Network Kang to build private cloud security Portal

The most tempting point of cloud computing is that end users can access the cloud in any access way and enjoy the rich application and fast computing power of the cloud. Among them, the use of mobile access security issues are becoming the focus of attention. Recently, the author interviewed the Network Kang Science and technology product Director Shaomin, understand its latest application of security gateway products NS-ASG to the enterprise private cloud mobile Access security protection.

Shaomin Technology Product Director

Next Generation VPN

In the traditional internet age, the main choice of mobile Access security is all kinds of VPN products, generally SSL VPN or IPSec VPN.

IPSec VPN is one of the most popular VPN technologies, which is suitable for IP network. The utility model has the advantages of uniform standard, good security, transparent application, high performance, and suitable for "site-site" and "Client-site" communication. But its shortcoming is also very obvious: the remote host installs the client software beforehand, increased the use complexity, its access control is not meticulous. SSL VPN is the VPN way to access private network resources using SSL encryption on the Internet. SSL VPN has fine-grained permission control, for the client to achieve installation-free, maintenance-free, capable of high-performance hardware encryption. But in front of cloud computing, whether IPSec VPN or SSL VPN, it appears to be weak in security protection.

Shaomin that, in the era of cloud computing needs is "next-generation VPN products", compared with traditional VPN products, the next generation of VPN products need to have the following characteristics.

(1) Refinement management of the application. In the era of cloud computing, enterprise private cloud collection of a large number of applications, enterprise employees through access to use these applications to create value for the enterprise, and the advantage of the network is precisely the management of the application. The traditional VPN to the user's access control is through the IP address port, the next generation VPN product which the network Kang builds will realize through to the application accurate recognition the method to the staff's access control, lets the correct staff access correct application.

(2) High performance: Network Kang's next generation of VPN products in the performance will be several times to 10 times times the increase in the future it will not check the packet, but the high-speed forwarding, the data on the network are refined to flow, convection management. So that the product performance can be greatly improved.

(3) The common application of enterprises into the application layer security, for example, Network Kang's next generation of VPN products NS-ASG will be centralized to send and receive mail, spam filtering protection, add to the application of the security of the initial protection functions and so on.

Shaomin said, the network Kang Application Security Gateway NS-ASG Core is to the application recognition, the convection management and the high speed forwarding. Therefore, although the current version of the network Kang NS-ASG is only a combination of IPSec VPN and SSL VPN pure VPN two-in-one product, but in the future version, NS-ASG will gradually develop into a perfect application security gateway products. Network Kang Application Security Gateway NS-ASG will grasp the application security problem in the cloud computing era, realize the security protection to the application access itself, and pay attention to the security problem of the application layer.

Building a security portal for enterprise private cloud

In the era of cloud computing, the Internet will focus on the security of private cloud. Network Kang through the identification of user identity, correct authorization, blocking the access of illegal users to carry out private cloud security protection. Network Kang Future will also be the enterprise private cloud application in some application layer of security reinforcement.

Through Network Kang Application Security Gateway NS-ASG from the network level to the enterprise private cloud to establish the secure access channel, from the user level carries on the access control, to accesses the enterprise private cloud the user to carry on the application the access control; From the application level to the enterprise private cloud all kinds of web application, e-mail and other security reinforcement in the application layer to achieve the protection of passive vulnerabilities.

For the current enterprise private cloud network most dangerous apt attack, through applies the security gateway NS-ASG to be able to solve the access link security problem, separates the enterprise intranet and the external network, the external data needs authentication, the authorization can enter, thus may resist the partial attack threat from the external.

Network Kang Application Security Gateway NS-ASG deployed in the enterprise network boundaries, traffic, application management. Manage the flow from inside to outside and from the inside to generate detailed flow analysis report. Future Network Kang Application of security Gateway will also be based on the use of human applications and applications are used to optimize the flow of the application and acceleration. It can be said that through the management of corporate network traffic, so that the value of the flow is fully reflected.

Shaomin said that the network has put forward the concept of virtual safety net, which means that the future enterprises only need to pay attention to "people" and "application" can be, regardless of network, port, IP address, etc., reduce the user's overall use and management costs.

Secure operating system makes ASG stronger

Fortress is often easy to be breached from the inside, many hardware security products need to have the corresponding operating system support, once the operating system security vulnerabilities, the corresponding security products will have security risks, then as a private cloud security portal for the Enterprise Network Health Application Security Gateway NS-ASG its own security?

According to Shaomin introduced, network Kang Application Security Gateway NS-ASG adopt is the network Kang unique safe operating system. Network Kang Security operating system based on Linux, eliminate unwanted services, strengthen the DDoS attacks of a class of defense, the kernel of the function and security optimization. At the same time, network Kang also security operating system use and login for security reinforcement, shielding the normal login port, using a special login port, through a variety of certificate technology for security reinforcement.

Finally, Shaomin told the author, Network Kang will be applied Security Gateway NS-ASG to create a future enterprise private cloud a solid security portal.

(Responsible editor: Liu Fen)