Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Viso e Misso
Huawei Symantec
O principal parceiro confivel em solues de segurana de informao e de armazenamento
Foco nas necessidades dos clientes, fornecer solues de baixo custo e trazer valor sustentvel para os clientes, acelerando a inovao tecnolgica e aplicao em segurana da informao e de armazenamento
Huawei
Symantec
Confiana num mundo conectado
Plataforma de TI
Network
...
Security ...
Secospace
SVN 3000 SSL VPN USG 2000/5100/5300 USG 9100/9300 NIP100/100 0
DPI
Server
... RH1285 RH2285 T8000 E6000 iNIC SSD
Storage
... T3000 V1500/1800 S2000 S5000 VTL3600 N8000 VIS6000
Servidores TecalTM
Value-Added Components Blade Server Rack Server
ES1000 ER1000 ES1200
Packet Capture
HW Platform
T8000
E6000
RH1280
RH1285
RH5480
RH1120
RH2280
RH2285
Technical Specifications
Computing
Oceanspace T3500 G2
Support of one or two CPUs in the modes of Intel E5500 or E5600 series 8 x DIMM slots (a maximum of 32GB)
I/O
Two GE ports are integrated on the mainboard and I/OAT is supported. Four PCI-e expansion slots One VGA port, two USB 2.0 ports, and one serial port
Availability
Hot-swappable disks Redundant and hot-swappable power supplies Standard: RAID 0/1/10
Oceanspace T3200
Management
IPMI 2.0, Web management user interface (UI)
OS
Linux (Suse, Redhat, and others), Windows, Solaris
Plataforma de TI
Network
...
Security ...
Secospace
SVN 3000 SSL VPN USG 2000/5100/5300 USG 9100/9300 NIP100/100 0
DPI
Server
... RH1285 RH2285 T8000 E6000 iNIC SSD
Storage
... T3000 V1500/1800 S2000 S5000 VTL3600 N8000 VIS6000
Solues de Armazenamento
Container Data Center CDC
Data Protection Data Protection SAN
2U ~ 96 Disks
Software
Application Application
I PACS Integrated Picture Archiving and Communication System iNVS
40ft 10 Racks
Video Surveillance
Data Protection
HDP VIS VTL
HSSD
Diamond2
50/100/200GB R250MB/W180MB
SSD
SAN
S2600 S5000 S6800E S12000
NAS
N8000
4U ~ 1080 Disks
HyperMirror
HyperImage
HyperCopy
S2600
S2600C 4 GB/8 GB One or two controllers Four 4 Gbit/s FC and Four 1 Gbit/s iSCSI
Controller Host ports Host ports per controller Number of disks Disk type
Disk options
SATA disk: 1TB/2TB (7,200 rpm) SAS disk: 300GB/450GB/600GB (15,000 rpm) 12 disks per enclosure Supported 4 64/256 64/256 64/256
Disk density Disk spin-down Number of hosts supported Standard/Maximum Value-added software
Applied for middle and large scale Enterprise Meeting the requirements of large scale database including OLTP/OLAP, HPC, digital media, internet service providers,
S5600T backup, disaster recovery, New data migration and other S5500T scenarios
Scalability
S12000
S2600 S2300
Performance
SSD/FC/SATA
SSD/SAS/SATA
SSD/FC/SAT SSD/SAS/SATA/F SSD/FC/SAT SSD/SAS/SATA/FC A C A 256 2048 1024 4096 512 4096 1024 4096 1024 4096
256 1024
256 1024
512 2048
Arquitetura S2600
iSCSI FC SAS Combo
Host port module CPU CPU Host port module
SAS controller
Controller A
Controller B
TurboModule
Real IO Module Hot Plugable With The Controller Online! Turbo Flex Frontend&Backend IO Module Number&Slots Layout! Turbo Density of 12 IO Module/48 IO Ports in One Single 4U Space!
RAID5
Destage
Falha no disco
1 Falha em disco. 3 2 O disco de hot spare 2 assume as funes do disco defeituoso. O disco sincronizado 3 e recuperado.
SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS
SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS
SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS SAS
DB cluster
Storage network
Controller A
Controller B
OceanStor S2600
DB server
Mail server
Backup server
Video server
FC SAN
iSCSI
DB server
Mail server
Video server
Backup server
ATAS ATAS ATAS ATAS ATAS ATAS ATAS ATAS ATAS ATAS ATAS ATAS
Incrementando Desempenho
Intelligent Cache Prefetch
Host
Read Read Read Read Read request 1 request 2 request 3 request 4 request 5
Controller
Cache
a b
The system recognizes the sequential data addresses and then enables the cache prefetch.
