Hillstone Adds Behavioral Intelligence to Its Firewalls to Detect Breaches Earlier

Advanced behavioral analytics with rich forensics shorten the time between compromise and detection, making networks healthier and more secure

CSO50 Security Confab 2015

SUNNYVALE, Calif. & AMELIA ISLAND, Fla.--()--Hillstone Networks, a leading provider of enterprise network firewall solutions that is positioned in the Enterprise Network Firewalls Magic Quadrant released by Gartner, Inc.*, is releasing a new technology in breach detection on their Intelligent Next-Generation Firewall platform. Based on machine learning technologies such as statistical clustering and vector analysis, the new firewall platform targets breaches and detects anomalous network behavior. It allows security administrators to discover and mitigate malicious security events within minutes of an attack. The platform also includes rich forensic tools that continuously assess the state of the network and help determine the root cause of attacks. The Hillstone software provides an ongoing Network Risk Index that provides instant situational awareness, giving administrators real-time visibility into network and application integrity. Hillstone will be demonstrating the new platform at the CSO50 Security Confab in Amelia Island, Fla. February 23-25, 2015. There, the company will also be presenting on “A New Approach to Advanced Breach Detection.”

“The traditional perimeter-based approach to security is based on the assumption of a clean inside and dirty outside. This assumption is no longer valid. Furthermore, exploits leave discernible trails of behaviors inside the network through each stage of the cyber kill-chain,” said Tim Liu, CTO and Co-Founder at Hillstone Networks. “The Hillstone Networks firewall platform is a pioneer in leveraging analytics and forensics to prevent breaches, and minimize damage of intrusions that do occur.”

The Hillstone firewall solution provides the following benefits for a more holistic and proactive security platform that works hand-in-hand with your network ecosystem:

  • Advanced Behavioral Analytics shortens the time between compromise and detection. In massive data breaches, it takes time for data to be exfiltrated, as large volumes of data need to transfer over a period of time. If businesses can detect breaches within hours or days, versus weeks or months, they can significantly cut down on the overall damage incurred.
  • Hillstone leverages a proprietary statistical clustering algorithm that can quickly detect unknown malware. Instead of searching for explicit signatures, it analyzes the behavior of malware and looks for recurring combinations of actions that are strongly related to known malware. When a close match is detected, the system will send an alert and provide a complete description of the malware including packet captures. It also provides a confidence level and a severity level so that the administrator can take remedial action.
  • Continuous monitoring provides multiple opportunities to stop an attack. Today’s networks need a layered defense strategy - the use of complementary tools that catch different aspects of splintered and elusive attacks. Hackers may evade one defense mechanism, but a multiple and layered defense strategy becomes harder to penetrate.
  • Rich forensic tools provide a wealth of evidence to determine the root cause of an attack. Businesses today are not equipped with the resources to retain forensic data for post-breach analysis. Reports and logs provide an audit trail of the progression of attacks from initial compromise to the exfiltration of data. Retaining information over time so that trends can be identified and traced back is critical because detailed forensic information provides valuable information for preventing the reoccurrence of attacks, such as:
    • Geo-locations responsible for multiple attacks that should be blocked.
    • Offending websites or IP addresses that should be filtered or added to a blacklist.
    • Website categories that should have been blocked by a URL filter.
    • Risky applications that should be prohibited.
    • Application attributes, such as file sharing, that should be blocked because files can transmit viruses.
    • Abnormal traffic that should be blocked or throttled. For example, if an APT is moving files across the network at 2AM a policy can automatically block that traffic.

“The Hillstone Intelligent Next-Generation firewall platform addresses a real and timely security challenge faced by all organizations today, as hackers and malware both become increasingly sophisticated,” said Lingling Zhang, Vice President of Marketing at Hillstone Networks. “The Hillstone firewall platform is a holistic and layered threat defense that works with our customers’ security ecosystem to shorten the time between a security breach and its detection. It represents a new paradigm in threat detection and prevention.”


* Source: Gartner, Inc., "Magic Quadrant for Enterprise Network Firewalls” by Greg Young, Adam Hils, Jeremy D'Hoinne, 15 April 2014

About Hillstone Networks, Inc.

Hillstone Networks builds intelligent next-generation firewalls to protect against Advanced Persistent Threats (APT) and zero-day attacks in the cloud era. Built from the ground up for today’s virtual and cloud-based data centers, Hillstone Networks’ fully distributed, intelligent next-generation firewall platform overcomes the performance and deployment limitations of legacy firewalls, providing granular visibility and control of network traffic, based on real-time behavioral anomaly detection and advanced data analytics. Established in 2006 by NetScreen, Cisco and Juniper executives, over 5,000 customers worldwide rely on our proven high-performance, network security solutions, including Fortune 500 companies, higher education, financial institutions and service providers. Hillstone Networks is headquartered in Sunnyvale, California. For more information, visit www.hillstonenet.com.

All Hillstone Networks, Inc. news is issued exclusively by Business Wire. Hillstone and the Hillstone logo are trademarks of Hillstone Networks Inc. in the U.S. and other countries. All other brand or product names used in this public announcement may be trademarks of their respective owners.


Hillstone Networks
Jim Fulton, 650-743-0720


Hillstone Networks
Jim Fulton, 650-743-0720