是在不(bu)斷變化的(de)(de)(de)(de)，尤其(qi)現(xian)在應用(yong)(yong)需求多(duo)種多(duo)樣，數(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)(zhong)心(xin)需要不(bu)斷地去(qu)變化，才能(neng)適(shi)應這些應用(yong)(yong)，和傳統的(de)(de)(de)(de)數(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)(zhong)心(xin)不(bu)同，現(xian)在數(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)(zhong)心(xin)里應用(yong)(yong)最(zui)普及的(de)(de)(de)(de)就是虛擬(ni)(ni)(ni)化技術，數(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)(zhong)心(xin)虛擬(ni)(ni)(ni)化后，安(an)全(quan)(quan)(quan)問題就已(yi)突(tu)顯出來。原來數(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)(zhong)心(xin)每(mei)個物理環(huan)境相對獨(du)立，安(an)全(quan)(quan)(quan)產品(pin)保護服務(wu)器(qi)和應用(yong)(yong)，安(an)全(quan)(quan)(quan)防(fang)御(yu)還(huan)可控(kong)，但虛擬(ni)(ni)(ni)化來了(le)后，所有虛擬(ni)(ni)(ni)機(ji)都共(gong)享(xiang)資源，虛擬(ni)(ni)(ni)機(ji)和應用(yong)(yong)程序隨時(shi)可能(neng)移動(dong)或(huo)變更(geng)(geng)，這給安(an)全(quan)(quan)(quan)防(fang)御(yu)帶來極(ji)(ji)大困難，很多(duo)人對數(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)(zhong)心(xin)的(de)(de)(de)(de)安(an)全(quan)(quan)(quan)能(neng)力表(biao)示懷疑，尤其(qi)相比以往，數(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)(zhong)心(xin)類似發(fa)(fa)生數(shu)(shu)據(ju)(ju)(ju)泄漏的(de)(de)(de)(de)事件明顯要更(geng)(geng)多(duo)，如何挽回人們(men)的(de)(de)(de)(de)信任將(jiang)關系到數(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)(zhong)心(xin)的(de)(de)(de)(de)未(wei)來發(fa)(fa)展前(qian)途，哪個數(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)(zhong)心(xin)在安(an)全(quan)(quan)(quan)方面做得(de)(de)好(hao)，將(jiang)獲(huo)得(de)(de)人們(men)的(de)(de)(de)(de)青睞。既然數(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)(zhong)心(xin)安(an)全(quan)(quan)(quan)極(ji)(ji)為重(zhong)要，新時(shi)期(qi)下，如何更(geng)(geng)好(hao)地做好(hao)數(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)(zhong)心(xin)安(an)全(quan)(quan)(quan)防(fang)御(yu)呢。 

