Jinshan Publishing Private cloud security system challenges apt

May 8, Jinshan security system company officially released Jinshan private cloud security system. "Jinshan Private cloud security system is to solve the problem of apt is born." "Set up less than hundred Days of Jinshan security system in the directional attack (APT) of the prevention and capture, to do a domestic pioneer, its courage really let the industry spirits." 498) this.width=498 ' OnMouseWheel = ' javascript:return big (This) ' border= ' 0 "alt=" Jinshan Publishing Private cloud security system challenges apt "width=" height = "src=" "Http://s6.51cto.com/wyfs01/M00/09/4E/wKioJlGKb8LgFAjmAAB_eamsXiE619.jpg"/> Jinshan release Private cloud security system if it says, 2006 ago , the main threat we face is the virus; in the 6-and 7-year period after 2006, the main threat is a Trojan horse; then, after 2012 years and a long time to come, the main threat we face will be directed attacks. Data from China's National Internet Emergency Center showed that in 2012 more than 14 million hosts in China were attacked and 38,000 sites were under remote control. Jinshan Security Systems company vice President Zhang think APT problem already very serious, "if the virus like robber, Trojan like thief, then directional attack (APT) is a kind of nuclear weapon with accurate strike ability!" "Apt concealment is strong, the incubation period is long, also difficult to be detected." Flame in almost 5 years of active time, the entire security industry did not have any perception, and Stuxnet until the end of a fatal blow, the security industry began to pay attention to industrial control system security, and thus focus on apt attack. Today, the defense of apt is still lagging behind, especially in China. At present, China's relevant institutions have not yet established a rigorous information security defense system, only a few of the secret research institutes or institutions, just began to the rush of apt carry out a preliminary study, worse, many important units do not even think that they will be targeted attacks. and the existing APT solution can be summed up as four categories: one is the host File Protection class (White list mode control) such as, Bit9; second, large data analysis and detection class, such as: RSA; third, malicious code detection class, such as FireEye, network intrusion detection class, such as Fortinet. Golden Hill Private Cloud security system detection APT's idea is: take the white list as the product core, take the host control strategy as the product application model. The work of the product is: first of all the user terminal environment in all programs and files for a full network scan, if it is a virus, Trojan horse, worms and other "black" documents, it will be dealt with, if the unique with Jinshan hundreds of millions of white document library match, then sentenced to "white" and to be released; If the unknown file is temporarily unrecognized, then "Gray" is first labeled , and then integrated with different strategies and file appraisers. Apt detection is so difficult, does Jinshan have proper detection technology? Faced with such questions, Zhang responded that he did not deny that apt testing is really difficult, but it depends on what level to do. Searching purely over the network is unlikely to be discovered, because it is based on known vulnerabilities and known rules. However, once it enters the mainframe for illegal operation, it can be found by using the whitelist filtering technology. "Responsible editor: Wu Yu TEL: (010) 68476606" Original: Jinshan release private cloud security system Challenge apt return to network security home