New features and new features of cloud firewall

Source: Internet
Author: User
Tags mail new features senderbase firewall cisco security

Cloud Firewall is a new concept, the first by the IT giant Cisco proposed, their approach is: upgrade their firewalls to the "cloud" firewall, to achieve dynamic prevention, active security.

Cisco believes that the emergence of the cloud firewall means the emergence of the fifth generation of firewalls (the first four generations are: software firewalls, hardware firewalls, ASIC firewalls, UTM). The 4 characteristics of cloud Firewall include: Anti-Zombie network/trojan, prevent network internal host infection, cloud detection-Global IPS linkage, cloud access-ssl VPN, Cloud Monitor-the only firewall supporting NetFlow, realizes the two integration of NOC and Soc.

The "brain" of the cloud Firewall is the predecessor of Sensorbase,sensorbase, Senderbase. After Cisco bought IronPort for $830 million, Cisco received Senderbase,senderbase as the world's largest mail traffic monitoring network, providing a real-time view of global security threats and "credit Reporting Services" for e-mail. Cisco renamed Senderbase the Sensorbase and added a botnet master database in Sensorbase to enable it to be sensitive to the dynamics of zombie networks. Sensorbase also adds a dynamic strategy that can be blocked if an Internet address has a problem.

Cisco security experts say Sensorbase is a prerequisite for the emergence of the cloud firewall. Cisco will strive to update sensorbase information every 15 minutes and sync it to all cloud firewalls. A variety of security information can not only from the sensorbase to the cloud wall, but also from the cloud firewall to sensorbase, the cloud firewall in the IPs can be the first time to synchronize the attack to Sensorbase,sensorbase and synchronized to other cloud firewall.

The key to the success of cloud security is to have enough information-gathering points and computing power, which is Cisco's advantage. Cisco has a global network of 70多万个 sensors, with Cisco sensors in almost all of its global Internet service providers, and more than 500 third-party security agencies that provide Cisco with timely security information, while Cisco monitors more than 30% of the world's email traffic.

For Sensorbase, Chinese users may have such doubts: Sensorbase is a global network, but can the timely analysis of the threat of regional characteristics? In fact, users do not worry, because the Sensorbase address library 30% is the domestic address, which is a very high proportion.

The cloud wall looks like a brand new product, but in fact the user gets the cloud firewall method is very simple, as long as the ASA firewalls software upgrade to version 8.2, the hardware need not change. The number of updates produced by Sensorbase is also very small, only 70K each time.

Why to activate Cloud firewall, originally for enterprise, spend money to buy a firewall is a kind of border security idea and idea, but have not thought carefully, this inside some articles.

Because the firewall is the default trust intranet, and the suspicion of the extranet, so the security strategy of the wall is basically wide out of strict law, this default golden rule sometimes is fatal.

This column more highlights: http://www.bianceng.cnhttp://www.bianceng.cn/Network/Firewall/

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.