云平臺安全

云(yun)平(ping)(ping)臺(tai)(tai)(tai)是數(shu)據(ju)(ju)(ju)(ju)(ju)中(zhong)心(xin)(xin)的(de)(de)(de)控制(zhi)中(zhong)心(xin)(xin)，是數(shu)據(ju)(ju)(ju)(ju)(ju)中(zhong)心(xin)(xin)進行(xing)(xing)業務部(bu)署、故障診斷(duan)、運行(xing)(xing)監控的(de)(de)(de)重要(yao)平(ping)(ping)臺(tai)(tai)(tai)。云(yun)平(ping)(ping)臺(tai)(tai)(tai)出現安(an)全問題，往往引(yin)發(fa)整個(ge)數(shu)據(ju)(ju)(ju)(ju)(ju)中(zhong)心(xin)(xin)的(de)(de)(de)運行(xing)(xing)，甚至(zhi)癱瘓，做好云(yun)平(ping)(ping)臺(tai)(tai)(tai)的(de)(de)(de)安(an)全工作至(zhi)關(guan)重要(yao)。由于云(yun)平(ping)(ping)臺(tai)(tai)(tai)是計算技(ji)術的(de)(de)(de)一種(zhong)(zhong)外在(zai)形式，它可能(neng)不(bu)會(hui)像數(shu)據(ju)(ju)(ju)(ju)(ju)中(zhong)心(xin)(xin)那(nei)(nei)樣安(an)全或需要(yao)更多的(de)(de)(de)工作來確(que)保安(an)全。很多時(shi)(shi)候，數(shu)據(ju)(ju)(ju)(ju)(ju)中(zhong)心(xin)(xin)云(yun)平(ping)(ping)臺(tai)(tai)(tai)是把數(shu)據(ju)(ju)(ju)(ju)(ju)交給可能(neng)沒有(you)最新安(an)全認證第三方的(de)(de)(de)供應(ying)商，若云(yun)技(ji)術是依托(tuo)在(zai)不(bu)同地方的(de)(de)(de)幾個(ge)數(shu)據(ju)(ju)(ju)(ju)(ju)中(zhong)心(xin)(xin)，那(nei)(nei)這幾個(ge)地方也(ye)需要(yao)適當的(de)(de)(de)安(an)全措施(shi)。云(yun)平(ping)(ping)臺(tai)(tai)(tai)要(yao)部(bu)署一些軟(ruan)(ruan)件防(fang)護(hu)技(ji)術，來增加(jia)安(an)全性。比如：通(tong)過安(an)全軟(ruan)(ruan)件周(zhou)期性對VM文件內(nei)容、注冊表等(deng)(deng)進行(xing)(xing)檢測(ce);對40萬的(de)(de)(de)病(bing)毒(du)庫(ku)進行(xing)(xing)掃描，及時(shi)(shi)更新病(bing)毒(du)庫(ku);針(zhen)對各種(zhong)(zhong)協議防(fang)護(hu)，7000多種(zhong)(zhong)攻擊檢測(ce)和防(fang)護(hu)等(deng)(deng)。針(zhen)對各種(zhong)(zhong)入侵，基于安(an)全模(mo)塊的(de)(de)(de)實時(shi)(shi)使用最新威脅(xie)特(te)征庫(ku)，隨(sui)時(shi)(shi)啟動防(fang)護(hu)措施(shi)。云(yun)平(ping)(ping)臺(tai)(tai)(tai)應(ying)該(gai)部(bu)署先進的(de)(de)(de)虛擬(ni)化海量存儲技(ji)術來存儲和管(guan)理數(shu)據(ju)(ju)(ju)(ju)(ju)資源，相應(ying)的(de)(de)(de)安(an)全機制(zhi)有(you)數(shu)據(ju)(ju)(ju)(ju)(ju)加(jia)密、數(shu)據(ju)(ju)(ju)(ju)(ju)隔離、數(shu)據(ju)(ju)(ju)(ju)(ju)校驗、數(shu)據(ju)(ju)(ju)(ju)(ju)備份、災難恢復，從(cong)而最大(da)程度上保證云(yun)平(ping)(ping)臺(tai)(tai)(tai)免受惡意攻擊的(de)(de)(de)騷擾。

