As an industry-leading integrated security management center, H3C SecCenter provides unified management for various network and security products and over 1000 types of reports on network security status and regulatory compliance.
H3C SecCenter adopts advanced in-depth probing and analysis technologies and integrates security event collection, analysis, and response to combine the network with security devices, explicitly show the network security status, respond quickly to security events, and facilitate network fault locating, thus relieving the IT and security administrator from heavy management workload and greatly improving the work efficiency. In this case, the customer can focus on the core business.
Figure 1 IPS Manager Intrusion protection event snapshoot
Figure 2 Firewall Top 10 attack event screen
Figure 3 UTM Virus protection event snapshoot
Figure 4 iTAS traffic analysis by application
H3C SecCenter Management Center is a one box solution for managing the security devices on a network. It includes the function modules: IPS Manager, UTM Manager, Firewall Manager and intelligent Traffic Analysis System (iTAS). All modules can also be purchased separately and run independently on any servers running Windows operating systems.
IPS Manager allows central management of H3C IPS devices. It can be used to implement real-time monitoring and analysis of security events, catch event snapshot, query event details, update the intrusion signature library over all IPS devices, and to provide rich security reports.
UTM Manager allows management and control of all H3C UTM devices in the network. It features great scalability, visualized real-time event monitoring, comprehensive security event analysis (such as attack and virus event analysis), controlling and auditing based on applications and services, and rich report function. The UTM manager enables customers to learn and control the network security status at any time. Together with UTM devices, the UTM Manager provides you with visual, all-around, powerful network security protection.
Firewall Manager supports centralized management and real-time monitoring of firewall devices throughout the network, implements collection and comprehensive analysis of attack event information, enables log auditing and visualization, detailed reports. From the all-around reports, you can see the history security status as well as the security trends of the network easily.
iTAS provides a reliable and easy-to-use network traffic analysis solution. iTAS helps track the bandwidth usage, and resource consumption of each network application by collecting the traffic information from the routers and switches in sFlow, NetFlow or NetStream format. Moreover, rich traffic analysis report are provided to help identify the network bottlenecks and make correct impersonal decision on network planning, monitoring, optimization and troubleshooting. iTAS is also useful to detect the abnormal traffic, Denial of Service attack and worms.
The following contents are relatively complicated, please use PC for browsing.
Pls enter c.h3c.com.cn in the PC browser and follow the instruction from the page, you will continue to sync to PC.
Continue mobile phone browsing.
H3C SecCenter can manage network devices, such as routers, switches, firewalls, UTMs, IPSs and servers, to achieve centralized management of network resources, guarantee the safe running of the entire network and detect in time faults and performance bottlenecks of the network and system hosts.
H3C SecCenter can complete automatic device detection and topology arrangement according to users’ preset conditions. It supports user-defined views so that users can draw customized network topology clearly and flexibly according to their organizational structure, geographic locations and even building conditions. The customized topology greatly helps users view key devices on the entire network.
H3C SecCenter monitors security events on the network in real time. It generates a complete event snapshot after collecting and displaying various types of attack, virus and worm events in a centralized manner. The event snapshot lists the statuses of security events that occurred in the last one hour.
H3C SecCenter can measure and analyze in a centralized manner the security events on the network, provide various types of visual and detailed reports. In panoramic analysis reports, users can view the history security conditions and future security trends of the entire network.
H3C SecCenter provides powerful auditing capacity and can get quickly correlative security event information from history data. By querying data in depth, users can analyze specific security events and trace them, thus discovering attack sources and root causes. With such in-depth query capacity, H3C SecCenter can solve many types of user problems.
H3C SecCenter provides network traffic analysis and exception detection to help administrators find in time network bottlenecks and precisely determine abnormal services, effectively prevent such activities as mass bandwidth consumption and guarantee network availability.
By clicking a device on the device list, users can directly access the Web management interface for the corresponding device. No username or password is required in this way and single-point login is achieved. Users can configure and maintain multiple devices at one time.
