در این پست قصد دارم شما را با یک راهکار جدید در بحث مدیریت و امنیت زیرساختهای مجازی مبتنی بر Hyper-v آشنا نمایم. مجموعه محصولات ۵nine جزء ابزارهای کاربردی و قوی در خصوص امنیت کلاود محسوب می شوند. یکی از مزایای این محصول امنیتی مراقبت از زیرساخت مجازی بدون درگیر کردن performance هایپروایزور می باشد و همچنین سطح محافظت از این لایه را با بکار گیری آنتی ویروس agentless و همچنین IDS بالا می برد.
اگر بخواهیم کاربردهای اصلی ۵nine Cloud Security را نام ببریم می توانیم به موارد زیر اشاره کنیم :
- Support for multi-user architecture, access control is role-based segmentation and isolation of VM using extension switch Hyper-V Extensible Switch. Binding the user to a few isolated groups of VMs (organization).
- Protection from viruses, malware and intrusions in agentless mode.
- Special incremental scanning technology tracks changes to files and scan only the changed files in the scan is performed up to 70 times faster than traditional full scan.
- Scan Management enables you to specify a threshold system parameters host to anti-virus scanning was carried out only if there is sufficient natural resources: CPU, memory, disk drives.
- Support mechanism for network virtualization NVGRE virtual firewall, intrusion detection system.
- Intrusion Detection System (IDS) monitors all traffic within the virtual switch Hyper-V, using the technology of Snort to check for abnormalities of packages that may be potential attacks.
- Centralized management console or through the SC VMM Plugin.
-
Powerful virtual firewall mode Kernel Mode, which provides the most comprehensive traffic filtering for virtual environment in real time, which allows you to customize for each virtual machine individually:
- Filtering by MAC-address
- ARP rules
- SPI (stateful packet inspection)
- Analysis of network traffic anomalies
- Management of incoming and outgoing bandwidth for each VM.
- Filtering MAC- broadcast
- All filter events with an expanded list of data are logged (UM logs contain only blocked events)
- Configuring network filtering rules for each VM using the Windows Filtering
- Setting limits on incoming / outgoing traffic parameters and bandwidth utilization of each VM.
- For VMs that may be used as a Web server, 5nine offers Web Application Firewall to analyze traffic at a higher level OSI network model.
- Integrated support for disaster recovery (replication of security settings, rules of the virtual firewall, anti-virus settings and schedules in real-time infrastructure, disaster recovery)
- Export logs of the virtual firewall, anti-virus and IDS formats SYSLOG and SIEM SPLUNK
- The ability to ensure the integrity check code included in the application components. For the control system is used digital signature and identification / fix versions of executable files.
- Full compatibility with Windows Server 2012 / 2012R2 with support for advanced filtering LWF.
- Support for any guest operating system that is supported under Windows Hyper-V (different versions of Linux, FreeBSD and so on) – not just Windows.
- Support for information security audit and compliance with Russian legislation and international standards for the protection of information and personal data such as PCI- DSS, HIPAA, Sarbanes-Oxley Act, 152-FZ "On personal data", the order number 17, number 21, and FSTEC others.
- البته ابزارها و محصولات دیگری برای مدیریت بستر مجازی سازی هایپروی نیز ارائه شده است که میتوانید از سایت ۵nine.ru دانلود نمایید