Cloud firewall is a new concept, first by IT giant Cisco proposes, their practice is: the firewall to upgrade to a" cloud" of fire prevention, realize the dynamic, active safety.
Cisco thinks, cloud firewall means that the emergence of the fifth generation of firewall 's birth (the first four generations are: firewall software, hardware firewall firewall, ASIC, UTM ). Cloud firewall 4 features include: anti zombie network / Trojan, prevent network internal host infection; cloud detection - Global IPS linkage; cloud access - SSL VPN; cloud monitoring - the only supports Netflow firewall, realize the NOC and SOC combo.
Cloud firewall "brain" is SensorBase, SensorBase formerly known as SenderBase. In Cisco 's $830000000 purchase of IronPort, Cisco has been SenderBase, SenderBase is the world's largest mail traffic monitoring network, to provide a real-time view of global security threats and email" credit reporting service". Cisco will be renamed SensorBase SenderBase, and SensorBase joined botnets master database, enable sensitive monitoring zombie network dynamics. SensorBase also increases the dynamic strategy, if an Internet address a problem will be blocked.
Cisco Security experts said, SensorBase is the premise of cloud firewall. Cisco will strive to be updated every 15 minutes SensorBase information, and synchronized to the all cloud firewall. A variety of security information not only from the SensorBase to the cloud firewall, but also from the cloud firewall to SensorBase, cloud firewall in IPS can in the first time to attack synchronization to the SensorBase, SensorBase resynchronization to other cloud firewall.
Cloud security key to success is enough information collection and computation ability, which is the advantage of cisco. Cisco in the world has about 700000 sensors, almost all of the global Internet service provider for the Internet are Cisco sensor; has more than 500 third party security agencies to provide timely security Cisco Cisco monitor message; over 30% of the world's Email flow.
For the SensorBase, Chinese users may have such doubt: is a global SensorBase network, but the timely analysis of geographical characteristics of threat? In fact, the user need not worry about, because the SensorBase address pool 30% is the home address, this is quite high proportion.
Cloud firewall looks is a brand new product, but in fact the user get cloud firewall method is very simple, as long as the ASA firewall software upgrade to version 8.2 can, without changing the hardware. Produced by the SensorBase updated volume is very small, only 70K.
Why to activate the cloud firewall, original to the enterprise, buy the firewall is a border security idea and concept, but there is no thought carefully, some of this article.
Because the firewall is the default trust network, and suspected outside, thus protecting wall security strategy is the basic rule of wide out Yan Jin, this default rule is sometimes fatal.
No comments:
Post a Comment