Disk
a 0x21 b 0x22 0x23 c 0x24 d 0x25 e 0x26
TurboBoostSSD Cache
Host Server
Technics: Data reading from HDD Copying hot data to SSD Reading hot data from SSD 3 SSD 1 HDD Eliminating cold data from SSD Features: High Performance with fewer SSD Low power consumption Good compatibility
SSD HDD
HDD
HDD
2
SSD Cache Boost Engine
Hot Data
Cold Data
+
1/10 Consumo de energia 1/8 custo Capacidade: 14 TB Performance: 18k IOPS Cap/Op-X: RMB 1,600,000 to 2.5 kWh
Caractersticas de TI Verde
Desvatagens de ventiladores em alta velocidade Poeria Rudo Consumo de energia Soluo: controle inteligente de ventiladores
Controller
Spin down para discos pouco acessados
Receives the temperature information from the monitoring point, and sends the speed control command.
B B B B
B B B B B B B B
A A A A A A A A
A A A A A A A A
Storage Software
HyperImage
HP MSA Series
EMC CLARiiON
HyperCopy
SAS
IBM DS series
HyperMirror
SAS SAS
HyperImage
1 2 3 4 5
HyperClone
9:30
10:30
11:30
12:30
13:30
teste
pesquisa
Backup
Archive
NAS - N8000
N8300
N8500
Unified storage
File servers Application servers Database servers
NFS/CIFS
iSCSI Block-level
FC
File-level Block-level
NAS IP SAN FC SAN
IP CIFS NFS
N8000 - Escalabilidade
Windows user Unix user
Caractersticas do N8000
Item
Num of NAS engine
N8300
2-6
N8500
4-16
Clustering mode
Active-Active
Oceanspace N8300
Cache Interface of
4/6 per NAS engine network Interface of FC Max. capacity Disk type RAID
7.68PB
SSD, SAS, FC,SATA
15PB
Oceanspace N8500
RAID 0, 1,10, 5, 6
FC
FC
FC
FC
IP
IP
IP
IP
IP
Permite a definio de polticas para movimentao de dados de acordo com a necessidade do ambiente Dados com alto nvel de acesso podem ser movimentados para discos de maior performance Dados raramente acessados podem ser movimentados para discos de maior capacidade
FC-SAN
NAS
FC IP
FC
N8000
FC FC
SSD
FC
SSD
FC
SAS
SATA
VIS 6000
OceanStor VIS6000
Host
Array
Valores do VIS
Disaster recovery
Replicao baseada em I/O Replicao: Sincrona Assncrona Cclica
Confiabilidade
Redundncia Suporta multi-path Mltiplos ns ativos em cluster
Consolidao do Storage
Gerencia Simplificada
Administrao centralizada de storage de diferentes fornecedores
dddd
Video Matrix
Generation 3:Sistema Digital de Video Vigilncia Rede IP Sinais digitalizados Compressode dados Internet Streaming Vdeo Dezenas de milhares de cameras
1 Gerao: Sistema Analgico de Video Viilncia Cabos Coaxiais Modo Analgico Centro de controle Pouca escalabilidade e gerncia 20-100 cameras
2 Gerao: Sistema de Video Vigilncia "Analogico + Digital Cabos Coaxiais Modo Analgico Digitalizados Armazenados atravs do centro de controle ou de DVR 100-200 cameras
4 Gerao: Digital Sistema Inteligente de Video Vigilncia Imagens de Alta Definio Anlise inteligente de comportamento e busca Diversos mtodos de acesso Centenas de milhares de cameras
2007 2010
2011 futuro
PTZ Camera
Swit ch Rede IP
Decodifica dor
Monitor
Camera Fixa
Gerencia
Super resoluo
O processamento de imagens n claro Vrios rudos durante a transmisso das imagens
Deteco de eventos
Detecta pessoas suspeitas ou veculos em certas regies. Automatica e inteligentemente analisa os relatrios de eventos suspeitos
A arquitetura aberta e compatibilidade com software de terceiros permite o desenvolvimento de poderosas funes.
