Hillstone CloudHive Micros-segmentation Solution


Hillstone CloudHive offers the following advantages:


Achieve Unparalleled Live Traffic Visibility

All virtual machines’ access points can be monitored to provide visibility of traffic, applications and threats related to this VM, which is the cornerstone for enabling East-West traffic control and protection. VM topology, traffic insight, application identification, as well as comprehensive log features allow Cloud Service Providers (CSPs) to meet compliance and security audit requirements.



Reduce Attack Surface to Nearly Zero

Each CloudHive Virtual Security Service Module (vSSM) is deployed on a physical server, enabling micro-segmentation for inter-VM communication. East-West traffic is secured with L2-L7 security services, including firewall features such as policy control and session limits, advanced security features such as Intrusion Prevention System (IPS) and Attack Defense (AD), as well as fine-grained application control. Real-time mitigation also blocks, impedes or quarantines active attacks.



Effortlessly Scale Security through Active Orchestration

On-demand security services can be applied to any and all new workloads and VMs through the scalability of vSSM. The deployment of vSCM enables unified security policy configuration for each VM. CloudHive supports vMotion to ensure security services persist in the event the VM moves, existing VM flows will not be interrupted by vMotion.


Improve Efficiency While Reducing Costs

CloudHive Layer 2 deployment does not impact existing network topology. It minimizes deployment and configuration overhead, without business impact or network interruption. In addition, the ease of management advantage of a single appliance reduces operational errors and improves overall efficiency. Total cost of ownership is also reduced as CloudHive security services do not need any upgrade or expansion of the current cloud management platforms.