Recently, Huawei Cloud held an annual security new product launch in Shenzhen, where six new security services and new features were unveiled, including the company's host security service hybrid cloud version, network application firewall exclusive version, private certificate management service, file digital watermark, situation awareness service, and security target experience platform. According to its own equal protection practice, Huawei Cloud Equal Protection 2.0 white paper was officially released, enabling enterprises to use simpler and more sophisticated security services, and secure and secure the cloud.
Chang Lin, vice director of ICT technology of BSI China, Li Shaopeng, founder of Suo Shi Consulting, Yang Song, CTO of Huawei Cloud Security, Li Jian, director of Huawei Cloud Security Solutions, and others attended the meeting and delivered speeches. The latest six products make enterprise cloud security easier, including:
Enterprise host security service hybrid cloud version
Many enterprises choose to deploy business on multi cloud platforms to enjoy the service advantages of different cloud businesses, while diversifying and reducing security risks. However, multi cloud has led to the parallel of multiple sets of security products, fragmentation of security management, and increased security operation costs. To achieve this goal, the hybrid cloud enterprise host security service provides three functions to help enterprises effectively manage massive multi cloud hosts:
1. Provide consistent host security management in a multi cloud environment, and improve security operation efficiency by more than three times;
2. Set Huawei's security baseline and APT's practical experience in attack and defense in advance to help enterprises deal with advanced threats;
3. Provide enterprise customized security policies, and the security experience accumulated by the enterprise can be imported into the product for continued use.
Exclusive version of web application firewall
Huawei Mall, a customer of Huawei Cloud Network Application Firewall, has proved that "we are very concerned about the security and reliability of our business. The only WAF IP access, precise policies and millisecond pass can well meet our business needs and successfully ensure the rush purchase of the P40 series. The exclusive version was launched after the test of Huawei Mall, which solved the protection requirements of large enterprises, large websites with large traffic and large concurrency:
First, monopolize protection resources, and enterprises can fully control security engine resources;
Second, there are abundant protection measures, which can prevent IP, domain name, VPN and private line traffic;
The third is to provide up to 10000 levels of customized policies, so that the enterprise's security accumulation can become rules that can be imported and used;
Fourth, intelligent automatic detection of CC attacks, intelligent generation of defense rules, improve the efficiency of CC defense.
Special certificate management service
Providing private digital certificate hosting capability, enterprises do not need to spend high costs to establish and maintain local digital certificate infrastructure. At the same time, it supports tenants to easily and quickly create and manage private certificates to identify and protect applications, services, devices, enterprises and other resources within the organization, and supports scenarios such as enterprise self use, Internet of Vehicles, IoT devices that use digital certificates to encrypt communications.
File digital watermark
The company's internal employees or third parties open enterprise data and files for users, which is prone to data leakage; At the same time, document copyright protection, piracy tracking and tracing are not allowed. Huawei Cloud provides a good solution for file digital watermarking:
It can inject visible watermark or unrecognizable dark watermark into data and files;
The industry supports database watermarking API for the first time to ensure that database data is traceable;
The watermarked data in the database will not lose the watermark information due to the change of the data.
Situation awareness service
The state awareness service has been upgraded. Previously, it only supported threat state awareness in the public cloud environment, and upgraded to the multi cloud unified security operation center HUB:
1. Realize safe asset management in all public clouds and customer networks, support the export of threatening data to customers' existing SIEM/SOC systems for unified storage and analysis, and centralized management of aggregated data on public clouds;
2 Make full use of the underlying analysis capability of Huawei's cloud platform and the preset AI model, preset the relevant analysis results as situational awareness, conduct asset inspection on the tenant's personalized asset environment, and propose disposal suggestions;
3. Each security service is associated with situational awareness. The security policy set in situational awareness can be sent to each security service at one time, thus improving the security operation efficiency.
Safety target experience platform
Due to the professionalism and complexity of security, it is imperative to reduce the threshold for learning and using security. The security experience platform is a simulation platform for researching, verifying and testing security technologies. Through practical operation, enterprises can learn and test whether specific safety skills are proficient and whether the safety system is perfect. Target area released:
1. Conduct operational drills on all security services of Huawei Cloud;
2. The operation of the security strategy can be simulated on the shooting range platform to verify the feasibility of the strategy in advance;
3. Play back famous security events, so that enterprises can experience the history of events from the perspective of God, and summarize the gains and losses.
