Wangsu Security: To prevent the “barrel effect” in network security, how can enterprises build “systematic security”?

Recently, a technical exchange meeting on Wangsu Security's new products with the theme of "Digital Security Moving Forward" was held in Beijing. Wangsu Security is a sub-brand of Wangsu Technology. Based on the core concept of "systematic security", it has brought the latest technical achievements such as WAAP full-site protection system, SASE office security integrated system , and M SS comprehensive security service hosting system.

In recent years, the failure of traditional perimeter security has become a consensus in the industry. According to the 2023 Cyber ​​Threat Report released by SonicWall, malware, network intrusions, cryptojacking, and IoT malware have increased significantly throughout 2022. It can be said that in the absence of systematic defense measures, the trend of cyber attacks in various industries has become more serious.

The frequent occurrence of network security incidents is due to the fact that in the process of digital transformation, with the popularization of cloud and mobile network architecture, the traditional security boundaries have been broken, and the trend of application diversification and microservice architecture has also led to a sharp increase in the attack surface.

On the other hand, the security threats faced by enterprises are also more diverse. While technological advances benefit enterprises, they also provide weapons for criminals. In recent years, new attack methods have emerged in an endless stream, and the anchor points of attacks are also continuously increasing, from network layer, application layer, business layer to API attacks.

"Network security has a clear 'barrel effect'. If one weak link is breached, the entire system will collapse." Lu Shibiao, vice president and chief security officer of Wangsu Technology, said that network security needs to start from the overall situation and achieve the same high level of security in all modules through systematic core logic.

What is "systematic security"? Specifically, Wangsu Security's "systematic security" mainly includes the WAAP full-site protection system for Web security, the SASE office security integrated system for enterprise production and office security, and the M SS comprehensive security service hosting system for enterprise security construction.

WAAP full-site protection system: protecting Web security

WAAP ( Web Application and API protection ) refers to Web application protection and API protection . In 2021 , Gartner analysts Jeremy D'Hoinne and Adam Hils coined the term WAAP , which can be seen as an evolution and innovation of WAF ( Web Application Firewall ) , aiming to increase the attention of industry manufacturers and user companies to API security protection - API, as an important infrastructure for enterprise digital transformation, has gradually become the main target of attackers.

According to Gartner's forecast, by 2026, more than 40% of enterprises with C-end applications will rely on WAAP to mitigate zombie attacks, although the proportion will be less than 10% in 2022. Currently, the cloud web application and API protection market is growing rapidly.

Based on the WAAP concept, Wangsu Security adopts a cloud service approach, integrating four major capabilities: DDoS cloud cleaning, Bot management, API security, and Web attack protection, replacing the simple superposition of various security capabilities of Web security, and providing enterprises with an integrated protection solution covering Web infrastructure, applications, and services . It is worth mentioning that Wangsu WAAP is the first WAAP security protection solution in China to pass the security capability test of the China Academy of Information and Communications Technology (WAAP).

DDoS cloud cleaning is a protection algorithm independently developed by Wangsu Security based on its own resource advantages and combined with big data analysis. It can detect and clean various types of DDoS attacks in real time, and the platform's protection capability exceeds 15T / 1 billion QPS.

The distributed Bot management network is combined with the risk control decision-making brain, and adopts key technologies such as human-machine confrontation, device fingerprints, AI models, and threat intelligence to achieve hierarchical governance of business risks.

In terms of API security, Wangsu WAAP takes inventory of API assets and risks, and performs real-time and refined detection and protection of API traffic to ensure API data security and high availability of services.

For protection against WEB attacks, Wangsu WAAP can defend against various types of Web attacks and avoid malicious intrusions into websites. At the same time, because it is equipped with full-site isolation technology, it can effectively hide exposed surfaces such as website source code, JS , API , and development framework to ensure business data security.

According to Lv Shibiao, Wangsu WAAP can provide L3-L7 threat in-depth defense. The protection engine architecture is based on Wangsu resources, data, practical experience and AI-driven intelligent protection technology. In complex attack scenarios, through the linkage protection of general modules and scenario-based protection modules, it can effectively improve the efficiency of confrontation and protection capabilities. Compared with the superimposed security solution, Wangsu WAAP can reduce processing delay by 30%, increase response speed by 5 times, improve protection effect by more than 30%, greatly simplify operation complexity, and significantly improve operation efficiency .

Before the incident, the exposure of assets can be discovered in advance through one-click access and identification of web assets; during the incident, through DDoS / CC protection, Web attack protection, distributed Bot management, API security management and full-site isolation and other technologies, a closed loop of Web protection can be achieved under the unified management of full-site protection management; after the incident, Wangsu security operation experts can provide solutions such as business prevention strategy optimization and security reinforcement suggestions through aggregate analysis of data. In this way, Wangsu WAAP realizes the full life cycle protection of Web assets.

In the 2022 China public cloud anti-DDoS and cloud web application firewall market share rankings, Wangsu Security ranked among the top 5, and Wangsu WAAP is gaining recognition from more and more partners.

SASE office security integrated system: facilitating office and production network security

SASE stands for Secure Access Service Edge, or Secure Access Service Edge, is a security model proposed by Gartner in 2019. SASE combines comprehensive network-as-a-service capabilities with comprehensive network security capabilities.

