Compared with traditional data centers, cloud data centers face new vulnerabilities and new types of attacks due to resource sharing, VM migration, and random change of service applications made by tenants. At the same time, according to the requirements of " China's Internet Security Act" and " Network Security Classification Protection Ordinance”, all IDCs and cloud platforms need to pass the safety level protection three-level authentication to allow Internet access and external services. Therefore, the cloud platform needs to meet the following requirements:
1. Meet the requirements of the safety-level protection regulations and provides tenants with the same level of security service capabilities.
2. Support the security devices to be mounted beside gateways, support functions such as internal and external firewalls, load balancing, flow cleaning, VPN, WAF, and IPS, and support one virtualized device to generate multiple devices.
3. Deploy the fort machines in the operation and maintenance management area, including systems such as log audit, database audit, security management, and vulnerability scanning.
For the security issues in the cloud computing environment, ZTE provides complete security solutions from infrastructure, network, management, virtualization and data, including key technologies such as operating system hardening, trusted booting based on TPM (Trusted Platform Module) to provide tenants with comprehensive security assurance. At the same time, ZTE also provides data center border security protection and tenant security protection to effectively protect tenant information and improve system-level security. In addition, ZTE has established a professional cloud data center security service team and built a complete security service guarantee system to protect tenants' secure use of cloud data centers.