Security information and event monitoring (SIEM) and log management methods for networks and security devices have no practical significance in cloud computing.
After spending a lot of money and a large amount of human resources deploying comprehensive security information and event monitoring (SIEM) tools and technologies, many companies find that these valuable investments have lost value in cloud computing deployment. Public cloud computing plans, to a certain extent, even including virtualized deployments, add security black holes to enterprise security monitoring frameworks. No "light" can illuminate these blind spots.
In order to ensure security standards within an increasingly distributed virtualized and outsourced IT infrastructure, companies will have to conduct business events if they want to know the events affecting their infrastructure and the impact on users and data flows within the boundaries of traditional enterprise networks. Adjustment.
"Virtualization and cloud computing have broken the current model," said Mike Rothman, an analyst at Securosis. "You can't see the infrastructure in the cloud, so there are existing security and event monitoring/logging for network and security devices." Management actually has no practical meaning.â€
This issue is amplified on the public cloud stage because companies in the public cloud environment dynamically share infrastructure with other organizations and cannot control or even see how the data is put together and how it flows.
"Most security information and event monitoring products have no difficulty in providing complete visibility into virtual and private clouds (in a private cloud environment, you can control both physical and virtual environments simultaneously.) When system access and control are limited, Transparency must also be limited,†said Michael Maloof, chief technology officer at TriGeo Internet Security. “Although cloud-based applications have benefits for productivity and data, they cannot provide and provide in more traditional environments. The same level of monitoring is monitored for events. For example, a cloud computing application that connects to Active Directory can provide you with access control data."
But even when the virtual environment is actually controlled within the enterprise's infrastructure, it is still necessary to track all activities that occur at different virtual layers to meet compliance requirements.
"I think you can make assumptions, assuming all the information inside the environment is safe, but in that case, you may see a fake virtual environment," said Bill Roth, chief marketing officer of LogLogic. He warned that the first step in maintaining monitoring of virtual environments is to ensure that only absolutely necessary virtual machines are involved. "Things are easy to accumulate, storage and processing are also very cheap, and there is a risk that the virtual machine may be in disorder." The company must be very cautious about this," he said.
Whether in a public cloud environment or a private cloud environment, companies need to realize that applications are best adjusted to output monitoring information, said Rothman of Securosis.
"We need to start adjusting the application to provide monitoring information and provide some transparency," he said. "In fact, most application staff do not do a good job in establishing the transparency of the application. But they need it." Do, considering that companies really want to run some or all of their applications in a cloud-type environment for flexibility."
The most important thing in a cloud computing environment is the collection of key logs that provide better advice on how the infrastructure that affects corporate data actually works.
"If you decide to go into a cloud environment, you need logs to help you understand the operating state of your system, so you know your current performance situation," Roth said, "requiring log and transparency if the cloud service provider can't provide both This will be a fatal weakness. It cannot be because 'cloud' means embarrassment, and the actual situation is the same. We need transparency."
Maloof agrees with this view and explains that companies will not be able to shirk responsibility for data leakage incidents to their cloud service providers, so they need to remain vigilant about potential problems.
"In fact, although you can now "cloud" many applications, this does not eliminate the responsibilities associated with data loss and the need to provide comprehensive monitoring policies for regulatory compliance," said Maloof.
“This should not stop at log issues. Enterprises also need to work with cloud service providers to better plan the blueprint for user activities and data access trends (cloud services-based information pool), starting with improved cloud access control ."
"Identity and access management systems are a key part of this challenge and are closely linked with clear policies and application-level policy enforcement," Maloof said. "Although data and applications exist outside the traditional network boundaries, identity and access control systems will Become a bridge between physical and virtual systems."
However, the success of these transparency-enhancing efforts really depends on the participation of cloud service providers. According to LogLogic’s Roth (he is also an active participant in the Cloud Security Alliance), the user name is still very difficult to convince large cloud service providers to improve their transparency. He believes that the user name needs to continuously apply this pressure to the supplier. In addition, joining relevant organizations (such as the Cloud Security Alliance) will help the industry develop security monitoring standards within the cloud environment.
“We are currently working hard to resolve several issues that we think are very important,†said Roth of the Cloud Security Alliance. Cloud Security Liang Meng is expected to release a draft on security monitoring in November this year, “I think these events will promote the cloud. Safe development."
After spending a lot of money and a large amount of human resources deploying comprehensive security information and event monitoring (SIEM) tools and technologies, many companies find that these valuable investments have lost value in cloud computing deployment. Public cloud computing plans, to a certain extent, even including virtualized deployments, add security black holes to enterprise security monitoring frameworks. No "light" can illuminate these blind spots.
In order to ensure security standards within an increasingly distributed virtualized and outsourced IT infrastructure, companies will have to conduct business events if they want to know the events affecting their infrastructure and the impact on users and data flows within the boundaries of traditional enterprise networks. Adjustment.