H3C follows the development trends of network technologies, security technologies and network attacks and defending, and regularly updates and releases feature upgrade package. It offers full-inclusive and timely feature libraries, including protocol feature library, IPS feature library, AV feature library and so on. H3C SecCenter can automatically detect the feature libraries and current application status on devices, and help users get information about feature library update any time.
Network Traffic Snapshot
The snapshot page displays traffic graphs, pie charts, and optionally top N lists. These graphs and lists can help you better understand how the network resources are used. Exporting of reports is supported.
Traffic snapshot by IP group.
Customizable page refresh rate(30 seconds, 5 minutes)
Merger of traffic list, for statistic and inquiry by the flow or the total number of packages.
Traffic statistic and segment automatic identification by segment.
Customizable service import.
Customizable service traffic report show.
Service Traffic Trends.
Service Traffic Distribution.
The upper area displays service traffic trend graphs for the upstream, downstream, and streams of both directions.
The middle area lists the service traffic summary.
The lower area lists the integral point traffic statistics.
Application & protocol identification, including P2P, VoIP, IM, Stock Software, Games, Stream Media, Web Access, FTP Download, Networks Management, and so on.
We can identify in P2P Monitor, and supply control means for Bit Torrent, eMule, eDonkey, Kugoo, Thunder,Tencent Download, PPLive Stream, and PPStream.
Service Traffic Analysis by IP Group
Traffic can be collected and analyzed by IP group
User Behavior Analysis
The website analysis function provides statistics on website visits and visitors, and displays the statistics in bar graphs and lists.
The website ranking contrast graph displays the websites with the top number of visits in a bar chart.
The website ranking list lists the number of visits to each of the top N websites and the visit percentage.
The user ranking contrast graph displays the users who pay the most number of visits to the websites in a bar chart.
The user ranking list lists the number of visits of the top N users and the visit percentage
User Behaviors Auditing
This module supports analyzing NAT logs and applications of Web, FTP, Email, instant message, QQ, SQL, and telnet, and exporting reports.
Interactive with CAMS Server. Locating user name by target IP.
Backup of auditing logs to a different place on the server or to an FTP server at a certain interval or immediately. In addition, you can import the backup logs.
This module supports collecting and reporting attack events and virus events in real time, and providing the snapshot information.
Snapshot presents the attack protection and virus protection information in the last hour, including the time, total number of events, blocked event count, source addresses and destination addresses, as well as event types. Besides, it provides the Top N lists of attack events, virus events, attack targets, attack sources, attack ports, and attack protocols, helping you track the latest security status of the network in an intuitive way.
Comprehensive Analysis and Audit
This module supports comprehensive analysis of attacks and viruses, including:
Attack/virus event trend analysis during a day, week, month, and a customized period.
Top N statistics reports by event, destination IP address, source IP address, destination/source port, and protocol. You can export the reports.
This module shows a trend graph comparing the counts of blocked attack events and the other attack events as well as a trend graph of attack events by severity level. Under the trend graphs is a list showing the detailed attack event statistics, including the number of events, number and percentage of blocked events, and number of events of each severity level
This module allows you to query attack events by event name, type, severity, source IP address, destination IP address, destination port, and protocol to view the attack event details.
This module can periodically export attack event histories and virus event histories to EXCEL files, HTML files according to your configuration. You can create export tasks, test the tasks by filter conditions, send exported files by email automatically and view exported files on schedule.
This module allows you to upgrade the signature packages of all managed devices simultaneously, and display the versions of signature packages, including IPS and AV signature packages.
This module allows you to add and delete devices, upgrade signature packages, view the detailed information of devices, and change the areas and labels of the devices.
Intel P4 2.0 CPU or equivalent
Window 2003 Server or Window XP with the up-to-date patches
IE 6.0 or above
We recommend you to purchase computers according to this configuration.