Monitoring static address obsolete cloud firewall Chigau

Source: Internet
Author: User
Keywords Security firewalls these
In the information industry, security is an embarrassing profession. Computing, network, storage and other vendors can proudly enumerate the recent advances in technological performance, and the security industry in the continuous development and investment, faced with more and more troublesome security issues.

Zombies become "Clouds"

If we want to further illustrate the deterioration of the situation, we can also try to ask the question, in addition to the ever-rising security incidents, whether it is more difficult or easier to become a hacker today or to launch a cyber attack than in the past. The answer is obviously the latter, as Facebook's information security chief, Maxkelly, said after a recent cyber-security incident: "Cyber attacks and crime are now becoming easier than ever before, and launching an attack is as easy as going to a supermarket." ”

Not just Facebook, but similar complaints are common in today's web sites. In July, the hot Twitter network was frequently disconnected, causing users to fail to log in; U.S. government websites were also hit by massive DDoS attacks, leading to prolonged paralysis, and attacks on various commercial websites were commonplace.

Why do more and more business competitors like to use this way to hit opponents? Jeffbarr, an Amazon strategy researcher, may be the answer: "For businesses that rely on network for business operations, such cyber attacks are like a sap on the road, and anything can happen in the time of fainting." And importantly, it's hard to find out who gave you this stick. ”

Cisco researcher and chief cyber security researcher Patrickpeterson in a recent security report that the network attacks that have been driven by commercial interests are climbing, and the low cost of crime, coupled with the drive of interest, makes botnets increasingly difficult to control.

Take the most recent time. The famous Conficker worm, the first computer worm to be discovered on November 20, 2008, with Microsoft's Windows operating system as its target, was reported by the New York Times earlier this year that it had infected at least 9 million computers, and antivirus software manufacturer F also claimed that the infection reached an astonishing 15 million units.

Until today, although the relevant patches have been around for a long time, with multiple variants, the Conficker worm still controls millions of systems under its clutches, creating the largest zombie cloud of its size so far. These botnets are leased to criminals of different purposes at very low prices, using these resources to implement network denial of service attacks or to spread spam and malware through the SaaS model.

But the anti-security technology, but has been slow to see revolutionary progress. The most common security protection products in enterprise applications--firewalls, although also after several generations of development, from software to hardware, from the single core to multi-core, but the basic principle of passive protection has not changed, which also makes it in the face of the changing zombie "cloud" threat, always helpless.

People can't help asking, where is the way out?

Next generation Firewall "cloud" to

"The way out of information security ultimately needs to be found in the cloud, and the so-called ' cloud ' is actually the Internet. "Guo's words are straight to the point, as a technical expert in Cisco Security Products Division, Guo clearly has a very deep understanding of the network and security," Today's security problems are troubling, the root of the network is the main characteristics, is moving from the transmission to the Intelligent cloud computing evolution, it is this change, Make new security threats more difficult to prevent. ”

Guo that the increasingly large Internet is gradually equipped with "intelligence" and "perception" characteristics, and these characteristics, is precisely today's information security products need to have, and only have these characteristics, a new generation of information security protection system, can really play a role.

"Many security products now face great challenges, such as ' Firewall uselessness ' has been put forward in foreign countries, and the voice of many agree." "Guo Talk," although such remarks are biased, but also not unreasonable, review the history of the firewall, from the checkpoint as the representative of the software firewall, the development of hardware firewall, ASIC firewall, and then to today's lively UTM, despite the performance and functions have been greatly improved, But most of its basic principle still is to detect static Address table. Obviously, for the ever-changing botnet, such firewalls, even if the performance is high, it is difficult to display, the future should belong to a new generation of firewalls-' cloud ' firewall ' (as shown in Figure 1).

So what is the nature of this firewall from the cloud? What's the difference from the traditional firewall product?

The most essential characteristic of "cloud" firewall is its dynamic and intelligent, and the way to realize it is to make full use of the "cloud" to carry on the real-time threat information sampling and sharing, and finally realize the active security service. Guo further explained, Cisco has the world's largest security threat monitoring network sensorbase, which is the ' cloud ' of a new generation of firewalls (shown in Figure 2). It can continue to collect threat update information. This updated information includes details of known threats on the internet, serial attackers, zombie network harvesters, malicious eruptions and black nets (darknets). By passing this information to the ' cloud ' firewall in real time, it is possible to filter out these attackers in time for malicious attackers such as botnets to have the opportunity to damage important assets. ”

The essence of cloud security

With the current explosion of Internet information, new data every day in TB computing, such a huge amount of web pages, video, mail, files, any commercial company can not put them all, in real time to mark the security level, and stored in the database for users to conduct security inquiries.

However, although the "cloud" firewall technology has a great improvement relative to the traditional firewalls, but the distance to establish a real modern information security protection system is still quite a distance. But, above all, we can see the key signposts for future security, which is the nature of cloud security.

The modern information system represented by cloud computing is becoming increasingly large and complex, for such a complex and changeable system, the founder of modern Fuzzy mathematics has a classic Chad principle: "In a sufficiently complex system, when a certain quantity is described more accurately, the meaning of the volume description becomes blurred." In other words, in a complex system, all the factors are constraining each other.

So the more specific the amount of the system is determined, the less accurate the description of the system is. This is the inherent contradiction of the system itself, which has nothing to do with the measurement method and theory. Just as a man cannot grasp his own hair and lift himself up, it is not the same as how hard he is and how strong he is.

Because of this contradiction, the focus of security protection in the cloud era is gradually away from the one-sided pursuit of performance or function in the past, but rather to focus on the wisdom perception and flexible response of the cloud based on the network.

Finally, the reporter wanted to borrow a metaphor from Cisco's chief security researcher, Patrickpeterson, after the Twitter attack, Patrickpeterson described the powerful power of botnets as "attacking mosquitoes with grenades".

Similarly, if you still insist on spending heavily on traditional security ideas to improve processing performance, just as you hope this mosquito will one day be strong enough to resist grenades, that would be a real one-way street.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.