Migrate to the cloud safely? See how Neusoft Cloud Start (NCSS) does it

Today, the development of cloud computing has reached the stage of "clouds falling into rain". With the continuous improvement of virtualization and cloud computing technologies, the question facing enterprises today is no longer "whether to go to the cloud", but "which cloud to go to?" In this process, new security issues faced after going to the cloud have also become the primary issue restricting the development of cloud computing and the migration of enterprise users to the cloud.

In the field of network security, there is a "veteran" security vendor that has been deeply involved in the security field for more than 20 years since its establishment in 1996. In the field of cloud security, Neusoft Security is also one of the vendors that started earlier. At a time when cloud migration has become an unstoppable trend for enterprises, Neusoft NetEye has also launched a security protection product for cloud platforms - Neusoft "Cloud Start" NCSS (NetEye Cloud Sceurity System).

Looking at the current cloud security status and defense situation, it is not optimistic. According to the latest global cloud intelligence report from Cisco: the proportion of internal traffic in data centers, that is, east-west traffic, is continuing to increase, and will account for more than 85% by 2020. At the same time, in cloud environments, malicious attacks such as DDoS and vulnerability-based network attacks still occur frequently. The traditional cloud platform boundary security solution protection model does not provide threat detection and isolation mechanisms for east-west traffic within the cloud, making the cloud platform a security blind spot. This year in my country, with the promulgation and implementation of the "Cybersecurity Law" and the clear security requirements for cloud computing security in the Security Protection 2.0 that "the ability to monitor and identify traffic between virtual machines" has been put forward, enterprises are facing a series of new challenges for security protection in the cloud.

In this context, how does Neusoft's "CloudQi" respond to a series of challenges in cloud security?

[[216769]]

Cui Jin, Cloud Security Product Manager, Network Security Division, Neusoft Group

At the Neusoft NetEye "Cloud Start" (NCSS) product launch conference, Cui Jin, cloud security product manager of Neusoft Group's Network Security Division, gave us a detailed introduction to the features of Neusoft "Cloud Start".

It is understood that Neusoft's "Cloud Start" adopts a model that separates the management plane from the business plane, and consists of two parts: vSMC and vSPM. The vSMC virtual security management module is the management plane, responsible for internal visualization, security configuration management, and scheduling of the business plane. The vSPM virtual security protection module is the business plane, responsible for the specific execution of security functions and achieving security protection. Neusoft's "Cloud Start" provides users with a full range of internal security solutions for cloud computing environments through technologies such as traffic diversion, virtual machine isolation, and visualization.

Based on micro-isolation technology, Neusoft CloudStart provides close protection for each virtual machine. Through traffic diversion technology, Neusoft CloudStart can also divert the traffic of each virtual machine to the virtual security protection module (vSPM) for threat detection, thereby discovering and blocking security threats in east-west traffic. Cui Jin believes: "In the future, micro-segmentation technology will definitely become the standard configuration of cloud computing data centers. Based on the current characteristics of cloud security, micro-segmentation is a rigid demand for cloud security. Micro-segmentation achieves micro-isolation, which meets the security requirements of cloud computing. Micro-segmentation is an inevitable result and security means of the development of cloud security technology."

"People are instinctively afraid of invisible things," said Cui Jin. Therefore, it is particularly important to visualize the traffic and applications within the cloud platform, so as to detect and isolate virtual machines, audit and trace network attacks, etc. In Neusoft's "Cloud Start", the virtual security management module (vSMC) is used to collect and analyze data communications between virtual machines, including traffic between different ports. At the same time, Neusoft "Cloud Start" can also present new traffic within a specified time period in the cloud platform to users, helping users to grasp subtle changes within the cloud. With the help of deep visualization technology, Neusoft "Cloud Start" can identify the specific application types in the virtual machine traffic, and on this basis, provide traffic and application control functions, which can perform fine-grained permission control on business access between virtual machines to filter illegal access and protect business security.

Through the virtual security management module (vSMC), Neusoft's "CloudStart" has achieved centralized management, allowing users to achieve unified security deployment and management of the entire cloud platform through a single management interface, achieving one-point triggering and multi-point effectiveness.

In addition to visualization, defense against DoS/DDoS attacks and advanced intrusion prevention technology are also the main functional features of Neusoft "Cloud Start". It is understood that Neusoft "Cloud Start" can accurately identify and accurately prevent numerous DoS/DDoS attacks, and conduct effective detection and defense, realize intelligent prevention of attacks, and maximize the network security of users' network layer and application layer. The intrusion prevention module (IPS) is based on the Neusoft Event Description Language (NEL) engine with independent intellectual property rights and international patent technology, as well as more than 3,000 attack defense signatures, supporting the detection and defense of known and unknown network and application layer attacks.

In terms of deployment, Neusoft CloudStart is a pure software product with no hardware support requirements. During the deployment process, it is not necessary to deploy any proxy plug-ins or clients on the virtual machine system. It also supports virtual machine migration, access policies based on virtual machines, dynamic policy automatic migration, elastic expansion, etc., and has the characteristics of automatic adaptation. It also supports virtualization platforms such as VMware vSphere5.1/5.5/6.0.

Based on Neusoft NetEye's more than 20 years of security capabilities and history, the accumulation of security technology and industry experience has played a huge supporting role in the performance and function development of cloud security products. When talking about the characteristics of Neusoft's "Cloud Start", Cui Jin told reporters: "Our requirements for products are to meet customer usage scenarios and be flexible and secure. Neusoft's "Cloud Start" is a cloud security system based on micro-segmentation. It is a security system based on user usage scenarios, but we have integrated many other technical features and accept the unique customization of customer cloud environments. Relying on Neusoft Security's relatively strong technical accumulation and industry experience, we will take fewer detours in the development of cloud security solutions and have more technical quality assurance."

It is worth mentioning that each product release of Neusoft Security is slightly different from that of other manufacturers. As Lu Na, deputy general manager of Neusoft Network Security Division, said on the day of the press conference: "Neusoft Security's products are released only after they are put into practice. This is the style of Neusoft Security."

As a low-key and pragmatic security vendor, Neusoft's "CloudQi" was officially released after a large amount of technical accumulation and excellent practical cases. It is reported that Neusoft's "CloudQi" was launched in the market in the second half of 2016, and has been applied in many industries and has been recognized. "Neusoft'CloudQi' has also undergone many new functions and performance enhancements during its launch. In the first half of this year, the "CloudQi" system run by various users has been relatively stable and the feedback is also good. I believe that with the continuous improvement of our products, we will be able to help protect the cloud computing systems of more industries." Cui Jin said.

It is foreseeable that cloud security will be a huge market in the future, and the game in this market requires products and technical strength that truly meet user needs and satisfy cloud security protection. As the country pays more and more attention to cloud security, enterprises' demand for cloud security will also enter a new stage. But for security vendors, the pace will not stop there.

Therefore, at the end of the press conference, when talking about his views on the future cloud security market, Cui Jin further said: "For enterprises, if they meet all the requirements of the regulations, they will be relatively safe, but the actual demand in the market will be more than the regulations. Security vendors cannot only help users to comply with regulations, but also help users to meet their actual usage needs. In the future, our security products and security services will target actual needs and implement product update and upgrade strategies based on national standards."