynamic context awareness for intelligent policy tuning and hierarchical log management

Interworking with the sandbox and reputation systems for threat detection

Fast signature update for prompt vulnerability protection

Deployment Scenarios

IPS deployment scenarios

Internet access point

  • Limits undesired P2P and video traffic and ensures the bandwidth for proper services.
  • Prevents IM, online gaming, and stock exchange applications to avoid network abuse.
  • Prevents online storage, Web mail, and IM applications to avoid disclosure of internal documents or confidential information.
  • Protects internal hosts and browsers against threats to avoid data loss, data damage, or turning the hosts into zombies
  • Offline Monitor (IDS mode)

  • Meets the requirement of policy compliance.
  • Meet the governmental mandatory standards in classified protection of information system and secret-involved networks.
  • Helps to maintain the network by providing key information for intrusion detection or faults caused by other anomalies.
  • Helps enterprises to pass standard authentications, which are necessary for company listing or investment promotion.
  • In front of servers

  • Prevents worms and exploits targeting at service and platform vulnerabilities to avoid possible damage, tampering, data loss, or turning the servers into zombies.
  • Prevents server faults caused by DoS or DDoS attacks.
  • Prevents emerging attacks, such as SQL injection, cross-site scripting, scanning, password guessing, and sniffing, targeting at Web applications.
  • Provides IDC value-added services.
  • WAN Border

  • Implements network logical isolation.
  • Prevents the spread of worms and Trojan horses from external networks.
  • Monitors violations on internal networks.
  • Detects and prevents malicious behaviors, such as sniffing and reconnaissance, from external networks.
  •  

    Product Specification

    Specifications

    NIP6330

    NIP6610

    NIP6620

    NIP6650

    NIP6680

    Fixed Ports

    8 GE + 4 SFP

    4 GE + 2 Combo

    8 GE + 4 SFP

    8 GE + 4 SFP

    4 x 10 GE + 16 GE + 8 SFP

    Intrusion Prevention
    • Defends against common attacks, such as worms, Trojan horses, botnets, cross-site scripting, and SQL injection, based on the signature database, and provides user-defined signatures to defend against new attacks.
    Intelligent Management
    • Detects the types, operating systems, and enabled services of protected IT assets; dynamically generates suitable intrusion prevention policies for the IT environment. 
    • Evaluates the risk level of attack events based on the IT environment so that administrators can process critical attack events and ignore false positive attacks.
    APT Detection
    • Detects APT attacks based on reputation systems and the sandbox. The NIP6300/6600 sends suspect files to the sandbox for detection and then displays attack events based on the sandbox detection results.
    • Supports IP and C&C reputation to detect and prevent malicious IP addresses and domain names.
    Application Security
    • Automatically learns traffic patterns and defends against multiple types of DDoS attacks at the application layer, including HTTP, HTTPS, DNS, and SIP flood attacks.
    • Scans for viruses in files transmitted through HTTP, FTP, SMTP, POP3, IMAP, NFS, and SMB to prevent virus-infected files from being transmitted.
    • Identifies more than 6,000 applications, including P2P, IM, online gaming, social networking, video, and audio applications; takes action (block, traffic limiting, application usage display) based on the identified applications.
    Web Security
    • Decrypts HTTPS traffic and detects threats.
    • Provides a URL blacklist to control online behavior.
    Network Security
    • Detects threats in VLAN, QinQ, MPLS, GRE, IPv4 over IPv6, and IPv6 over IPv4 tunnel traffic.
    • Defends against multiple types of single-packet attacks
    • Blacklists the source or destination IP addresses of attacks to block the follow-up packets from or to the blacklisted IP addresses.
    High Availability
    • Supports hot backup protocols, such as VRRP, VGMP, and HRP; provides a hot standby mechanism to ensure that services can automatically and smoothly switch to the standby device if the active device fails.
    Signature Database Update
    •  Supports online and offline updates of the IPS-SDB, SA_SDB, and antivirus SDB for the device to have the latest defense capabilities

     

    Huawei Next Generation IPS NIP6000

     New hardware and software architecture provides industry leading performance.
    Identifies security risks to both static assets and dynamic traffic.

    Automatically adjusts service policies with zero-configuration service provisioning reduces TCO by 30 percent.

    Smart rating of threat logs filters out over 85 percent of invalid logs.

    Competitive products includes Cisco IPS4345, 4360, 4510, 4520, Check Point IPS-1,Sourcefire Next-Generation IPS Snort 3D7000 Series 3D8000 Series IPSx Series Sourcefire Defense Center,3COM Tippingpoint IDS, IBM ISS Proventia GX4004 IPS,GX5008 IPS,  GX5108 IPS, GX5208 IPS, GX6116 IPS, CrossBeam IPS,GX3002 IPS, GX4002 IPS, McAfee M-8000, M-6050, M-4050,M-3050, M-2950, M-2850, M-2750, M1450, M-1250, Stonesoft StoneGate IPS 6105 StoneGate IPS 3205 StoneGate IPS 3201 StoneGate IPS 1205 StoneGate IPS 1060 StoneGate IPS 1030, Juniper IDP75 IDP250 IDP800 IDP8200, NitroSecurity NitroGuard IPS1000, IPS2000, IPS4000, IPS5000