With the development of cloud, big data, Internet of Things, edge computing and mobile office, most enterprises or organizations have more users, devices, applications, services and data outside the enterprise. Enterprises need to meet security, cloud, remote access and connection requirements at the same time. Gartner pointed out in the SASE market trend report that "customers' demand for simplicity, scalability, flexibility, low latency and universal security forces the WAN edge and network security markets to converge."

According to Gartner's description of SASE, SASE integrates SD - WAN networking, security and remote access into a unified cloud service, providing customers with combination and security control capabilities of existing distributed networks through a new converged cloud native architecture, including software-defined wide area network (SD - WAN), secure web gateway (SWG), cloud access security broker (CASB), network firewall (FW) and zero trust network access (ZTNA) .

At present, SASE has many typical application scenarios, including hybrid office, third-party access, mergers and acquisitions, network transformation, edge protection, etc. It supports end-to-end access security control to help enterprises of all sizes protect user, application and data security.

Wangsu Security SASE Platform is the first cloud-native integrated cloud service in China that provides highly integrated services with a globally distributed network architecture. Based on the SASE security architecture and zero-trust security concept, it integrates SD-WAN intelligent network, global edge computing nodes and security protection capabilities, and provides an integrated office security solution in the form of a unified management platform and a unified client. It can effectively reduce the risks of various attacks caused by blurred enterprise network security boundaries and improve IT efficiency.

In the offensive and defensive confrontation, Wangsu's SASE integrated office security solution has established an end-to-end zero-trust protection system based on the zero-trust concept of "identity-centric, never trust, continuous verification and dynamic authorization", and built a 5-layer trusted defense line covering "applications, terminals, identities, behaviors, and data" to achieve in-depth defense and ensure the security of enterprise networks and IT asset data.

In data security governance, the application of zero-trust SASE can provide closed-loop protection covering the data life cycle and solve the risk of data leakage in an integrated manner.

In the security networking, Wangsu's self-developed SD - WAN intelligent network, as one of the foundation capabilities of the zero-trust SASE platform, integrates technologies such as wide area network optimization, key business assurance, real-time monitoring in seconds, multi-level warning, and visualized intelligent centralized operation and maintenance. Wangsu's SD - WAN platform supports multiple access methods such as MSTP, S DH , MPLS, Internet, 4G /5G , etc. Deploying CPE on the client can bring user traffic to the platform nearby, and then a control system can complete the centralized management of planning, activation, monitoring, alarm, and management operations. In addition, the application of multiple technologies of the platform's POP nodes can also help enterprises achieve business isolation, data encryption and forwarding.

Wangsu SASE's powerful platform capabilities, full-scenario data security solutions, integrated zero-trust solutions, and high-level in-depth protection have helped Wangsu Security win market recognition and was selected as a benchmark manufacturer in the SASE field in Gartner's "2023 China ICT Technology Maturity Curve Report".

For many companies that are interested in or have already embarked on the SASE journey, the construction of SASE requires a comprehensive change in architecture, processes, and security awareness, so the transition to a complete SASE architecture takes time. Wangsu Security recommends that for companies that have already moved towards zero trust, to achieve the evolutionary goal of SASE, it is not necessary to repurchase all new technologies, but to combine and apply deployed technologies and various technology combinations to maximize the security benefits in the SASE framework.

M SS comprehensive security service hosting system: serving the entire process of enterprise security system construction

Wangsu Security divides the construction of the enterprise security system into four stages: compliance construction period, risk prevention and control period, data protection period and confrontation and countermeasure period.

During the compliance construction period, enterprises need to ensure that their IT infrastructure and online businesses meet regulatory compliance requirements. Wangsu Security can provide end-to-end compliance consulting services that integrate security protection, confidentiality assessment, and data security to help enterprises complete this basic work of security construction.

During the risk prevention and control period , the company provides security hosting services based on cloud-ground linkage to help companies quickly build rich risk perception capabilities and improve protection levels.

After entering the data protection period , enterprises need to improve their internal trust and risk control mechanisms through overall prevention and control. Wangsu Security provides security operation optimization solutions based on the PDCA cycle to help enterprises optimize their security systems.

During the confrontation and counterattack period , based on NetEase's self-developed security products and services, we build an active defense system for enterprises to achieve actual combat empowerment and traceability counterattack capabilities.

In addition, for scenarios such as multi-cloud heterogeneous and hybrid environments, Wangsu Security has equipped itself with an integrated cloud security management platform that spans public clouds, private clouds, and physical environments, providing security protection components from the boundary, host to database level, and integrating multi-dimensional management capabilities such as assets, vulnerabilities, attack surfaces, and logs to achieve visual unified security operations management.

How to use the double-edged sword of "digitalization" is an urgent issue that needs to be solved throughout the industry. Wangsu Security has been deeply involved in the field of network security for more than 13 years, and has accumulated more than 50 security capabilities. The platform protection scale exceeds 15Tbps, and in the long-term offensive and defensive combat, it has accumulated rich experience and massive threat intelligence data. In the future, Wangsu Security's integrated Web and infrastructure protection, integrated office and security, and integrated security services and security hosting will continue to evolve, helping enterprises to develop digitalization and maximize security value.