As an industry-leading integrated security management center, H3C SecCenter provides unified management for various network and security products and over 1000 types of reports on network security status and regulatory compliance.
H3C SecCenter adopts advanced in-depth probing and analysis technologies and integrates security event collection, analysis, and response to combine the network with security devices, explicitly show the network security status, respond quickly to security events, and facilitate network fault locating, thus relieving the IT and security administrator from heavy management workload and greatly improving the work efficiency. In this case, the customer can focus on the core business.
Figure 1 IPS Manager Intrusion protection event snapshoot
Figure 2 Firewall Top 10 attack event screen
Figure 3 UTM Virus protection event snapshoot
Figure 4 iTAS traffic analysis by application
H3C SecCenter Management Center is a one box solution for managing the security devices on a network. It includes the function modules: IPS Manager, UTM Manager, Firewall Manager and intelligent Traffic Analysis System (iTAS). All modules can also be purchased separately and run independently on any servers running Windows operating systems.
IPS Manager allows central management of H3C IPS devices. It can be used to implement real-time monitoring and analysis of security events, catch event snapshot, query event details, update the intrusion signature library over all IPS devices, and to provide rich security reports.
UTM Manager allows management and control of all H3C UTM devices in the network. It features great scalability, visualized real-time event monitoring, comprehensive security event analysis (such as attack and virus event analysis), controlling and auditing based on applications and services, and rich report function. The UTM manager enables customers to learn and control the network security status at any time. Together with UTM devices, the UTM Manager provides you with visual, all-around, powerful network security protection.
Firewall Manager supports centralized management and real-time monitoring of firewall devices throughout the network, implements collection and comprehensive analysis of attack event information, enables log auditing and visualization, detailed reports. From the all-around reports, you can see the history security status as well as the security trends of the network easily.
iTAS provides a reliable and easy-to-use network traffic analysis solution. iTAS helps track the bandwidth usage, and resource consumption of each network application by collecting the traffic information from the routers and switches in sFlow, NetFlow or NetStream format. Moreover, rich traffic analysis report are provided to help identify the network bottlenecks and make correct impersonal decision on network planning, monitoring, optimization and troubleshooting. iTAS is also useful to detect the abnormal traffic, Denial of Service attack and worms.
The following contents are relatively complicated, please use PC for browsing.
Pls enter c.h3c.com.cn in the PC browser and follow the instruction from the page, you will continue to sync to PC.
Continue mobile phone browsing.
H3C SecCenter can manage network devices, such as routers, switches, firewalls, UTMs, IPSs and servers, to achieve centralized management of network resources, guarantee the safe running of the entire network and detect in time faults and performance bottlenecks of the network and system hosts.
H3C SecCenter can complete automatic device detection and topology arrangement according to users’ preset conditions. It supports user-defined views so that users can draw customized network topology clearly and flexibly according to their organizational structure, geographic locations and even building conditions. The customized topology greatly helps users view key devices on the entire network.
H3C SecCenter monitors security events on the network in real time. It generates a complete event snapshot after collecting and displaying various types of attack, virus and worm events in a centralized manner. The event snapshot lists the statuses of security events that occurred in the last one hour.
H3C SecCenter can measure and analyze in a centralized manner the security events on the network, provide various types of visual and detailed reports. In panoramic analysis reports, users can view the history security conditions and future security trends of the entire network.
H3C SecCenter provides powerful auditing capacity and can get quickly correlative security event information from history data. By querying data in depth, users can analyze specific security events and trace them, thus discovering attack sources and root causes. With such in-depth query capacity, H3C SecCenter can solve many types of user problems.
H3C SecCenter provides network traffic analysis and exception detection to help administrators find in time network bottlenecks and precisely determine abnormal services, effectively prevent such activities as mass bandwidth consumption and guarantee network availability.
By clicking a device on the device list, users can directly access the Web management interface for the corresponding device. No username or password is required in this way and single-point login is achieved. Users can configure and maintain multiple devices at one time.
H3C follows the development trends of network technologies, security technologies and network attacks and defending, and regularly updates and releases feature upgrade package. It offers full-inclusive and timely feature libraries, including protocol feature library, IPS feature library, AV feature library and so on. H3C SecCenter can automatically detect the feature libraries and current application status on devices, and help users get information about feature library update any time.
Events Monitoring(Snapshot of Events)
The event snapshot presents the attack protection information in the last hour, including the time, total number of events, blocked event count, source addresses and destination addresses, as well as event types. Besides, it provides the Top N list of attack events, attack destination IP addresses and ports, attack sources, and attack protocols, helping you track the latest security status of the network in an intuitive way.
The recent event list presents the attack events that occurred in the last hour, including the device IP address, the event’s time, source IP address, destination IP address, event description, protocol, source port, and destination port. It also supports event query by different filters.
The firewall management component also allows you to view the attack event information of every firewall device.
Comprehensive Events Analysis
Comprehensive analysis of attack events, including:
Attack event trend analysis during a day, week, month, and a customized period
Top N statistics reports by event, destination IP address, source IP address, destination port, and protocol. You can export the reports.
You can specify the report export period, filter, template, and notification mode to define a report export task. Then, the system will automatically export reports according to your configuration.
You may specify to send a generated report file to an Email box or download the report file from the system.
This module supports auditing abnormal traffic logs, blacklist logs, operation logs, NAT logs, and other logs.
The auditing function supports powerful searching of security events from several month history data.
Query filtering conditions include: time period, event type, target address, source address, event name or description, level, and so on.
This module supports receiving NAT logs from firewall. Each log records the source IP/port and destination IP/port before and after network address translation, as well as the NAT session start time and end time, and lists all details.
This module supports changing FW configuration by Web management UI and deploying security policy. Administrators can centrally manage FW devices.
This module supports setting up different user permissions to control the different functional modules.
Software Version Management
This module supports centrally managing device software including software deployment and backup.
The device software list shows device module, current software version and the last available version.
It supports backing up and restoring software version file by making a customized task.
This module supports managing the configuration file of a device, setting base line version, managing online version and start version, and adding draft files.
It supports auditing device configuration changes, and rapidly comparing the difference of configuration.
It supports backing up and restoring configuration file by making a customized task.
Intel P4 2.0 CPU or equivalent
Window 2003 Server or Window XP with the up-to-date patches
IE 6.0 or above
We recommend you to purchase computers according to this configuration.