Datacenter Convencional
Energia
Sala de Monitorao
Ar condicionado Racks
Energia
Container padro de 40 ps 10 racks 42U Capacidade de resfriamento ar condicionados de preciso: 62.5 kW (4+1)
CRAC
Top view
Air conditioner #1
Management server cabinet #1 0.85 m 0.6 m Power distribution cabinet Lightning protection box PUE of container data center < 1.5
Sistema de Combate a Incndio (HFC 227ea) Sensores de temperatura, umidade e fumaa Sistema de monitorao do ambiente com cameras de vdeo Contrle de acesso Sistema de monitorao local ou remota Robustez
Descargas eltricas Vento Fogo Chuva Terremoto Salinidade Bolor
Plataforma de TI
Security ...
Secospace
SVN 3000 SSL VPN USG 2000/5100/5300 USG 9100/9300 NIP100/100 0
DPI
Server
Service
SIG9810 SIG9820
IDS
NIP200/1000
WAF
Anti-DDoS Solution
USG5000ADD/ADI USG9300 ATIC
~ 20G
~ 60G
~ 40G
200M-1G
1-2G
10-80G
Mgmt Center
UTM
USG5100/5300/5500 USG9300
SSL VPN
SVN 3000/5000
160K-1500KPPS
<1G
1G-20G
10G-160G
Security Management
VSM
unified management
Border device
Intrusion Information disclosure Chatting/Downloading/Surfing Account embezzlement Mail virus
User terminal
Online behavior management
Internal threats
USG9320 USG9310
Medium-sized enterprises
Ranging from desktop devices to high-end Gigabit to fully protect your networks
Proteo de Terminais
Solving the security problems most concerned by CIO Network access control, internal employees' behavior management, document security management
Access control
Log audit
Untrusted
DMZ
SA Pre-authentication domain SA VPN Gateway SC SM Core network SACG
Enterprise intranet
Third-party domain management server Third-party anti-virus server
Local Local SA
Trusted
SA: security agent SM: security manager SC: security controller SACG: secure access control gateway
repair
Isolating and repairing Providing audit results of untrusted users behavior monitoring Preventing Authorizing users' access unauthorized users range
Asset Management
Uniformly managing enterprise assets, knowing the asset lifecycle, preventing asset loss, and improving management efficiency
Automatically collecting asset software and hardware information Bundling user's asset information and specifying the owner of assets Automatically tracking the modified assets and providing alarms by short messages when the asset is modified, which effectively prevents asset loss Managing the asset lifecycle, such as reminding users that the retirement time is due or the product is beyond the warranty period Take statistics of asset information by providing diversified asset statistics forms and asset modification form
Performing asset management Triggering the automatic collection of assets
Administrator
Terminal users
Page 57
ID authentication failure
DSM server
Unable to download authority information
External users
Di str ib 1 2 4 uti ng 3. Information distribution inf Through Internet or or attachments of emails m Through FTP download ati other devices on to th 3 e ou DSM client DSM client 4. Information access tsi Receiving users de 1. Information protection authentication Temporarily acquiring Encrypting documents the key and authority Uploading document Being authorized to authority information perform offline operations
and cache the key
manage all logs in a unified manner and achieve highly reliable storage for massive logs. query log by keyword based on regular expressions. can collect logs of various security devices, network devices, hosts (Windows, Linux, and Unix), databases (Oracle, DB2, Informix, Sybase, and SQL Server), and Web servers (IIS, and Apache). provide the function of detailed analysis of the logs for the Eudemon/USG firewalls. It allows users to query logs accurately by log type.
Secospace eLog
Syslog Session log OPSec SNMP Trap DB log Text log Audit log Event log
IDS IPS
Router
BRAS
Switcher
OS DB web server
IP Topo
Transport Topo
Unified Physical Topo, Service Topo, IP Topo With clear total view of the whole network and fiber connection . Flexible sub-network division , make large network management more convenient.
EMS-n
Multi-sets EMS for large network without whole network alarm information Different equipment managed by different EMS, trouble shooting efficiency is very low by manpower between different departments.
Centralized fault monitoring of whole network, alarm amount convergence. From multi-system, multi-team to single system, single team improve trouble shooting efficiency greatly.
Marcelo Campos
Gerente de Produto - Technical Sales Department