تکنولوژی های مایکروسافتمجازی سازی و Cloud

ابزار ۵nine برای امنیت بستر مجازی Hyper-v

Posted omid.koushki

در این پست قصد دارم شما را با یک راهکار جدید در بحث مدیریت و امنیت زیرساختهای مجازی مبتنی بر Hyper-v آشنا نمایم. مجموعه محصولات ۵nine  جزء ابزارهای کاربردی و قوی در خصوص امنیت کلاود محسوب می شوند. یکی از مزایای این محصول امنیتی مراقبت از زیرساخت مجازی بدون درگیر کردن performance هایپروایزور می باشد و همچنین سطح محافظت از این لایه را با بکار گیری آنتی ویروس agentless و همچنین IDS بالا می برد.

اگر بخواهیم کاربردهای اصلی ۵nine Cloud Security را نام ببریم می توانیم به موارد زیر اشاره کنیم :

  • Support for multi-user architecture, access control is role-based segmentation and isolation of VM using extension switch Hyper-V Extensible Switch. Binding the user to a few isolated groups of VMs (organization).
  • Protection from viruses, malware and intrusions in agentless mode.
  • Special incremental scanning technology tracks changes to files and scan only the changed files in the scan is performed up to 70 times faster than traditional full scan.
  • Scan Management enables you to specify a threshold system parameters host to anti-virus scanning was carried out only if there is sufficient natural resources: CPU, memory, disk drives.
  • Support mechanism for network virtualization NVGRE virtual firewall, intrusion detection system.
  • Intrusion Detection System (IDS) monitors all traffic within the virtual switch Hyper-V, using the technology of Snort to check for abnormalities of packages that may be potential attacks.
  • Centralized management console or through the SC VMM Plugin.
  • Powerful virtual firewall mode Kernel Mode, which provides the most comprehensive traffic filtering for virtual environment in real time, which allows you to customize for each virtual machine individually:

    • Filtering by MAC-address
    • ARP rules
    • SPI (stateful packet inspection)
    • Analysis of network traffic anomalies
    • Management of incoming and outgoing bandwidth for each VM.
    • Filtering MAC- broadcast
    • All filter events with an expanded list of data are logged (UM logs contain only blocked events)
    • Configuring network filtering rules for each VM using the Windows Filtering
    • Setting limits on incoming / outgoing traffic parameters and bandwidth utilization of each VM.
  • For VMs that may be used as a Web server, 5nine offers Web Application Firewall to analyze traffic at a higher level OSI network model.
  • Integrated support for disaster recovery (replication of security settings, rules of the virtual firewall, anti-virus settings and schedules in real-time infrastructure, disaster recovery)
  • Export logs of the virtual firewall, anti-virus and IDS formats SYSLOG and SIEM SPLUNK
  • The ability to ensure the integrity check code included in the application components. For the control system is used digital signature and identification / fix versions of executable files.
  • Full compatibility with Windows Server 2012 / 2012R2 with support for advanced filtering LWF.
  • Support for any guest operating system that is supported under Windows Hyper-V (different versions of Linux, FreeBSD and so on) – not just Windows.
  • Support for information security audit and compliance with Russian legislation and international standards for the protection of information and personal data such as PCI- DSS, HIPAA, Sarbanes-Oxley Act, 152-FZ "On personal data", the order number 17, number 21, and FSTEC others.
  • البته ابزارها و محصولات دیگری برای مدیریت بستر مجازی سازی هایپروی نیز ارائه شده است که میتوانید از سایت ۵nine.ru دانلود نمایید