"Virtualization and cloud computing have broken the current model," said Mike Rothman, an analyst at Securosis. "You can't see the infrastructure in the cloud, so there are existing security and event monitoring/logging for network and security devices." Management actually has no practical meaning.â€
This issue is amplified on the public cloud stage because companies in the public cloud environment dynamically share infrastructure with other organizations and cannot control or even see how the data is put together and how it flows.
"Most security information and event monitoring products have no difficulty in providing complete visibility into virtual and private clouds (in a private cloud environment, you can control both physical and virtual environments simultaneously.) When system access and control are limited, Transparency must also be limited,†said Michael Maloof, chief technology officer at TriGeo Internet Security. “Although cloud-based applications have benefits for productivity and data, they cannot provide and provide in more traditional environments. The same level of monitoring is monitored for events. For example, a cloud computing application that connects to Active Directory can provide you with access control data."
But even when the virtual environment is actually controlled within the enterprise's infrastructure, it is still necessary to track all activities that occur at different virtual layers to meet compliance requirements.
"I think you can make assumptions, assuming all the information inside the environment is safe, but in that case, you may see a fake virtual environment," said Bill Roth, chief marketing officer of LogLogic. He warned that the first step in maintaining monitoring of virtual environments is to ensure that only absolutely necessary virtual machines are involved. "Things are easy to accumulate, storage and processing are also very cheap, and there is a risk that the virtual machine may be in disorder." The company must be very cautious about this," he said.
Whether in a public cloud environment or a private cloud environment, companies need to realize that applications are best adjusted to output monitoring information, said Rothman of Securosis.
"We need to start adjusting the application to provide monitoring information and provide some transparency," he said. "In fact, most application staff do not do a good job in establishing the transparency of the application. But they need it." Do, considering that companies really want to run some or all of their applications in a cloud-type environment for flexibility."
The most important thing in a cloud computing environment is the collection of key logs that provide better advice on how the infrastructure that affects corporate data actually works.
"If you decide to go into a cloud environment, you need logs to help you understand the operating state of your system, so you know your current performance situation," Roth said, "requiring log and transparency if the cloud service provider can't provide both This will be a fatal weakness. It cannot be because 'cloud' means embarrassment, and the actual situation is the same. We need transparency."
Maloof agrees with this view and explains that companies will not be able to shirk responsibility for data leakage incidents to their cloud service providers, so they need to remain vigilant about potential problems.
"In fact, although you can now "cloud" many applications, this does not eliminate the responsibilities associated with data loss and the need to provide comprehensive monitoring policies for regulatory compliance," said Maloof.
“This should not stop at log issues. Enterprises also need to work with cloud service providers to better plan the blueprint for user activities and data access trends (cloud services-based information pool), starting with improved cloud access control ."
"Identity and access management systems are a key part of this challenge and are closely linked with clear policies and application-level policy enforcement," Maloof said. "Although data and applications exist outside the traditional network boundaries, identity and access control systems will Become a bridge between physical and virtual systems."
However, the success of these transparency-enhancing efforts really depends on the participation of cloud service providers. According to LogLogic’s Roth (he is also an active participant in the Cloud Security Alliance), the user name is still very difficult to convince large cloud service providers to improve their transparency. He believes that the user name needs to continuously apply this pressure to the supplier. In addition, joining relevant organizations (such as the Cloud Security Alliance) will help the industry develop security monitoring standards within the cloud environment.
“We are currently working hard to resolve several issues that we think are very important,†said Roth of the Cloud Security Alliance. Cloud Security Liang Meng is expected to release a draft on security monitoring in November this year, “I think these events will promote the cloud. Safe development."
Foyer Light is a type of lighting fixture used for decorating and illuminating entrance halls. It is typically installed on the ceiling and can be in the form of a chandelier, Semi-flush Mount, Wall Sconce, or ceiling fan light. The design of Foyer Light is often elaborate, and can be made of materials such as crystal, glass, metal, and can feature intricate patterns and decorations. It not only provides ample lighting, but also adds a touch of elegance and sophistication to the entrance hall.
The specific choice of Foyer Light also depends on the type of decoration effect suitable for various lamps and lanterns. However, it is generally necessary to meet the effect of the atmosphere and grade, and the current modern and simple Foyer Light is more popular, and the Lighting Fixture material is generally made of metal, stainless steel or acrylic. The installation method can be installed by ceiling or hanging wire, and the selection of lamps and lanterns should also be comprehensively considered from the later maintenance and management methods.
Foyer Light,Home Decorative Lighting Fixture,Modern Foyer Light,Indoor Lighting Fixture
Zhengdong Lighting Co., Ltd. , https://www.sundintlighting.com