Cloud security has also emerged in the context of cloud computing and the high temperature of cloud storage. The core of cloud security is to go beyond the traditional approach of client blocking web threats to a global network that is aggregated by threat information.
A set of data is enough to illustrate the dilemma of traditional code versus technology: The Web threat grew by 1731% in the first quarter of this year compared with the first quarter of 2005, according to Av-test.org's latest tally of more than 11 million global malware TrendLabs. Loading a signature database into every client, allowing unlimited amounts of growth to consume resources? Traditional security technology is facing a new revolution.
Cloud security has also emerged in the context of cloud computing and the high temperature of cloud storage. Trend technology has demonstrated the next generation of content security protection solution based on cloud security technology architecture, through dynamic evaluation of the security level of the accessed information, before the malicious information invades the network, it can be blocked directly at the source to reach the protection value of 0 contact and 0 infection. "Cloud security is the next generation of security technology architecture, and even the inevitable way out for safe development," said Oscar, executive vice president of global development and greater China, trend technology. "So, what is the cloud security upside down?"
From antivirus to detoxification
Careful scrutiny of antivirus technology 20 years of development, you will find that the traditional code than the technology has been gone for many years is the detoxification route, that is, only when some users poisoned and feedback, antivirus enterprises can decode the protection. But after the web threat becomes the real main security risk, a large number of targeted covert attacks make it impossible to detoxify, at the same time, the proliferation of signatures greatly affect the client load.
The core of cloud security is to go beyond the traditional approach of client blocking web threats to a global network that is aggregated by threat information. In the cloud security architecture of trend technology, its global network employs a trend-tech cloud security technology that intercepts web threats before they reach the network or computer, and is really antivirus rather than toxic.
By saving most of the signature files to the Internet Cloud database and keeping them at a minimum on the client side, trend technology is able to intercept web threats, e-mail threats, and file threats before they reach the end user or corporate network, Oscar said. By introducing a fast real-time security status "detection" in the cloud, this reduces the reliance on downloading traditional signature files on endpoints while reducing the cost and overhead associated with deploying signatures across the company. As a result, traditional scanning security solutions will no longer be able to provide effective protection against malicious web threats, and now require flexible, multi-tier, and versatile technologies. Oscar stressed: "The same analytical work, the past needs a day of computing time, to switch to cloud security technology only a few seconds." ”
It is reported that the trend of technology has been the cloud security technology framework into the company's full range of products: Gateway security equipment IWSA, client products OfficeScan, SME products worry Free5.0 and personal consumer Products network security experts (TIS). In the current cloud-safe phase of trend technology, it has implemented a defense against web threats, e-mail threats, and the defense of file threats will be implemented in 2009.
Behind the Cloud security
The Internet Cloud database becomes a heavy medium. To this end, the trend of technology cloud security has been established around the world 5 large data centers, tens of thousands of of online servers. It is reported that the cloud security can support an average of 5.5 billion clicks a day to query, collect analysis of 250 million samples a day, the database first hit rate can reach 99%. With the help of cloud security, trend technology now blocks up to 10 million infections a day.
But a mixed web page, annoying page-hanging code, is an unimaginable workload for a cloud-safe data center. Look at this group of statistics, a medium-sized site has up to millions of pages, and the originator of the global Internet search Google hundreds of thousands of servers in the data center currently can only search 10% of the Web page. This means that if cloud security is to be more efficient for Web page security interception, Web pages will be sampled much more quickly. Oscar said that search and security are very different: cloud-safe web sampling is really deeper, but it does not need to search the web for more complex content, but only to determine whether it is safe, and secondly, search theory to face all the sites, Cloud-Safe sampling sites are targeted to users ' needs and to the characteristics of web threats.
In addition, the bandwidth between the client and the cloud database is also the user's question point. Oscar that cloud security application bandwidth is less than traditional features, because the traditional way users need to update the download more than a few signatures may never be used. On the other hand, the high threshold of cloud security is also challenging the capabilities of the security enterprise itself. Because the use of cloud database and cloud computing, security programs are greatly different programming methods, and the establishment of cloud database also requires security enterprises have a certain scale and financial strength. Perhaps the future of cloud security will bring security companies another round of shuffle.
Trend Technology Cloud security technology architecture
Trend Technology Cloud security 6 big killer
Web Reputation Services track the credibility of a Web site by specifying a credit score based on factors such as Web pages, historical location changes, and suspicious activity signs found in the malware behavior analysis.
The e-mail reputation service checks the IP address against the reputable database of known spam sources and validates the IP address with dynamic services that can evaluate the reputation of the sender of an e-mail message in real time.
The File reputation service can check the reputation of each file located at the endpoint, server, or gateway.
Behavioral correlation analysis technology combines threat activities to determine whether they are malicious and constantly updating their threat database.
The automatic feedback mechanism achieves uninterrupted communication between trend technology products and the company's All-weather Threat Research center and technology by means of bidirectional update flow. There is no delay in the collection of communications based on the credibility of the source, rather than on the specific content of the communication.
Threat information summary from the United States, the Philippines, Japan, France, Germany and China and other research researchers will complement the trend of technology feedback and submission content.