Is the threshold for Web attacks lower?
Web application vulnerabilities and attacks faster?
At present, webpage tampering, information theft, illegal intrusion and denial of service are the most important and serious security threats to government and enterprise websites, as well as important prevention objects to ensure the safe and normal operation of websites. For website asset security, Inspur Cloud provides continuous security solutions to prevent malicious attacks and escort network security.
Inspur cloud website security overall design
According to the main security threats faced by the website, Inspur cloud builds a website security protection system from three aspects of security protection, security monitoring and security response to provide users with all-round security guarantee.
1. Build the website security protection mechanism. The platform side security protection system can provide the network layer border security protection capability, and deploy local Web protection or cloud Web protection and webpage tamper-proof system to enhance the website security protection capability.
2. Establish a website security monitoring mechanism, monitor the availability and health of the website in real time through the website real-time monitoring service, and inform the management personnel in time once the website service interruption or page tampering occurs. In addition, regular website security penetration test, timely discovery of security vulnerabilities and reinforcement.
3. Build a security incident response system, establish a professional emergency response support team through internal and external combination, standardize the process and method of security incident processing, and respond to all kinds of security incidents in a timely and effective manner.
Network security protection capability
Users build the website security depth protection system according to the three links of security protection, security monitoring and security response. Through the depth protection system, the security defense capability of website assets on the cloud can be greatly improved, and the security capability covering monitoring and warning in advance, blocking defense in the event, and traceability attribution can be achieved.
I. Safety protection mechanism
** Heavy traffic DDOS Attack Defense: * * in order to defense the DDOS attacks from the Internet, through the DNS drainage network traffic to have a lot of bandwidth resource protection nodes, then in the node of the traffic safety inspection, abnormal flow cleaning, block attacks, found that the application layer attack and reptiles, etc., finally will flow back to the source site cleaning, to complete the normal access to the process, Reduce the risk of abnormal services caused by DDOS attacks.
** Real-time protection of cloud Web sites: ** Also performs in-depth detection of Web access traffic by using DNS traffic diversion to clean and filter out attack traffic during Web access, reducing the risks of information leakage, malicious Web page tampering, and further attacks on other service systems caused by SQL injection, cross-site, horse mounting, and tampering.
** Local Web Attack Defense: * * by professional analysis engine “event” and “engine” of algorithm analysis of all kinds of requests from the Web application client content testing and validation, to respond effectively to the deformation and SQL injection and cross-site scripting attacks, real-time detection page tampering, provide hang a horse active diagnosis, provide fine-grained application layer DDoS attack protection function, To ensure its security and legitimacy, the illegal request to block in real time, so as to effectively protect all kinds of websites, reduce the impact of attacks, to ensure the continuity and availability of business systems.
** Page tamper-proof protection: ** Webpage tamper-proof service monitors the properties of protected objects (static pages, dynamic scripts and folders) in real time, blocks illegal tampering operations immediately once changes are found, prevents webpage files from being modified, and informs the management client in real time. In addition, when the site is subjected to extreme attacks and file tampering, it will automatically recover effective files from the trusted end, completely ensuring that the web content will not be tampered with.
Second, safety monitoring mechanism
** Real-time monitoring of website security: * * cloud-based Web security monitoring service of website usability through 7 * 24 hours monitoring, content detection, hang a horse monitoring, sensitive words, dark chain, vulnerability monitoring, site as soon as possible after service interruptions, abnormal, DNS hijacking, page response time from unauthorized tampering, and so on and so forth in a timely manner via text message or E-mail way inform site management personnel for processing.
** Regular penetration test: ** Professional penetration engineers conduct security penetration test on the application and host levels of the website system, find the loopholes in the host and application levels of the website system, and provide protection suggestions, so as to fundamentally improve the security protection ability of the website.
Security response mechanism
** Tamper recovery: ** through the webpage tamper-proof recovery mechanism, once the website is detected to be illegally tampered, it immediately provides the website backup collection to restore the normal page of the website, and sends an alarm to the website management personnel so as to discover the attack source and attack path in time and respond.
Safety incident emergency response: * * * * to provide users with real-time emergency response services, in the event of a security incident emergency response personnel will respond in the first time, help the user to complete the following work: events range damage control, forensics, process the source of traceability, internal and external attack vulnerability analysis, etc., and provide relevant documents detailed document analysis process and results.
Network security protection package
Basic safety protection
Standard safety protection
Advanced security Protection
Cloud WAF- Basic Edition
Webpage tamper proof
Web security monitoring
Cloud WAF- Standard Edition
Web Site Real-time protection – Standard edition
DDOS Advanced Defense – Standard edition
Webpage tamper proof
Web security monitoring
Penetration test (2 times a year)
Cloud WAF- Premium edition
Web Site Real-time protection – Advanced edition
DDOS Advanced Defense – Advanced edition
Webpage tamper proof
Web security monitoring
Penetration test (4 times a year)
Emergency response to security issues