Networking de empresas

UC&C

Computación en nube y centros de datos

Gestión y herramientas

Wireless

Industrias

Redes ágiles

Computación en nube y centros de datos

UC&C

Red privada inalámbrica

Casos de estudio

Soporte de productos

Descargas de software

Servicios de partner de canales

Soluciones de servicio

Soporte técnico

Capacitación de Huawei

Certificación de Huawei

Partners para las capacitaciones

Academia de red

Acceder a la capacitación como visitante

Cómo ser un partner

Pedido

Marketing

Material de soporte

Soporte

Evaluación

Noticias

Eventos

Página Anterior!

Prompt

No ha iniciado sesión o no esta autorizado!

Página Anterior

Agile Controller

El Agile Controller es un sistema de control automático de recursos de red basado en aplicaciones y en el usuario que ha sido desarrollado por Huawei. Como componente central de las redes de área de campus inteligentes, el Agile Controller asigna de forma dinámica recursos de red y de seguridad en toda la red de área de campus, de acuerdo con un control centralizado de conceptos de SDN, lo que permite a las redes ser más ágiles en lo que respecta a la provisión de servicios.

Agile Controller

  • Agile Controller

Service Experience-Centric Network Redefinition

The network transfers attentions from technology, device, connectivity to user, service, experience. Originally, manual configurations are mainly performed. Currently, network and services can be dynamically deployed using natural language.


  • Agile Controller dynamically allocates network and security resources on the entire campus network based on centralized control of software-defined networking (SDN) concepts, allowing resources to migrate with users and implementing free mobility.
  • Agile Controller implements user-based QoS scheduling to preferentially forward data from VIP users in the case of limited network resources, ensuring good service experience of VIP users.
  • Agile Controller allows users to use natural language to plan, deploy, and synchronize network-wide policies through one-click. Users do not need to focus on differences among various types of devices.
  • Agile Controller can flexibly adjust network-wide rights, QoS and security policies to shorten service provisioning or network expansion durations, meeting fast service changing requirements.


All-Round United Security

Single-point protection is transferred to network-wide protection.


  • Agile Controller collects logs from network devices, security devices, and service systems in a unified manner and uses Big Data correlation analysis to detect attacks and threats that can hardly be detected using single-node analysis.
  • Agile Controller provides a virtualized security resource center to block or direct user traffic through intelligent linkage, actively defending against network attacks.
  • Agile Controller provides comprehensive terminal security, desktop management, and mobile storage device management functions and predefines more than 5,000 terminal security policies, ensuring terminal access security.


Openness and Collaboration

Closed system is transferred to open system.


  • Agile Controller provides northbound interfaces to interconnect with existing devices and service systems, improving service provisioning efficiency.
  • Agile Controller provides southbound interfaces to integrate third-party terminal detection and event collection capabilities, building all-round united security systems.

Agile Controller has no special networking requirements except that there are reachable routes between the physical server where Agile Controller locates and network devices. Generally, Agile Controller is deployed in the data center.


Function Specifications
Identity authentication Authentication using system-based internal accounts
Windows Active Directory (AD) authentication
Third-party LDAP authentication
Mobile certificate authentication
Anonymous authentication (Administrators can configure anonymous authentication in specified network areas. When anonymous authentication is configured, users in a network areas can access the intranet without any passwords.)
Policy Engine Supports rule-based multi-dimensional authentication policies. Supports policy authorization based on user identities, terminal types, access locations, access time, and access modes. Pushes different web authentication pages based on the terminal access locations, terminal types, and SSIDs.
Network access control Visitor management Compliance check: Security assessments and system configurations prevent non-compliant terminals from accessing the protected resources.
Automatic isolation of non-compliant terminals and one-click repair for terminal faults
User-based access authorization (denying unauthorized access)
Visitor account management (including account creation and self-service registration)
Terminal identification Visitor account notification (through web, email, or SMS)
APIs for visitor account addition, deletion, and modification
Registration and authentication page customization
Terminal type identification (including PCs, smart terminals such as mobile phones and tablets, IP phones, and printers)
Free mobility Various types of devices running different operating systems, such as Windows, Linux, MAC OS, Android, IOS, and Windows Phone
Device identification in various modes, such as SNMP, User-Agent, DHCP, and MAC OUI
Unified policy configuration and management
  Inter-user group policy elements and authorization rules
Matrix policy template
Network-wide user group-based policy matrix
Automatic policy deployment for new devices
Service orchestration Network-wide policy status monitoring
Guarantee of VIP user access experience
Service orchestration and resources management
Service flow defining
Service chain orchestration
Service chain status monitoring
Terminal security management Security hardening: including static configuration check (antivirus software, patches, suspicious registries, suspicious processes, and invalid software installation) and dynamic audit (port use, enabling least services, peripheral access, ARP detection, and traffic monitoring) to discover and eliminate security threats
Office behavior management: including web access, media download, and non-office software installation
Information leak prevention: Agile Controller manages peripherals and mobile storage devices, restricts invalid external access, and controls network applications.
Network protection: Agile Controller isolates visitor traffic, traffic from valid terminals, and traffic from invalid terminals to prevent them from becoming attack sources.
Desktop management Patch management: Agile Controller provides professional patch management for one-stop patch check and recovery. Users can view information about patch deployment by device or patch. Agile Controller can collaborate with the WSUS.
IP asset auto-discovery: Agile Controller automatically discovers unmanageable devices, such as IP printers, IP phones, smart phones, cash registers, and bar code scanners.
Asset lifecycle management: Agile Controlle
prevents the loss of software and hardware assets, and provides real-time visibility of corporate assets.
  Software distribution: Agile Controller uses the distributed storage and express forwarding technologies for delivering large files on the intranet. These technologies have low bandwidth requirements and are highly efficient.
Remote desktop assistance
Message announcement: Agile Controller pushes bulletin messages to specific users or departments. Users can set the validity period of bulletin messages.
United security Security log collection: Agile Controller can collect security logs from Huawei devices and third-party devices with standard interfaces, such as Syslog, SNMP, FTP/SFTP, OPSEC, and ODBC interfaces.
Security event correlation analysis: Agile Controller predefines correlation analysis policies. Users can also customize correlation analysis rules.
Security event linkage: Agile Controller notifies administrators of security events through emails or SMSs.
  Security trend display: Agile Controller displays the security status and trend of the entire network and top N risky assets and supports network-wide security degree management.
Maintainable report Predefined report templates and trend template, for example, report template for user online information
  Customized reports or reports obtained from the security center
System management System status monitoring: When an abnormality occurs on the server, Agile Controller displays alarm messages or sends alarm emails.
  Online client fault diagnosis: Agile Controller processes client faults in a centralized manner.
  Remote data backup
Networking mode Centralized networking: Applies to small networks with few network layers.
  Distributed networking: Applies to large networks with many branches or terminals.

