Learn to recognize "cottage version" cloud security

In IBM, Microsoft, Google and many other giants hot "cloud", trend technology, rising technology and other security companies have launched a "cloud security."

The "cloud computing" model is to place computing resources on the network for use by many terminal devices. Similarly, "cloud security" is the security-related computing resources (threat information rollup, signature analysis) and services placed in the network, for many device terminals to provide security protection.

I think that this is not simply to follow the bandwagon, but the reality of persecution.

In recent years, there have been warnings from security experts that if the virus and spam are allowed to rise sharply and not take the initiative to curb these disadvantages, the internet will one day be overwhelmed. This is really not alarmist. Since the beginning of the "Web Threat" in 2005, the Web threat has grown by 1564% in just two years, with more than 11 million global viruses.

The virus is growing at a geometric level, the technical model we use is that the user must upgrade the virus signature database on a regular basis and save it on their own computer, and in 2005, only about 50 signatures were added to the database, and in 2008 the number increased to 5,000.

For our users, the most direct feeling is that the calculation does not load too many things, running faster and slower, slow to let you crash. One reason for this is that the exponential growth of the signatures is consuming your computer and your network's memory. Of course, it also includes those virus programs that are not yet in attack.

Therefore, the first and most immediate benefit of cloud security is the maximum possible release of the storage space of a client network terminal. According to trends in technology and technical personnel, their "cloud security" is as much as possible to reduce the number of client-side signature files, and the vast majority of signature files to the Internet Cloud database. To this end, the trend of technology cloud security has been established around the world 5 large data centers, the layout of 34000 online servers. On average, 5.5 billion clicks a day to collect and analyze 250 million samples per day, the database can reach 99% of the first hit rate.

The more important meaning of "cloud security" is that it subverts the traditional mode of virus prevention. Over the years, anti-virus software has been criticized as "expired medicine", antivirus manufacturers are always following the virus, even if you are the fastest speed to intercept the virus, the loss is still unavoidable.

Traditional code comparison techniques are usually used: in a known virus sample, extract the signature code, open the detected file, search in the file, check whether the file contains virus signature code in the database. If the virus signature code is found, because the characteristic code corresponds to virus one by one, then determine what virus is in the file being searched. This means that users poisoned and feedback after the antivirus enterprise can decode the protection.

"Cloud security" basically overturns this pattern by intercepting web threats, e-mail threats, and file threats before they reach the end user or corporate network. For example, by introducing "detection" of the fast real-time security status in the cloud, reducing the dependence on downloading traditional signature files on the endpoint, and using multi-layer and flexible adaptive technology of multiple components to guard against the "cloud".

It is understood that trend technology has now achieved the threat of web threats, e-mail threats, the defense of the file threat will be implemented in 2009. The corresponding technology products include: Gateway security equipment IWSA, client products OfficeScan, SME products worry Free5.0 and personal consumer Products network security experts (TIS).

This shows that "cloud security" looks very beautiful, but the threshold is not low. First, security companies need to have enough money to set up data centers, thousands of of thousands of servers are just "drizzle", the entry line is at least 3, 50,000 units. Second, the security companies should have sufficient technical strength, the use of cloud computing technology framework, software programming methods will be different.

Therefore, the author reminds us, when someone provides "cloud security" solution, must be judged clearly, otherwise will be "cottage version" of "cloud security" blindfolded, after all, the choice of security options is different from the mobile phone to choose as simple.