Upload
lekhanh
View
249
Download
3
Embed Size (px)
Citation preview
Huawei Remote Access Security Solution for Enterprise Networks
HUAWEI TECHNOLOGIES CO., LTD.
-Secure and Stable Platforms for Network Interconnection and Data Interaction
Huawei Remote Access Security Solution for Enterprise Networks
Hu
awei R
emo
te Access Secu
rity Solu
tion
for En
terprise N
etwo
rks Secure and Stable Platform
s for Netw
ork Interconnection and Data Interaction
1
Introduction
The Huawei VPN solution adopts tunneling and encryption technologies to build virtual private networks that are
associated to the Internet. This solution is cost-effective and features secure interconnection. Therefore, it is widely
accepted among enterprises. The Huawei VPN solution integrates a series of mature security gateways and VPN
modules, such as the VPN Client and VPN Manager, to provide advanced remote access solutions to large and medium
enterprises, operators, and financial institutions.
Figure 1-1 Networking for the solution
Huawei Remote Access Solution
Carrier
Large branches
Headquarters
PE
PE
PE
Medium branches
MPLS BGP VPN/VPLS/VLL
Provides enterprise VPN by means of carriers or
private networks (connecting vertical industries and
medium and large branches).
Provides network security isolation among different
services.
Ensures high quality enterprise services and provides
various forms of QOS.
Deploys enterprise VPN by means of the Internet
(connecting mobile users and small and medium
branches).
IPSec provides data encryption for branches.
SSL VPN provides mobile office users with access
authentication and data encryption.
xDSL / GPON
Mobile office users
Partners
R
Branches in remote area
GRE over IPSec
IPSec VPN
SSL VPN
Headquarters
Internet
AR
E200E-X
SSL VPN
3G upstream
BranchesE1000E-X
R
As a professional security solution provider, Huawei provides a comprehensive VPN solution to build secure and stable platforms for network interconnection and data interaction. The Huawei VPN solution helps enhance information capabilities and enable real-time information sharing to increase the enterprise operation efficiency.
Hu
awei R
emo
te Access Secu
rity Solu
tion
for En
terprise N
etwo
rks Secure and Stable Platform
s for Netw
ork Interconnection and Data Interaction
2
Highlights:
Comprehensive VPN Network Construction • Solutions.
− Huawei provides a complete set of VPN gateways,
from desktop gateways for small offices/home offices
(SOHOs) to large-capacity gateways for distributed
offices. The gateways have been certified by UL, CE,
FCC, and Security Specification in China, Europe,
Australia and some other countries and regions.− The Eudemon200E-X series gateways support various
access modes: E1, cE1, SA, ADSL, and 3G.− The VPN Client, professional client software, which
provides friendly GUIs and strict but flexible security
policies, is used to ensure easy and secure access to VPN
networks.− The VPN Manager, which provides friendly GUIs and
powerful deployment and management functions, is
used to ensure unified deployment and management
and reduce deployment and maintenance costs.
Rich Functions to Satisfy Various Networking • Requirements
− Provides various IP VPN access modes such as L2TP,
IPSec, GRE, MPLS and SSL.− Supports multiple encryption algorithms such as DES,
3DES, and AES.− Integrates IPSec VPN with MPLS VPN to provide
flexible and secure networks.− Provides simple SSL VPN access. By means of APs,
a user can use a standard Web browser to access the
enterprise's intranet. Provides end-to-end hierarchical
protection such as powerful authentication, fine-grained
access control to the intranet resources, and encryption
algorithms like DES, 3DES and AES.− Virtualizes a physical gateway into multiple logical
ones that have the same functions of the physical
gateway and support private network address overlap
and preserve independent VPN routes and forwarding
entries to ensure service security isolation.
Ef fec t i ve SSL VPN Authent i cat ion to • Guarantee Secure Access
− Supports remote access to applications in the
enterprise intranet by means of SSL VPN.− Supports the What You See Is What You Get
(WYSIWYG) function for remote access to the Web
through terminals.− Supports security access to Web servers, shared files,
and internal applications.− Supports access to all services by means of VPN
tunnels.− Supports user authentication by user name and
password.− Supports mainstream authentication methods such
as Radius, LDAP, SecurID, X.509 digital certificate and
USBKEY + digital certificate.− Provides system logs, administrator logs, and user
access logs.
Hu
awei R
emo
te Access Secu
rity Solu
tion
for En
terprise N
etwo
rks Secure and Stable Platform
s for Netw
ork Interconnection and Data Interaction
3
VPN Products
Products Quantity of L2TP Tunnels
Quantity of IPSec Tunnels
Quantity of SSL Tunnels
IPSec Encryption/Decryption Performance
SVN3000 / 500 1000 220 Mbit/s
Eudemon 200E-B 64 64 20 60 Mbit/s
Eudemon 200E-C 2000 2000 100 400 Mbit/s
Eudemon 200E-F 2000 2000 100 500 Mbit/s
Eudemon 200E-X1/X1W 64 64 20 40 Mbit/s
Eudemon 200E-X2/X2W 64 64 20 50 Mbit/s
Eudemon 200E-X3 2000 2000 100 300 Mbit/s
Eudemon 200E-X5 2000 2000 100 500 Mbit/s
Eudemon 200E-X6 2000 2000 150 1 Gbit/s
Eudemon 200E-X7 2000 2000 200 2 Gbit/s
Eudemon 1000E-U2 15000 15000 / 2 Gbit/s
Eudemon 1000E-U3 15000 15000 / 4 Gbit/s
Eudemon 1000E-U5 15000 15000 / 5 Gbit/s
Eudemon 1000E-U6 15000 15000 / 6 Gbit/s
Eudemon 1000E-X3 / 15000 500 4 Gbit/s
Eudemon 1000E-X5 / 15000 500 5 Gbit/s
Eudemon 1000E-X7 / 15000 500 7 Gbit/s
Eudemon 8080E Single board: 20000
Integrated device: 60000 40000 * 4 boards / 6.5 Gbit/s * 4 boards
Eudemon 8160E Single board: 20000
Integrated device: 60000 40000 * 8 boards / 6.5 Gbit/s * 8 boards
VPN Gateways
Eudemon EudemonSVN 3000
Eudemon8000E200E-B/C/F
200E-X1000E-U1000E-X
Hu
awei R
emo
te Access Secu
rity Solu
tion
for En
terprise N
etwo
rks Secure and Stable Platform
s for Netw
ork Interconnection and Data Interaction
4
Success Stories
Ma Anshan China Mobile Business Hall•
Jiang Su Provincial Administration of Radio, Film and Television•
IBM Wu XI Cloud Computing Center•
Data System in some Olympic Cooperative Cities•
Tianjin Nankai University•
Hu
awei R
emo
te Access Secu
rity Solu
tion
for En
terprise N
etwo
rks Secure and Stable Platform
s for Netw
ork Interconnection and Data Interaction
5