系統安全

數(shu)據(ju)(ju)中(zhong)心(xin)(xin)(xin)數(shu)據(ju)(ju)系(xi)(xi)(xi)統(tong)一(yi)(yi)旦被人(ren)攻破，那一(yi)(yi)切機(ji)(ji)密(mi)(mi)數(shu)據(ju)(ju)都(dou)可能外流，給數(shu)據(ju)(ju)中(zhong)心(xin)(xin)(xin)用(yong)戶帶來(lai)的(de)損(sun)失難用(yong)金錢(qian)來(lai)衡量，所(suo)以一(yi)(yi)定要(yao)保障數(shu)據(ju)(ju)中(zhong)心(xin)(xin)(xin)系(xi)(xi)(xi)統(tong)安(an)(an)全(quan)(quan)(quan)(quan)。系(xi)(xi)(xi)統(tong)安(an)(an)全(quan)(quan)(quan)(quan)包括服務器操(cao)作系(xi)(xi)(xi)統(tong)，數(shu)據(ju)(ju)庫，中(zhong)間件等(deng)在內(nei)的(de)系(xi)(xi)(xi)統(tong)安(an)(an)全(quan)(quan)(quan)(quan)，以及為(wei)提高這(zhe)些(xie)系(xi)(xi)(xi)統(tong)的(de)安(an)(an)全(quan)(quan)(quan)(quan)性(xing)而使用(yong)安(an)(an)全(quan)(quan)(quan)(quan)評估管(guan)(guan)理工(gong)具所(suo)進(jin)行的(de)系(xi)(xi)(xi)統(tong)安(an)(an)全(quan)(quan)(quan)(quan)分析和加(jia)固(gu)。比如(ru)：很多設備通過(guo)安(an)(an)全(quan)(quan)(quan)(quan)軟件掃描(miao)，會(hui)看(kan)到(dao)不少的(de)端口服務都(dou)是(shi)(shi)開啟的(de)，這(zhe)是(shi)(shi)一(yi)(yi)種(zhong)極其(qi)不安(an)(an)全(quan)(quan)(quan)(quan)的(de)隱患(huan)，萬一(yi)(yi)這(zhe)些(xie)端口服務本身(shen)存在漏(lou)洞，就會(hui)讓壞分子有機(ji)(ji)可乘，通過(guo)漏(lou)洞攻入數(shu)據(ju)(ju)中(zhong)心(xin)(xin)(xin)系(xi)(xi)(xi)統(tong)內(nei)部，盜取機(ji)(ji)密(mi)(mi)的(de)數(shu)據(ju)(ju)資源;要(yao)對系(xi)(xi)(xi)統(tong)進(jin)行定期掃描(miao)、更新(xin)漏(lou)洞;對各種(zhong)系(xi)(xi)(xi)統(tong)和設備訪(fang)問(wen)(wen)要(yao)進(jin)行密(mi)(mi)碼(ma)加(jia)密(mi)(mi)和權限控(kong)制(zhi)，密(mi)(mi)碼(ma)采(cai)用(yong)隨(sui)機(ji)(ji)密(mi)(mi)碼(ma)輸(shu)入，增(zeng)強安(an)(an)全(quan)(quan)(quan)(quan)性(xing)，管(guan)(guan)理訪(fang)問(wen)(wen)https要(yao)加(jia)密(mi)(mi)，模塊、接口調用(yong)SSL加(jia)密(mi)(mi)處(chu)理，SSH、Telent訪(fang)問(wen)(wen)登錄都(dou)要(yao)到(dao)認證服務器上做驗(yan)證，增(zeng)加(jia)安(an)(an)全(quan)(quan)(quan)(quan)性(xing)。系(xi)(xi)(xi)統(tong)安(an)(an)全(quan)(quan)(quan)(quan)是(shi)(shi)數(shu)據(ju)(ju)中(zhong)心(xin)(xin)(xin)安(an)(an)全(quan)(quan)(quan)(quan)防御(yu)最(zui)為(wei)重要(yao)的(de)一(yi)(yi)環(huan)，只要(yao)系(xi)(xi)(xi)統(tong)沒有漏(lou)洞，就很難被人(ren)所(suo)利用(yong)。不過(guo)反過(guo)來(lai)，幾乎(hu)沒有哪個系(xi)(xi)(xi)統(tong)是(shi)(shi)完美的(de)，只要(yao)是(shi)(shi)人(ren)設計的(de)系(xi)(xi)(xi)統(tong)或多或少都(dou)存在一(yi)(yi)些(xie)缺陷，很多人(ren)就是(shi)(shi)利用(yong)了(le)這(zhe)些(xie)缺陷，攻破系(xi)(xi)(xi)統(tong)安(an)(an)全(quan)(quan)(quan)(quan)防御(yu)，所(suo)以要(yao)時刻對這(zhe)些(xie)系(xi)(xi)(xi)統(tong)安(an)(an)全(quan)(quan)(quan)(quan)漏(lou)洞保持警惕，發現了(le)就及時解決(jue)。

