How to deal with the security challenges of cloud computing and virtualization
Source: Internet
Author: User
KeywordsSecurity virtualization cloud computing
According to a number of findings, the main problems impeding the adoption of cloud technology by enterprises generally include data security, compliance, and the technical blockade of vendors. The external factors involved in these impediments include the stability of cloud technology suppliers and the impact of regulatory agencies. Among them, data security and compliance are the problems that security companies and cloud providers need to solve.
At present, the development of cloud computing is in the new stage of transformation brought by the integration of virtualization and enterprise business. So the most important thing now is to solve the security problems in the virtualized environment. Typical security issues encountered in virtualized environments include:
An external attack. Virtual servers also face security risks associated with physical environments, such as malware infections, vulnerability exploits, and SQL injection. This protects application and system security in virtualized environments using malware and vulnerability masking solutions.
Second, the immediate start of the protection gap. It is not possible to configure security policies for these virtual machines quickly and consistently and keep them up to date during the snapshot, hibernation, and activation processes. In this case, you can deploy a agentless security solution that integrates seamlessly with the underlying system of the virtual environment, so that virtual machines that have previously been dormant but are now activated will immediately receive the latest protection.
Iii. virtual machine internal attack. Traditional network security Devices cannot view network traffic within a virtual machine, and therefore cannot detect or suppress attacks from virtual machines originating from the same host. In this way, you can intercept and inspect the internal network traffic of the virtual machine by deploying a agentless security solution that integrates seamlessly with the underlying system of the virtual environment. Considering that system and application vulnerabilities are the primary targets of an attack, the security solution must have the ability to mask virtual machine vulnerabilities.
Iv. resource contention. resource-intensive operations, such as virus scanning or anti-virus updates, on a host's virtual machine can quickly cause a surge in the system (CPU, memory, network, and disk I/O) load. In this way, by deploying a security solution with virtualization awareness, you can eliminate resource contention and use a preset and task-based security policy to ensure the highest server efficiency during peak and off-peak hours.
V. Complexity of management. In Dynamic Data centers, new security virtual machines are automatically set up, reconfigured, and even migrated automatically. This makes it extremely difficult for administrators to track, maintain, and enforce consistent security policies. In this respect, by deploying a agentless security solution that integrates seamlessly with the underlying system of the virtual environment, you can minimize the number of clients that need to be installed and managed, and ensure that the security policies, defenses, and configurations of the virtual machine are consistently compliant, regardless of where it is located.
VI. Audit compliance/deficiencies. Maintaining compliance with industry rules in a virtual environment is becoming more complex, a dynamic feature of virtual data centers. The most effective approach is to integrate security features directly into the virtualization platform using a solution that has the visual function of the hypervisor, which can monitor all traffic entering/out of the virtual machine.
In trend technology, cloud security can be viewed in four directions: cloud infrastructure (especially in virtualized environments), cloud data (a large amount of centralized data), cloud applications (Web sites, software services), cloud terminal equipment (mobile, terminal).
Trend Technology recently released the "Cloud Security 5.0" solution from four aspects to provide targeted protection strategy in the above four directions:
The agentless security for the virtualization architecture. With the "Cloud shield" technology and virtual environment without agent dynamic integration to protect all kinds of enterprise data centers, application system security, so that cloud applications/cloud services platform itself from viruses, attacks, system vulnerabilities and other threats.
Second, cloud Platform data protection. Through the "Cloud safe" technology in the key and policy management mechanism to protect users ' privacy and data stored in the cloud is not illegally stolen and exploited, so that enterprises can safely use the cloud platform to store or exchange data.
Third, the mobile device without boundary security access. Protects mobile internet mobile terminals, smartphones from virus threats, and effectively manages mobile devices ' access to borderless data on the Web at any time.
Iv. Cloud computing security threat management. The Intelligent unified Cloud computing security threat Management platform provides flexible policy management, only associated queries, and rich log audit and reporting functions.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.