搜索
Search

Platform

Network Defense Cloud Security Management Platform
All categories
Number of views:
1002

Network Defense Cloud Security Management Platform

Retail price
0.0
Market price
0.0
Number of views:
1002
Product serial number
Category
Platform
Quantity
-
+
Stock:
0
1
产品描述
Parameters

Network Defense Cloud Security Management Platform

Platform introduction

The platform architecture is shown in the figure below:

一、 Construction plan

The security resource pool is loosely coupled with the cloud platform business resource pool, that is,two resource pools are deployed independently, with interfaces opened at the management platform level for necessary information sharing. It facilitates the establishment of a clear interface of operation and maintenance responsibilities between the security service provider and the cloud service provider, and facilitates the security service provider to perform its duty of supervising and auditing the cloud service provider vested by the end user, so as to ensure the interests of the end user.

The security resource pool is divided into 3 types of resource pool: serial protection, bypass detection and service management

The deployment of serial protection resource pool:

It consists of north-south serial protection resource pool and east-west serial protection resource pool.

l North-south serial protection resource pool

Lead the flow between intranet and extranet to the north-south serial protection resource pool, complete the cleaning and protection through service choreography, and reject the clean flow to the business resource pool.

 

l East-west serial protection resource pool

Lead the flow between different domains in the intranet to the east-west serial protection resource pool, complete the cleaning and protection through service choreography, and reject the clean flow to the business resource pool.

The deployment of bypass detection resource pool:

It consists of service chain data reproduction, switch port mirroring, virtual machine diversion, plugin diversion, etc. It is used to detect and process the mirroring flow diverted from the tenant resource pool, without rejecting the detected flow to the tenant resource pool.

Divide a virtual machine from the host machine to deploy diversion virtual machine software, capture flow from the bottom layer of virtual environment, and filter the flow according to the security strategy at the protocol level based on quintuple.

Plugin diversion:

Install diversion plugins on the business virtual machine inside the business resource pool, capture flow on the virtual machine and convey it to the security network element inside the security resource pool through a tunneling mode. The network element has a built-in function of releasing tunnel encapsulation, completing the follow-up processing of mirroring flow. It currently supports the plugin diversion mode of database audit, etc.

Deployment of service resource pool: The security service resource pool does not need to receive and process the original business flow or mirroring business flow in the tenant network, provided the network between the tenant is accessible. It is used to perform vulnerability scanning, configuration check, multi-log audit, centralized security management for the tenant resource pool.

 Ability to output

Through the management, deployment and arrangement of various security resources, cloud security management platform enables the security ability of a range of software, hardware and virtual forms to comprehensively adapt to the cloud environment, and conducts continuity management and evaluation for a number of security risks facing the cloud environment.

The platform can not only output security ability at product level, but also the security ability at the overall solution level.

Security ability at product level:

l Security product ability for protection

For example, firewall, WEB application protection, intrusion prevention, etc.

l Security product ability for detection

Intrusion detection, hyper-convergence detection, advanced persistent threat detection, database audit, etc.

l Security product ability for management

Baseline check, vulnerability scanning, operation and maintenance audit, etc

Security ability at solution level:

l Compliance security ability

Cloud security solution ability meeting the requirement of hierarchy protection of 2.0

l Information security ability

Solution ability meeting regulation requirements for sensitive information protection

l Security value-added ability

Make the security ability pool-oriented, served and operated, provide security value-added service for government and enterprise dedicated line, traditional IT environment, cloud IT environment, and output security value-added solution ability

l Industrial control security ability

Virtualize the industrial control security products, and adapt them to industrial control business scenario through security service choreography to protect the industrial cloud, and output industrial control security solution ability

Expert service

The following expert services are provided:

l Technical support;

l Consulting and planning;

l Program customization.

Scan the QR code to read on your phone
We could not find any corresponding parameters, please add them to the properties table
这是描述信息

Service hotline:
400-810-7766 (24H)
E-mail:

shfw@leadsec.com.cn
Address:

Zhongguancun, 8 dongbeiwang west road, haidian district, BeijingSoftware park 21

  • Douyin
    Douyin
  • WeChat
    WeChat
  • Weibo

Copyright Beijing Leadsec Technology Co., Ltd.    京ICP备1124454号     Power by:300.cn  Beijing