傳輸訪問層安全

數(shu)(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)要(yao)(yao)(yao)(yao)完成各(ge)種業務(wu)應用(yong)，要(yao)(yao)(yao)(yao)處(chu)理各(ge)種各(ge)樣的(de)(de)數(shu)(shu)(shu)據(ju)(ju)(ju)，在數(shu)(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)內(nei)部以(yi)(yi)及內(nei)外之間要(yao)(yao)(yao)(yao)交(jiao)互(hu)大量(liang)的(de)(de)數(shu)(shu)(shu)據(ju)(ju)(ju)，這主要(yao)(yao)(yao)(yao)在網絡(luo)(luo)的(de)(de)傳輸(shu)(shu)(shu)層完成。在數(shu)(shu)(shu)據(ju)(ju)(ju)傳輸(shu)(shu)(shu)的(de)(de)過(guo)程中(zhong)(zhong)(zhong)，這些數(shu)(shu)(shu)據(ju)(ju)(ju)就可(ke)(ke)(ke)能被泄(xie)漏，所(suo)(suo)以(yi)(yi)要(yao)(yao)(yao)(yao)進(jin)行(xing)傳輸(shu)(shu)(shu)訪(fang)問(wen)(wen)(wen)層的(de)(de)安(an)(an)(an)全(quan)防御。傳輸(shu)(shu)(shu)數(shu)(shu)(shu)據(ju)(ju)(ju)首先要(yao)(yao)(yao)(yao)基于SSL加(jia)密訪(fang)問(wen)(wen)(wen)傳輸(shu)(shu)(shu)，最近被炒得(de)非常火的(de)(de)量(liang)子(zi)通信也是要(yao)(yao)(yao)(yao)解決傳輸(shu)(shu)(shu)數(shu)(shu)(shu)據(ju)(ju)(ju)面臨(lin)的(de)(de)安(an)(an)(an)全(quan)問(wen)(wen)(wen)題(ti)，讓數(shu)(shu)(shu)據(ju)(ju)(ju)在傳輸(shu)(shu)(shu)的(de)(de)過(guo)程中(zhong)(zhong)(zhong)不(bu)會被泄(xie)漏出(chu)去。傳輸(shu)(shu)(shu)的(de)(de)設備要(yao)(yao)(yao)(yao)具有(you)(you)安(an)(an)(an)全(quan)防御能力。比如(ru)網絡(luo)(luo)設備，要(yao)(yao)(yao)(yao)對控制用(yong)戶(hu)進(jin)行(xing)管理，僅客戶(hu)端訪(fang)問(wen)(wen)(wen)才(cai)可(ke)(ke)(ke)以(yi)(yi)，同(tong)時(shi)記錄用(yong)戶(hu)的(de)(de)所(suo)(suo)有(you)(you)操作，基于日志可(ke)(ke)(ke)進(jin)行(xing)行(xing)為審計。在數(shu)(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)網絡(luo)(luo)中(zhong)(zhong)(zhong)，很多傳輸(shu)(shu)(shu)層攻擊都是針對TCP/IP協議(yi)固(gu)有(you)(you)漏洞發起的(de)(de)，如(ru)今已經有(you)(you)IPSec、SSL、S-HTTP、S/MIME、TLS等安(an)(an)(an)全(quan)協議(yi)，通過(guo)運行(xing)這些協議(yi)可(ke)(ke)(ke)以(yi)(yi)最大限度地(di)確保傳輸(shu)(shu)(shu)層安(an)(an)(an)全(quan)。傳輸(shu)(shu)(shu)層一旦發生(sheng)數(shu)(shu)(shu)據(ju)(ju)(ju)泄(xie)漏，雖(sui)然(ran)內(nei)容不(bu)是那么好還原出(chu)來(lai)，但可(ke)(ke)(ke)以(yi)(yi)根據(ju)(ju)(ju)數(shu)(shu)(shu)據(ju)(ju)(ju)特征進(jin)行(xing)有(you)(you)針對性的(de)(de)破壞活動，導致(zhi)數(shu)(shu)(shu)據(ju)(ju)(ju)傳輸(shu)(shu)(shu)出(chu)現(xian)問(wen)(wen)(wen)題(ti)，引起數(shu)(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)業務(wu)中(zhong)(zhong)(zhong)斷，這也將(jiang)給數(shu)(shu)(shu)據(ju)(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)帶來(lai)嚴重問(wen)(wen)(wen)題(ti)。

