Hillstone CloudEdge provides advanced security services across Layer 2-7, in addition to core firewall features to public and private cloud users. It can be deployed via Cloud Management Platforms (CMPs) as a “Firewall as a Service” for a multi-tenant solution in the virtual environment. CloudEdge shares a base technology as the “NSS Labs Recommended” Hillstone Next Generation Firewall NGFW and provides the same robust set of security features offered for physical environments. Security administrators can rapidly provision and deploy CloudEdge at scale, and instantly start protecting virtual deployments. CloudEdge identifies and prevents potential threats associated with high-risk applications while providing policy-based control over applications, users, and user groups. Policies can be defined that guarantee bandwidth to mission-critical applications while restricting or blocking inappropriate or malicious applications. Policy based routing and bandwidth management can also be created for users/groups based on time of day and application attributes.
CloudEdge provides independent management as well as remote security access for each tenant, in multi-tenanted virtual and cloud environments. CloudEdge supports major hypervisor technologies including KVM, Xen, Hyper-V, VMware ESXi etc. It is also tightly integrated with and supports CMPs such as Amazon Web Service (AWS), Microsoft Azure, AliCloud, Openstack and VMware vCenter.
Leverages Hillstone NGFW Technology
CloudEdge delivers the same robust features and benefits of the Hillstone NGFW into virtualized and cloud deployments. It can provide comprehensive security features including granular application identification and control, intrusion prevention, anti-virus, attack defense, etc.
Enables Access Control for VPCs
Virtual Private Clouds provide logical security perimeters to protect virtual data centers. CloudEdge is deployed at the VPC entry to provide independent management, control and protection for each tenant.
Secures Data Transmission via VPN
The CloudEdge VPN feature protects data transmission between VPCs, VPCs to their associated enterprise networks or VPCs on different cloud platforms.
Easily Deployed and Managed
CloudEdge can be easily changed or instantiated from templates to address the highly dynamic change operations of virtual machines and virtual environments. Fully integrated with CMPs, administrators can launch, stop and configure firewall policies from the CMP itself; administrators can also configure CloudEdge directly via SecureShell (SSH).
Provides Multi-tenant Support
Tenant-specific configurations and security policies are supported for maximum control and protection.