Huawei Digital Power
iMaster NCE
Next-Generation AI Firewalls for Smart, Simplified Security
It is the centralized platform for managing, automating, and optimizing Huawei networks across multiple domains (campus, data center, WAN, and security). It’s part of Huawei's Autonomous Driving Network (ADN) vision.
Key Highlights
Superb Performance
Powered by new software and hardware platforms to boost service performance and handle high traffic efficiently.
Intelligent Defense
Detects viruses hidden in over 100 layers of compressed files and other sophisticated threats with 95% accuracy for unknown threats.
Simplified O&M
Integrated security policies and unified network-security controller deployment reduce OPEX by up to 80%.
Threat visualization redefines interface and improves operational efficiency.
Specifications
Feature | Description |
Zero-Touch Provisioning | - Automatically identifies and manages network devices. - Enables automatic deployment of underlay networks. |
Network Service Provisioning | - Supports integration with OpenStack and third-party apps (L2–L7). - Allows both platform-driven and independent network service provisioning. |
Fabric Management | - Uses VXLAN for automatic network deployment and encapsulation. - Supports VXLAN L2/L3 interconnection and with traditional networks. - Manages both hardware and software devices. - Supports mixed terminal access (physical servers, VMs, bare metals). |
Service Function Chain (SFC) | - Complies with IETF SFC model using PBR or NSH. - Enables traffic steering through service nodes. - Graphical orchestration and automation supported. - Includes value-added services (NAT, security policy, IPSec VPN). |
Network Security | - Microsegmentation based on subnets, IPs, VMs, and hostnames. - Role-based access control for tenant/user separation. - Supports RADIUS, AD, and local password-based authentication. |
O&M and Fault Location | - Monitors physical, logical, and tenant resources. - Visualizes app/logical/physical topology and mappings. - Displays VTEP and VM forwarding paths. - Intelligent loop detection and one-click repair. - IP/MAC Ping for VM and external connectivity diagnosis. - Traffic mirroring via GRE tunnels. |
Reliability | - Distributed cluster with up to 128 nodes. - Nodes can span L2 and L3 networks. - Northbound/southbound load balancing. - Smooth failover between controller nodes. - Supports active/standby disaster recovery. |
Openness | - Based on ONOS, compatible with ODL. - Northbound APIs: RESTful, RestConf, WebService, Syslog. - Integrates with OpenStack (standard, Red Hat, Mirantis, UnitedStack). - Southbound protocols: SNMP, NETCONF, OpenFlow, OVSDB, JSON-RPC, sFlow. - Integrates with VMware vCenter, Microsoft System Center. |
Management Capacity and Performance | 3-node configuration: - Physical devices: 1,800 - Servers: 9,000 - VMs: 180,000 - VM onboarding rate: 200/sec 5-node configuration: - Physical devices: 3,000 - Servers: 15,000 - VMs: 300,000 - VM onboarding rate: 350/sec |