Abstract: cloud computing is emerging in the age of the Internet. Cloud security originated from cloud computing. The concept of cloud has already been integrated into modern network technology, and cloud security should be deployed in large LAN. What kind of security cloud security can bring to the LAN has become one of the topics of modern enterprise research. Building a large cloud security base can protect LAN security.
Key words: cloud computing, cloud security, cloud anti-virus, lan, virus, threat, compound attack, light Client
Currently, the private cloud Technology in cloud computing has been used in the enterprise's LAN, and security risks also occur from time to time, in this way, cloud security has become a major technical issue for enterprises to study. Many anti-virus software manufacturers have now launched cloud anti-virus software. In the concept of "cloud anti-virus, some cloud security knowledge is summarized through study and research, which is applied in LAN and summarized as follows.
1. Analyze the Local Area Network Security Threats
Insiders believe that the threats to the internal network of the Organization mainly come from outside the Organization, but from inside the organization. Therefore, it is wrong to focus on preventing the network from being attacked from outside the Organization, while ignoring the network security threats from within the Organization. According to statistics from the CISCO Security Department, more than 70% of security incidents (especially leaks) come from within the Organization. Therefore, due to insufficient awareness of internal network security threats, the security department of the organization has not taken proper scientific preventive measures, resulting in an increase in internal network security incidents. In addition to deployment defects of the security system, the internal network security risks of the Organization are more likely to be caused by internal staff of the Organization. The reasons are as follows: (1) unordered management of mobile storage media; (2) the use of pirated software and games causes virus spreading. (3) Unreasonable permission distribution between users and user groups; (4) invalid account and password management or unreasonable settings; (5) too many service ports are opened. (6) the network administrator has a heavy workload, a high professional level, and a low sense of responsibility. (7) user errors may damage network devices, such as host hardware, accidental deletion of files and data and formatting of hard disks; (8) internal network attacks. Some employees turn to enemy spies in order to vent their anger or be turned back to them, and become unit secrets or Destructors. These employees are familiar with the internal network architecture of the Organization and can exploit management vulnerabilities to intrude into others' computers for damage. (9) Internal attacks from wireless network users, if the enterprise LAN is deployed with a wireless access AP, if it does not take security measures such as identity authentication, computers with wireless network adapters installed within the AP range and portable devices can be automatically added to the network of the Local Wireless LAN, which makes the local LAN vulnerable to illegal attacks.
Ii. Cloud Security Technology in cloud computing
After the emergence of the cloud computing industry, "cloud security" emerged ". "Cloud Security" is an important field in the Development of cloud computing. It cannot be ignored. We must take "cloud security" as the prerequisite for cloud computing development, the cloud computing industry attaches great importance to 'cloud security'. Without the protection of 'cloud security', our cloud computing development will also lose everyone's confidence.
So what is "cloud security? In layman's terms, "cloud security" refers to the virus code collected by the anti-virus manufacturer through the Internet by using the client, through analysis, processing, and processing. Finally, a solution is provided and distributed to the user, in this way, the entire Internet becomes a huge anti-virus software that safeguards users' computer security. You do not have to worry about upgrading the virus software library every day.
Some people say that the emergence of cloud computing technology indicates the arrival of the Post-PC era. During the evolution from the C/S architecture in the software industry to the B/S architecture, the client's hard disk needs will inevitably decrease, and the client's intelligent requirements will also decrease. In the future, personal PCs will no longer need to install any software, you do not need to download any software and install it on the PC. Instead, you can remotely call all application environments through a browser or professional device to make full use of the resources of cloud servers, reducing local load and TCO, make personal PCs greener.
What are the advantages of cloud security technologies over ordinary security technologies? In general, cloud security uses a large number of servers on the cloud. Cloud security technology does not occupy the memory of each user's computer, but anti-virus software currently occupies a large amount of memory on the customer's computer. Cloud security technology is used, if a client on the internet is attacked by a virus, cloud Security collects the virus code to protect other people on the Internet from the virus. Using Cloud security, the virus is intercepted before the arrival of the virus. Generally, the security technology of personal computers is that the antivirus software can be eliminated only after the virus occurs. Even if the antivirus software is not upgraded, it cannot be effectively protected.
