The advantages and disadvantages of enterprise security services in cloud computing

Faced with the development of cloud technology in enterprise security services, many security vendors are trying to add their own security products to the cloud. But when you first launched security as a service product, you simply moved the centralized management console to the cloud. This is a good start, but it does not make the most of the cloud. Over the past few years, more and more companies have turned to SaaS to reduce costs. And one of them is security services, and it deserves our individual discussion. A growing number of traditional software security vendors are working to develop and improve their offerings based on services. These products typically include Web page protection, protection against mail threats, monitoring of network transmissions inside and outside, and evaluation of external sites for potential vulnerabilities. Although all vendors claim that their services can reduce costs, only a small percentage of their solutions are treated as a service. This is actually a kind of market transformation. Most of these programs are just software, and then add centralized management to them. These products are gradually maturing to take advantage of the cloud. For example, Panda security reduces the pressure on local processing by analyzing malicious software in the cloud. Many other vendors also use cloud-based architectures for deeper and faster analysis of malware. They can have more power than individual customer pages, and threat information from other clients helps them to interpret the threat more accurately. Pros and cons While more and more security features are embedded in these products, security as a service still has pros and cons to weigh. First, many scenarios need to load a software agent into a terminal. This is unavoidable, so we are looking for programs that automatically deploy and update software agents. Remote workers naturally use security services, but because they are not in the corporate network at all, they cannot be required to use internal security services. They also have access to the solution provider's data center. Look for security solutions that attempt to improve security processes rather than simply claiming to reduce TCO and accelerate ROI. You can implement basic protection for messages and Web pages in the cloud, because the data is transmitted over the Internet and we are maliciously cleaning it before it enters the corporate network. You can also apply some basic transport rules, such as blocking Dos attacks. But deploying firewalls in the cloud is of little use. Such devices require fast access to all network traffic and slow down the user's use of the network when transferring these traffic to the Security Service provider. Similarly, programs that are linked to internal resources, such as authentication and access control software, are more suitable for use in a fixed working environment. Negotiate more with SLAs when signing a security service. Learn what will happen if you track the Internet transmission data through your security Service provider, and which services will be compromised. Let the money spend value. Here's a summary of some of the most recently updated security services offerings: McAfee security saas--McAfee has introduced a large number of outsourced services, such as outsourcing mode to the terminal, mail, web and network protection. McAfee SaaS full protection is truly true. It essentially replaces McAfee's traditional online security software suite, which protects endpoints from mail and web threats. Panda Cloud Security-this service protects endpoints from mail and web threats. It is the third major improvement on the panda platform, and it means that it is more mature. Earlier, Panda realised that what he needed was a lightweight client agent that exchanged data only with a large time cloud architecture. This reduces the burden on the user system. The Panda collection type can only be analyzed by millions of malware files per day. Symantec Managed Services-Symantec launches managed endpoint protection (anti-malware, software firewalls, hips for Windows desktops, notebooks, and servers) and protects the security of mail, Web pages and instant Messaging via MessageLabs. Is it also interesting when a company has customized a variety of services that can be exposed to threats in a variety of ways to enhance the unified defense capability? Zscaler Cloud Services-unlike the above products, Zscaler is a new cloud security service. This scenario does not require hardware or software to be installed on the client, but can provide protection for Web pages and message security. Looking closely at its performance, the company has more than 40 data centers around the world and its products are built on a multiple-point architecture. The management GUI based on Web page has web.2.0 appearance and flexible control interface.