Hillstone Networks cloud security product for virtual machines

Hillstone Networks has unveiled CloudHive, a cloud security solution that leverages micro-segmentation to protect networks beyond the perimeter down to every virtual machine in cloud deployments. 

Hillstone CloudHive provides visibility and protection to all virtual machines, as well as East-West traffic. CloudHive reduces risk and operational costs, and enables secure cloud services at scale.  

Hillstone’s CloudHive provides comprehensive protection that addresses today’s gaps left by perimeter security in virtual and cloud environments. Today’s data center needs a solution that protects the business from lateral attacks from within. Hillstone’s solution does just that; by leveraging micro-segmentation, it secures every virtual machine with Layer 2 to L7 security.

Live Traffic Visibility

All virtual machine access points can be monitored to provide visibility and control of traffic, applications and attacks inter-VM; which is the cornerstone for enabling East-West traffic control and protection. VM topology, traffic insight, application identification, as well as comprehensive log features allow Cloud Service Providers (CSPs) to meet compliance and security audit requirements.

Each CloudHive Virtual Security Service Module (vSSM) is deployed on a physical server, enabling micro-segmentation for inter-VM communication. East-West traffic is secured with L2-L7 security services, including firewall features such as policy control and session limits; advanced security features such as Intrusion Prevention System (IPS) and Attack Defense (AD); as well as fine-grained application control. Real-time mitigation also blocks, impedes or quarantines active attacks. 

On-demand security services can be applied to any and all new workloads and VMs through the scalability of vSSM. The deployment of vSOM enables unified security policy configuration for each VM. CloudHive supports vMotion to ensure security services persist in the event the VM moves.

CloudHive Layer 2 deployment does not impact existing network topology. It minimizes deployment and configuration overhead, without business impact or network interruption. In addition, the ease of management advantage of a single appliance reduces operational errors and improves overall efficiency.

Total cost of ownership is also reduced as CloudHive security services do not need to update to VMware’s NSX.“Security in the cloud remains a key concern for organizations and is a major reason some applications and workloads have not yet moved to the cloud,” said Tim Liu, CTO and founder, Hillstone Networks. “With Hillstone’s CloudHive technology, organizations can now fully realize secure cloud services at scale through full visibility, control, and security across networks, down to the virtual machines.”