Therefore, the cloud security technology idea is to use cloud servers to instantly collect a large amount of virus database information, and timely and effectively protect the user's local end, so as to achieve the purpose of sharing network information.
3. How to Use cloud security technology to safeguard LAN
1. Use powerful servers of Internet cloud security vendors to intercept cloud traffic and perform cloud anti-virus on the LAN. This method emphasizes the interception of compound attacks and the lightweight client strategy, with the ultimate goal of intercepting threats before they reach the user's computer or enterprise network.
Currently, viruses often contain multiple components, rather than a single virus. For users, a single component may not have any threats and may seem harmless. However, the combination of multiple components forms a compliant attack. This mode solves this problem and checks the components to determine the threats.
Second, there is a light client policy. When a user receives a malicious email containing a network link, the user first checks the source address of the email in the mail credibility Service database, and then checks the link in the email in the Web reputation Service database, the webpage components and redirection pages are analyzed, IP addresses are extracted, and added to the interactive threat database. From this we can see that this mode of cloud security protection can be summarized as a light client program based on Internet databases, that is, a large blacklist and whitelist server group is structured for client queries. In the cloud security concept of this mode, servers form a large "Cloud" end to complete the above specific tasks.
This mode has the disadvantage that it cannot perceive unknown threats on the local computer. It mainly combines, judges, and intercepts external threats. However, once an unknown virus or threat intrude into a user's computer through other channels, this method cannot effectively perceive the security threats already present on the machine.
2. A large number of clients on the Internet monitor abnormal behavior of client software on the network, intercept the latest information about Trojans and malicious programs on the Internet, and then push it to the server of the antivirus vendor for automatic analysis and processing, then, the virus and Trojan solutions are distributed to each client. In this mode, the anti-virus vendor becomes the client, and a large number of Internet customers become the "Cloud" end, scanning the user's computer through each client, and then extracting the file code that may be virus for reporting, after being processed by the anti-virus manufacturer, the anti-virus software is upgraded and then pushed to the user for anti-virus.
In fact, the essence of this model is a sample collection and processing mechanism. To achieve cloud security in this mode, a large number of clients are required to form a true "Cloud". In addition, the rapid analysis and processing capabilities for viruses are required. Because the client is a part of the cloud, you do not need to set up a large number of servers.
In addition, cloud security in this mode has its fatal defects. Although it can perceive the existing unknown viruses on users' computers, however, it does not have the ability to intercept unknown viruses before they intrude into the computer ".
In short, from the above analysis, we can see that implementing "cloud security" is not an efficient model, and different vendors may have different models, this requires continuous research, development, and exploration by antivirus vendors. However, the two models mentioned above have their own characteristics. First, cloud security emphasizes the prevention of external threats and requires a large number of servers (vendors ); second, cloud security emphasizes the perception of unknown threats on users' computers and requires a large number of clients (users ). They represent two directions, and many vendors are also following up quickly. However, both of them currently have defects. The first mode ignores the perception and collection of unknown threats on the machine, while the second mode only supports passive defense and cannot intercept unknown threats before they enter the computer. What cloud security does our lan need? The author believes that the two should be combined to intercept unknown threats that can be entered into the computer by means of Trojans and USB flash drives, it is also necessary to perceive unknown threats that have already entered the user's computer through other means.
Iv. Summary
Cloud security makes full use of the power of the network to instantly collect virus code and upgrade the virus database, so that enterprise LAN can share the perfect guarantee brought by cloud security at any time. At the same time, we also hope that "cloud security" can have enterprise-level virus defense capabilities. Otherwise, if the "cloud security" system is paralyzed, it will also be quite devastating to the network.
This article is from the "winter snow" blog, please be sure to keep this source http://823610799.blog.51cto.com/657019/748766