除了以(yi)上(shang)介紹的(de)(de)(de)(de)這三(san)大方(fang)面(mian)的(de)(de)(de)(de)安(an)(an)(an)(an)(an)全(quan)(quan)防(fang)(fang)御，還有(you)設備硬件(jian)(jian)漏洞(dong)、人員管理上(shang)的(de)(de)(de)(de)安(an)(an)(an)(an)(an)全(quan)(quan)漏洞(dong)、監控系統(tong)的(de)(de)(de)(de)漏洞(dong)等(deng)(deng)等(deng)(deng)，數(shu)據(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)(xin)安(an)(an)(an)(an)(an)全(quan)(quan)涉(she)及的(de)(de)(de)(de)范圍(wei)極廣，絕不(bu)僅僅包(bao)含云平臺(tai)、系統(tong)安(an)(an)(an)(an)(an)全(quan)(quan)和傳輸層(ceng)三(san)大塊(kuai)，僅在網絡層(ceng)面(mian)，從網絡第一層(ceng)物(wu)理層(ceng)到第七層(ceng)應(ying)用(yong)(yong)層(ceng)，每一層(ceng)都面(mian)臨著(zhu)不(bu)同程度的(de)(de)(de)(de)安(an)(an)(an)(an)(an)全(quan)(quan)風險，很(hen)多(duo)攻(gong)擊(ji)專(zhuan)門針對某一網絡協(xie)(xie)議層(ceng)發(fa)起攻(gong)擊(ji)，利用(yong)(yong)網絡設備或協(xie)(xie)議的(de)(de)(de)(de)漏洞(dong)，攻(gong)擊(ji)網絡，破壞(huai)(huai)數(shu)據(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)(xin)業務正常運行;在服務器層(ceng)面(mian)，就更(geng)加廣泛了，服務器上(shang)的(de)(de)(de)(de)操作(zuo)系統(tong)安(an)(an)(an)(an)(an)全(quan)(quan)、各(ge)種(zhong)應(ying)用(yong)(yong)軟件(jian)(jian)安(an)(an)(an)(an)(an)全(quan)(quan)、登陸口令的(de)(de)(de)(de)安(an)(an)(an)(an)(an)全(quan)(quan)等(deng)(deng)等(deng)(deng)，每個(ge)部分都需要(yao)做安(an)(an)(an)(an)(an)全(quan)(quan)防(fang)(fang)御，以(yi)至于數(shu)據(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)(xin)很(hen)難(nan)照(zhao)顧到所有(you)方(fang)方(fang)面(mian)面(mian)，這也是(shi)很(hen)多(duo)數(shu)據(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)(xin)頻(pin)發(fa)安(an)(an)(an)(an)(an)全(quan)(quan)事故的(de)(de)(de)(de)原因(yin)。數(shu)據(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)(xin)包(bao)含的(de)(de)(de)(de)各(ge)種(zhong)系統(tong)太復雜(za)，任何(he)一個(ge)環節沒有(you)做好(hao)安(an)(an)(an)(an)(an)全(quan)(quan)防(fang)(fang)御，都可以(yi)讓壞(huai)(huai)分子有(you)機可乘。而數(shu)據(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)(xin)在明處，壞(huai)(huai)分子在暗(an)處，只有(you)做好(hao)每個(ge)環節的(de)(de)(de)(de)安(an)(an)(an)(an)(an)全(quan)(quan)防(fang)(fang)御工作(zuo)，才(cai)能(neng)確保數(shu)據(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)(xin)安(an)(an)(an)(an)(an)全(quan)(quan)，正所謂 魔(mo)高(gao)(gao)一尺道高(gao)(gao)一丈 ，安(an)(an)(an)(an)(an)全(quan)(quan)防(fang)(fang)御技術總是(shi)要(yao)比破壞(huai)(huai)分子技高(gao)(gao)一籌，讓數(shu)據(ju)(ju)中(zhong)(zhong)(zhong)心(xin)(xin)(xin)處于安(an)(an)(an)(an)(an)全(quan)(quan)防(fang)(fang)御之(zhi)下，不(bu)受侵擾。

文章編輯：CobiNet(寧波)  
本公司專注于電訊配件,銅纜綜合布線系列領域產品研發生產超五類，六類,七類屏蔽網線/屏蔽模塊及相關模塊配件, 我們是萬兆屏蔽模塊，10G屏蔽模塊，屏蔽線生產廠家。

歡迎來電咨詢0574 88168918,郵箱(xiang)sales@aliance.cn，網址(zhi)aliance.cn