TM

Hillstone Security Management Platform

HSM-500-D4 / HSM-50 / vHSM

Hillstone’s Security Manager enhances network security by allowing businesses to segment their networks into
multiple virtual domains. Domains can be based on geography, business unit or security function. It provides the
versatility needed to manage Hillstone’s infrastructure while simplifying configuration, accelerating deployment
cycles, and reducing management overhead.

Product Highlights

Multi-Domain Security
to create groups of devices for other administrators to monitor
Most companies face security challenges when their business and manage. The primary administrator can download global
spans offices located in several regions or countries. Multiple
policies, security updates, and policy updates, while local
security gateways, multiple sites requiring different security
administrators provide policies for local devices, users, and
policies and multiple administrators can quickly create a
groups. Administrator also can lock the using rules and object
complex security environment. Organizations need the tools to
manage global security policies while allowing regional admin- configuration to improve the security and reliability of device
istrators to manage devices and users in their geographic configuration.
location or business division. Hillstone’s Security Manager Corporate HQ
allows the primary administrator to segment security manage-
Service Zone
ment into multiple virtual domains. It provides the security,
HSM/vHSM
visibility, and control required by organizations while reducing
Hillstone
management costs, simplifying configuration, and accelerating NGFW/NIPS
deployment cycles.
Internet Mgt Link

Simplified Provisioning and Management VPN Link

Hillstone’s Multi-Domain Security Management simplifies the

provisioning of new devices. It allows a primary administrator

Branch A Branch B Branch C

www.hillstonenet.com
 Hillstone Security Manager

Key Features
Domain Based Management Configuration Management
• Segregate networks into multiple virtual domains based on location, • Device IP, domain name, and template registration
business unit or security function • Device software version number
• Define global security policy templates and assign them to virtual • Device configuration file comparison
domains • Configuration file backup and recovery
• Multiple global security policies may be created • Support to lock configuration file of device
• Virtual domains share global security policies and generate separate • IPS, APP, AV, URL signature upgrade configuration centralized management
policies for specific users/groups and devices • Support Firewall HA, including HA cluster management for Hillstone firewalls in
• Shared objects can be assigned and used across domains Active-Passive/Active-Active/Active-Peer modes, HA groups relationship and status
display
Role-based Administration
• Administrators assigned to specific domains and devices System management
• Hierarchical role-based management (administrator, operator, • Time zone configuration, support for daylight saving time
auditor) inherit different privileges • HSM file system automatically fix
• Multiple administrators can work on separate domains simultaneously • Configuration synchronization prompt
• HSM system password protection
Centralized Management
• Single security console manages multiple domains High Availability
• Graphical interface to view, create and manage all domains • Support HSM HA deployment, Master/Slave roles
• Create groups of devices for administrators to manage • Preemption mode
• Assign global policies to multiple management domains • Monitor/Log Synchronization
• Create role based administrators to manage polices and devices • Automatic Synchronizing and Manual Synchronizing
• Device registration supported by IP, domain name or template • Master/Slave Switchover Alarm
• Detect redundant policies, useless objects, and policy hits
• Create policy snapshots and rollback policies Distributed Deployment
• Centralized management of route, NAT and security policies • Standalone/Master/Slave modes
• Centralized management of IPS/AV/SLB/URL/iQoS policy • Register up to 16 slave devices on one master device
• Centralized management of firewall password • Memory alarm, CPU alarm, disk alarm, and slave device offline alarm display on
• AAA Server, user, role configuration management master device
• Supports virtual appliance management
Centralized Reporting
Centralized Monitoring
• More than 30 built-in report templates
• Monitor all multi-domain system components including • Customized reporting
Hillstone NGFW, NIPS and CloudEdge from a central location • Reports available in HTML and PDF format
• Monitor device availability including CPU, memory, concurrent
sessions, and traffic from each domain Alerts
• Monitor VPN topography graphs for each registered device
• Multiple types of alerts including real-time and threshold-based alerts
• View network status and VPN link alerts
• Monitor security events from each domain including IP, URLs, • Device security event alerts
applications, and threats • vHSM do not support SMS Alert
• View trends for device traffic, user traffic, application traffic
• Monitor license status for devices IPv6
• View Top 10 Threats, and Top 10 URLs accessed, last 1 hour threat
• IPv6-compliant security policy, NAT, address book configuration & management
stats, last 1 hour alarm stats
• IPv6 log collection and query
Log Management • IPv6 monitoring data collection and presentation
• Logs produced for device traffic, system resource utilization, security
events, data security, application usage and device upgrade Device Inspection
• Logs may be filtered by device
• Manual inspection, regular inspection, intelligent inspection
• Logs produced for HSM system
• Logs can be exported for historical log queries and backups • Batch inspection

Product Specification
HSM Appliance Specification
Specification HSM-500-D4 HSM-50
Log Performance 5000EPS 2500EPS
Devices Supported (Max.) 5/500 5/100
Storage Capacity 4T 2T
Fixed I/O Ports 2xGE 2xGE
RAID Levels RAID 5 RAID 0
Power Supply Single/dual 550W Single 250W
Height 1U 1U

Virtual Appliance (vHSM) Specification

Specification 15/25 15/100 15/500 15/1000
Log Performance 1000EPS 2000EPS 5000EPS 10000EPS
vCPU Requirement 4 8 18 24
Memory Requirement 4GB 16GB 32GB 64GB
Port Requirement 2 ports 2 ports 2 ports 2 ports
Hard Disk Requirement (Min.) 100GB 2T 4T 8T
Virtual Environment Requiremen Vmware Workstation/EXSi or KVM
EX-08.01-HSM4.0.0-0719-EN-01 www.hillstonenet.com