Market Research Institute Infonetics's report shows that the cloud and client device hosting security services market is emerging, based on cloud and client devices managed security services will be rapid development, 2016 the overall size of the market will reach 18 billion U.S. dollars. Cloud Security Service presents a broad development prospect.
At present, the cloud security Service market penetration ratio is bigger is the content security, achieves the 25%~30%, including the e-mail security, the Web security, the endpoint management achieves 10%~15%. The mature cloud Security Service market is mainly concentrated in North America, Europe region. In China, a lot of cloud computing and cloud security are still in the concept, the real products are not many, users also rarely experience the actual service. For example, cloud antivirus mainly use the Internet online storage and killing technology, just narrow cloud computing, real cloud security needs a complete operating system, can let the user experience to see, touch the service. Therefore, the domestic cloud security business services market has not really formed, belongs to the "adolescence", but the potential is huge.
The following basic conditions are required for cloud security service providers to provide cloud security services to the outside world.
The first is the pooling of security resources. Security resources to support various types of customer security needs, including virtual machine access control, DDoS protection, content filtering, mail filtering, vulnerability scanning, transmission data encryption, storage data Control access, anti-virus, identity authentication and so on.
The second is to use the Internet as the center. Cloud security services are based on the Internet, the latter is the way to provide services, telecommunications operators in this area has a greater advantage, can make full use of network resources advantages, customer advantages from the transmission of information to the delivery service development, the network is where the service is located.
Finally, the corresponding management platform. For traditional security services, for example, managed security services (including traditional security event monitoring, secure access, anti-virus, zombie Trojan killing, content security monitoring, intrusion detection, anti-ddos, security scanning, etc.), still need security Management Center (SOC) management platform for day-to-day business and management operations, And the managed security Service is based on the traditional security Service management method, the SOC platform is reformed to provide daily resource dispatching and management for the security capability of the pool, providing the customers with scalable security services on demand, as well as providing self-service and daily service report analysis for customers. The platform of resource dispatch and operation Management is also one of the basic conditions of CSP.
In addition is the service. Since users can have and maintain security devices that provide the appropriate capabilities in the security cloud without having to invest, and directly purchase the various security services provided by the cloud, providing reasonable billing and SLA service metrics in cloud security services is an important part of the security cloud services business.
In the cloud ERA, telecom operators, cloud security service providers can use their own network advantages, user resource advantages, channel advantages, such as to create an aggregation platform, open platform, service delivery platform, the basic capabilities, applications, developers, users to integrate, open their own or third party resources, capabilities, applications, and as a service to users. This clearly requires operators and manufacturers to work closely together, especially for cloud security products. Cloud security equipment Enterprises are speeding up this step, for example, the Stone Network Branch (Hillstone) specifically for the Cloud data center developed sg-6000-x6180, the use of a full parallel distributed hardware architecture, High-performance multi-core processor, the introduction of the full modular design, the overall performance with the increase in business modules and linear growth. It can provide 100Gbps business processing capacity, 1.8 million of the maximum New connection (HTTP) rate, 60 million of the maximum number of concurrent connections, especially for operators, large enterprise data centers, such as large traffic, high concurrency scenarios, to provide the equipment with efficient processing capacity and flexible business expansion capabilities.
Cloud Data Center Server consolidation causes applications deployed on different servers to be consolidated onto the same physical server, and, accordingly, separate firewalls that are deployed for different applications before server consolidation are consolidated. The integrated firewall should satisfy the independence of the security business between different applications, that is, the cloud Data Center firewall must provide the virtual firewall function, and provide the logic independent security Service plane for different applications. The operators can dynamically set the resource quota of each virtual firewall according to the actual business situation, such as CPU, strategy number, port and so on, so as to ensure the elasticity change of traffic flow in the virtualized environment.