Security Policy Management Platform UniNSPM

Transforming security policy operations with intelligent automation and full-stack visibility.

Contact Now

Product Overview

Unlock intelligent security policy governance with UniNSPM — bringing visibility, precision, and automation to every corner of your network.

UniNSPM enables centralized management, query, analysis, optimization, and ticket-based provisioning of security policies by collecting and parsing policy, NAT, and routing data across the entire network — including routers, switches, firewalls, and load balancers.

Leveraging network device simulation, UniNSPM automatically constructs a virtual network topology model. Advanced big data computing is then performed on this model to support key features such as path tracing, attack surface analysis, lateral movement path detection, global security zone baseline audits, intelligent firewall location for policy provisioning, and automated script generation.

These capabilities collectively drive intelligent, automated, and visualized security policy operations across the enterprise network.

Key Capabilities

Centralized Policy Control
Policy Intelligence & Compliance
Policy Visualization
Policy Lifecycle Management
Centralized Policy Control
Real-time policy aggregation
Powerful search and query capabilities
Change detection and historical comparison
Policy Intelligence & Compliance
Redundant rule detection and optimization
Hit rate and traffic analysis
Automated compliance validation
Policy Visualization
Interactive topology visualization
End-to-end data flow tracing
Attack surface and pivot path analysis
Security baseline validation across zones
Policy Lifecycle Management
Intelligent path calculation
Automated policy planning and generation
Seamless deployment with verification and rollback

Advantages

Versatile Topology Layout Models
Supports multiple automatic topology layout algorithms, including circular, hierarchical, organic, and orthogonal layouts. Both global and local auto-layout are supported for flexible visualization.
Access Path Analysis from an Attacker's Perspective
Enables analysis of potential access between any two subnets or security zones, identifying possible pivot paths and displaying detailed traversal routes.
Scenario-Based Template Orchestration
Supports the orchestration of NAT policies, security policy templates, and custom scripts to enable scenario-specific operations and maintenance.
Advanced Algorithm Engine
Simulates network-wide access relationships and path calculations with high speed and superior performance, powered by a next-generation algorithm core.

Key Benefits

  • Efficient and Accurate Policy Operations

    Streamlines the entire policy lifecycle with automation and precision, reducing manual effort and error.

  • Closed-Loop Security Policy Management

    Enables policy creation, deployment, monitoring, auditing, and optimization within a unified and traceable workflow.

  • Visualized Security Policy Governance

    Provides intuitive topology views, access path visualizations, and real-time insights into policy enforcement across the network.

Business Scenarios

Policy Audit and Optimization
Define custom audit items to identify non-compliant ports or overly permissive rules, and highlight policies that require remediation.
Centralized Device Management
Centralize the management of firewalls, routers, and switches across the network. Quickly search for IP addresses, services, and corresponding policies, and export results to improve operational efficiency.
Automated Path Analysis and Policy Planning
For policy provisioning requests, the system automatically calculates access paths, checks for existing policies, and—if necessary—identifies devices requiring updates and generates deployment suggestions and scripts.
Configuration Change Tracking
Continuously monitor configuration changes across devices, compare historical versions, and provide detailed change tracking to help administrators maintain control.

Main Safety Design

  • Encrypted Storage of Management Credentials

    Firewall account credentials are securely stored using encryption. Data collection can be routed through a bastion host (jump server) to enhance access security.