At the RSA conference in 2009, the security of cloud computing was the subject of anxiety and discussion among many manufacturers and academics, with a stark contrast between optimism in cloud computing and pessimism about cloud security. "Swamp Computing"-----RSA founder Ronald Rivest A word that profoundly reflects this sentiment. It should be said that the information security community has not yet been prepared to recognize, participate in and help cloud computing, even the basic framework for security protection under cloud computing. However, at the RSA convention in 2010, cloud Security became a well-deserved star. Whether it is RSA President Art Coviello's opening speech, or CA, Qualys and other manufacturers of the keynote speeches, all show the firm determination to escort cloud computing. Exhibitors of many manufacturers are blossoming, basically if you can not do something for cloud computing, you are embarrassed to greet others. Although there are many old bottled new wine gimmick, but there are many products and technology, in-depth study of cloud computing model, showing a lot of eye-catching highlights. I. Identity and permissions control most users lack confidence in cloud computing, first because of concerns about usage rights and administrative permissions in the cloud mode. In the virtual, complex environment, how to ensure that their applications, data is still clear and controllable, this is both the user's problem, but also the cloud service provider issues, and this is the information security sector to see more clearly. Therefore, the identity and rights control solution becomes the top of the RSA Convention. It is understood that RSA has brought a full range of certification management solutions, in addition to the traditional certification products, but also a special display for Web Access certification products, as well as solutions for virtualized environments, and strengthen the GRC (corporate governance, risk management and compliance review) support. In addition, End-to-end control, dual-factor authentication, for Applications and database certification and so on has emerged a lot of new products. From this conference, the certification control solution has been able to basically cover all business processes and most business directions, while simplifying authentication management and strengthening End-to-end trusted access will be one of the next stages of development. Second, web security Protection Cloud Computing mode, Web application is the most intuitive user experience window, but also the only application interface. In recent years, a variety of web attacks, it has a direct impact on the smooth development of cloud computing. At this conference, many manufacturers focus on web protection. Almost all the domestic and foreign network security enterprises, the development direction of the security gateway to the UTM and other integrated protection gateway, simple firewall (including the term firewall) has been basically seen. This should be the official declaration of a single function of the end of the firewall era, the comprehensive protection of the UTM era came. According to the survey, most exhibitors put forward the End-to-end solution, that is, the security gateway not only to solve the gateway level of protection, while taking into account the security of some terminals and end-to-end security audit. In addition, for the current several typicalCloud computing model, some manufacturers have taken a detailed application of security protection means, for different applications, to provide professional-level gateway security products. such as professional UTM manufacturers Fortinet released for mail, database, Web applications such as UTM products. Virtualization security Virtualization is one of the most important technical support for cloud computing and one of the hallmarks of cloud computing. The result of virtualization, then, is that many traditional security measures are invalidated. The computation of virtualization makes the interaction between application processes more elusive; Virtualized storage makes data isolation and removal difficult to measure; The virtualized network structure makes the traditional domain protection difficult to realize, and the virtualization service delivery mode makes the identification of user's identity, authority and Behavior, Control and auditing become extremely important. We have seen some useful attempts at this RSA Conference. Cisco proposes a borderless network architecture, by fusing terminal management, secure access and Web protection, the author tries to provide End-to-end protection control measures to solve the problem of failure of traditional hierarchical protection framework in cloud mode. EMC as the biggest beneficiary of virtualization, on all of his product lines, Have added support for virtualization, including authentication, data security, and more. In addition, many manufacturers also proposed for the virtual environment of data storage, DLP (data leakage) solutions to help users control their data. Iv. security Virtualization in order to adapt to the XaaS business model, in addition to applications, storage and other capabilities require virtualization, many manufacturers also strengthen their own security products virtualization capabilities to adapt to the characteristics of cloud computing. Virtual devices, virtual gateways and other technical means are widely used. such as: Domestic security manufacturers Lenovo Net brought Kingguard UTM-9202, the use of netlogic multi-core chips, providing more than 1024 virtual UTM, the largest can provide 20G of processing bandwidth, is a dedicated to large and medium-sized enterprises and IDC cost-effective products. Neoaccel SSL VPN products can be run directly in virtual environments such as VMware. V. Because of the cloud, so the security of this Conference, the most distinctive is that some enterprises alone gap diameter, with the help of cloud computing model and computing power, the development of a unique cloud security protection technology, using the cloud almost unlimited computing power and information nodes, to jointly contribute to the security of the cloud. such as the trend technology of cloud security anti-virus technology, Cisco's cloud firewall, Lenovo Network Royal Cloud Defense, are using the cloud in a wide range of information feedback nodes, the extensive tracking of security risks, and the protection of the ability to quickly distribute to the various protection nodes. Throughout this RSA conference, security vendors have made use of the existing technology, through the improvement, transformation, integration, integration, proposed for cloud computing, especially the user side of the security solution, basically set up a user to the service provider security application delivery channel. But for the builders and operators of the cloud, there are more ways to go. Especially for domesticPrivate cloud builders need special attention to data isolation and management issues, and so far have not seen a solution that complies with domestic security norms. However, cloud computing has been on the road, no matter what bumpy road, cloud security, we have been running online! "Responsible editor: May TEL: (010) 68476606" Original: Remember the biggest aspect of RSA conference: Cloud safe return to network security home
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.