Agile Controller can be deployed on service manager (SM) and service controller (SC) servers to provide access control, visitor management, free mobility, and service orchestration functions, and on the Security View and iRadar server to provide the united security function.


Configuration Requirement SM&SC Server SV&iRadar Server
CPU 2 x 6-core processors, 2 GHz 2 x 6-core processors, 2 GHz
Memory 16 GB 32 GB to 64 GB
Storage 600 GB 4 TB and above

Item Quantity Remarks
1.1 Software
Agile Controller Access Control Features 1 Optional. Agile Controller provides the access control features.
Agile Controller Access Control License for Terminals Ladder Licenses that can manage 200, 500, 1000, 2000, 5000, 10000, or 50000 terminals are available.
Agile Controller Visitor Management Features 1 Optional. Agile Controller provides full lifecycle visitor management features.
Agile Controller Management License for Visitor Accounts Ladder Licenses that can manage 200, 500, 1000, 2000, 5000, 10000, or 50000 visitor accounts are available.
Agile Controller Free Mobility Features 1 Optional. Agile Controller provides group-based policy matrix and supports QoS policy deployment.
Agile Controller Service Orchestration Features 1 Optional. Agile Controller can direct user traffic to the security center for processing.
Agile Controller Terminal Security Management Features   Optional. Agile Controller provides health check, peripheral management, unauthorized external connection control, asset management, patch management, software distribution, and announcement management features.
Agile Controller Security Management License for Terminals Ladder Licenses that can manage 200, 500, 1000, 2000, 5000, 10000, or 50000 terminals are available.
Agile Controller Mobile Storage Device Management Features 1 Optional. Agile Controller provides the registration, encryption, authorization, auditing, and transition features for mobile storage devices such as USB flash drives.
Agile Controller Management License for Mobile Storage Devices Ladder Licenses that can manage 200, 500, 1000, 2000, 5000, 10000, or 50000 storage devices are available.
Agile Controller United Security Features 1 Optional. Agile Controller provides the network-wide event collection, correlation analysis, and security trend display features.
Agile Controller Management License for Security Events Ladder Licenses that can manage 500 EPS, 1000 EPS, 2500 EPS, or 5000 EPS are available. (EPS: Events per Second)
1.2 Hardware in centralized deployment mode (user scale ≤ 10000; log scale ≤ 2500 EPS)
SM&SC integrated server 1 Purchase this item when the number of online users is smaller than or equal to 10000.
SV&iRadar integrated server 1 Purchase this item when the number of logs collected per second is smaller than or equal to 2500.
1.3 Hardware in distributed deployment mode (user scale > 10000; log scale > 2500 EPS)
SM server Not limited The SM manages the SCs and sends real-time instructions to connected nodes to provide various services.
SC server The SC implements user identity authentication, security policy delivery, and data reporting.
Database server The database server can be deployed independently to provide the redundancy backup feature.
SV server Not limited The SV displays the correlation analysis results of iRadar and network-wide security status.
iRadar server The iRadar server collects logs and performs correlation analysis.
iRadar-CA server A correlation analyzer is recommended when more than 15 correlation rules are configured on the iRadar server.
iRadar-CM server iRadar-CM log collector can be deployed when the number of events collected per second is less than 2000 in a branch. The iRadar server is recommended when the number is larger than 2000.
S2600T disk array External disk array. Purchase this item when the SV server and iRadar server are deployed in redundancy mode to provide high availability.