Four security firewalls in the data center

Four security firewalls in the data center

The importance of security for data centers is self-evident. Especially today, when people pay more and more attention to information security, security events are trivial. Once a data center has encountered serious security problems, the loss caused by the data center is immeasurable. The security of data centers is centered on data. It covers data access, usage, destruction, modification, loss, and leakage. Therefore, many technical methods are derived. From software to hardware, from network edge to core, from data center entry to exit, security devices can be deployed wherever there is data. Many data center security devices are deployed, but they are still under attack. Why? In fact, data center security is a system project that can be handled without deploying several firewalls. A detailed security solution design is required to penetrate the security solution into every step of the data center, to ensure data security in the data center. This article will explain how to design data center security.

The data center security needs to be designed in a unified manner from a global and architectural perspective. Currently, the latest International Data Center Security Technology Framework IATF developed by the US National Security Agency is also widely recognized ", IATF is a framework that comprehensively describes the information security assurance system prepared by the National Security Administration Expert. It puts forward a complete set of security requirements for information infrastructure in the information security era, it puts forward a general framework and designs four security firewalls for information data: network and infrastructure to protect the network and basic design; the border of the exclusive area to solve the border protection problem; local computing environment to protect the computing environment of hosts; supporting infrastructure and a secure information environment. IATF also applies to data centers. However, the descriptions of the four firewalls seem abstract, hard to understand, and do not know how to start with them. The following describes in detail.

First, protection for networks and infrastructure refers to the network part of the data center. There are a large number of network devices in the data center. These network devices enable interconnection between all devices and play a very important role in the data center, all data must be transmitted through these devices. Once a device leaks data, the consequences are very bad, enhance protection for network devices such as switches, routers, and Wireless WiFi in the network. Update the software version of these devices in a timely manner, and check with the equipment vendor whether there are security vulnerabilities in the software system of the device. In particular, some devices leave some backdoors by default to hide and execute commands, some service ports are opened by default, which are often the most vulnerable to intrusion. Therefore, be sure to check whether these vulnerabilities exist on the device and update the software in time; periodically change the access passwords of these devices to avoid theft. regularly inspect the devices and eliminate potential risks in a timely manner. In particular, various network protocol attacks may cause network paralysis, this can intrude into the application system and steal data.

Secondly, border protection refers to the entrance and exit of the data center. The data in the data center has two major data outlets: Input and Output. Therefore, data filtering and inspection must be performed properly. There are many specific technical implementations, such as firewalls, VPN, border sharing and exchange, remote access, multi-domain solutions, mobile code, and security isolation. These security technologies are mainly implemented through hardware devices, implements Coarse Filtering of data traffic, including firewalls, Server Load balancer devices, intrusion detection devices, NAT devices, and unified gateways, all these devices must be deployed at the data entry and exit of the data center to check data entry and exit. Of course, this is far from enough. In our daily life, we also see that security guards exist in and out of many residential areas, but there are still various criminal cases of burglary or even more serious cases. Therefore, the data center cannot fully rely on border protection, it also requires content protection, that is, host protection.

The third is host protection, which starts with the data center server. All application services in the data center are deployed on servers. The data center has the largest number of server devices and the most system vulnerabilities. Many attacks are initiated against servers, once the boundary and network protection are crossed, the server is in danger. Therefore, the server must not be streaking, otherwise it will surely go bare. Protection on servers focuses on software, such as operating system protection, biological authentication, Web security, tokens, and virus software, these technologies protect the data on servers. The widely known software is 360, Trend Micro, rising, Norton, and so on. These software will continuously update the virus database, protection against new virus types. After these protection software is installed on the server, the software package can be updated in real time to protect the system in a timely manner. The vast majority of attacks are targeted at system vulnerabilities. By promptly fixing system vulnerabilities and constantly updating security software, you can effectively avoid attacks.

The final support platform refers to the establishment of a complete access system to control and check access to various data centers. For example, PKI authentication, certificate management, and password management. For example, when we access a bank website and perform network transactions, we need to download certificates. This is to encrypt network access to ensure secure access, only certificates on both sides of the network can be accessed, and certificate management is used in the bank's data center system. These support platforms allow you to control access, access attacks, break through the system, or obtain confidential data. Today's various access authentication technologies are mature, and security vulnerabilities are occasionally exposed, but they generally have little impact, and these authentication technologies are constantly being improved. They should be widely used in data centers, eliminate the risk of application system attacks.

The four security firewalls cover all aspects of data center security and form a comprehensive and targeted security protection system. As described in the IATF technical explanation, it provides information security protection from human, technical, and operational aspects. By deploying these four firewalls, the security protection capability of the data center will be greatly increased. Currently, this is the most common practice in the data center security field, and the data security of the data center will be greatly enhanced.