|
Usage scenarios of cloud firewallBog'liq Research on firewall technology and its applicatio3.4. Usage scenarios of cloud firewall
Cloud firewall is a security product that supports network-
wide traffic identification and unified policy control, and can
filter out potentially malicious network traffic. It is a
collective name for Internet border firewall, VPC border
firewall, and host border firewall, providing users with three
kinds of border protection and traffic visualization for Internet,
virtual network, and host. The cloud firewall is hosted in the
cloud, and there are three main usage scenarios.
3.4.1. Internet service protection
It controls access traffic to and from the Internet and
intercepts attacks and threats from the Internet, including
mining, malicious traffic and hacking. For example, if a
financial user has other types of business exposed to the
Internet in addition to HTTP business, the user needs to use
an intrusion detection module (IPS) for protection.
3.4.2. Active outreach protection
The active outreach behavior of cloud assets is detected and
analyzed to help users understand network traffic dynamics in
real time and implement protection. For example, a
government department user, in addition to focusing on
defense from the Internet to the business, also focuses on
active outreach to the business to determine which hosts are
already at risk and to block these abnormal behaviors in real
time to avoid potential risks.
3.4.3. Micro-isolation Protection
Access traffic between ECS servers in the intranet is
controlled so that different businesses can be safely isolated.
For example, an e-commerce customer, although all HTTP
services are protected by a Web application firewall, expects
security isolation of different services to enhance the overall
network control and avoid security threats to the entire
business on the cloud due to the existence of security risks in
one ECS.
|
| |
