Security breaches can have severe consequences for businesses of all sizes and the scope and intelligence of attacks is increasing – stepping up the pressure on IT security administrators to improve the security of core infrastructure and data. Andrew Heading, Head of Field Marketing, ANZ, Alibaba Cloud and Oliver Zhang, a Solutions Architect with Alibaba Cloud ANZ who works with clients worldwide on architecture design, implementation and migration of cloud infrastructure and services, recently hosted a webinar to explain how Alibaba Cloud can help organizations meet modern security challenges.
While not every architecture is the same, IT security administrators need to consider three questions:
• Do I know whether my websites or infrastructure are under attack?
• Do I know of any vulnerabilities in my websites or infrastructure?
• Has there been any leaks of critical data?
To address these issues, IT security administrators need to determine how to deliver improvements and close loopholes without impacting service continuity.
Alibaba Cloud provides a comprehensive range of security solutions, products and services mapped to a framework that covers every aspect of an organization's security needs. These solutions, products and services are grouped under identity security, infrastructure security, data security and business security.
Alibaba Cloud Anti-DDoS is highly effective against denial of service attacks with intelligent scheduling a key benefit. Anti-DDoS Origin operates at the host level, with cloud server and load balancers having local anti-DDoS capacity, while the scheduler switches to Anti-DDoS Premium when traffic reaches the threshold, with the relevant Alibaba Cloud scrubbing center starts cleansing and removing attack traffic. Businesses benefit from near-source protection and large, distributed capacity that can handle attacks at scale.
Web Application Firewall (WAF) helps protect businesses against XSS, SQL injection, credential hacking, bot crawler and CC attacks, which are intensifying in recent years. With Anti-DDoS managing volume attacks, WAF monitors for these other attack methods and removes harmful traffic. WAF features a big data engine that shares analysis across all users of the service: so if one user is attacked, Alibaba Cloud will put the responsible IP address into blacklist or high risk category and be very careful with traffic sent from that address to other users. In addition, an enhanced algorithm learns from tens of billions of security items logged every day to educate itself about new events. This service also uses near-source scrubbing and cleaning.
A new WAF feature enables API lifecycle management, while customers can also run WAF in their own data centers as well as in Alibaba Cloud, with policies synced between the two environments.
Both Anti-DDoS and WAF work with back end servers that operate outside Alibaba Cloud.
Bastionhost is a centralized and unified management and operation platform that enables management of hundreds if not thousands of assets of an IT infrastructure. With this platform, customers can filter and authenticate users and address security risks before they eventuate. For example, Bastionhost can block an employee who attempts to use another employee's credential to log in, and prevent an employee from running an intrusive command that deletes all the data on a server.
Alibaba Cloud Security Center is a host-level security protection service that collects data from hosts and reports back to a controller in the cloud so customers can view status and events across their infrastructures. The lightweight agent is running in a large number of cloud and off-cloud servers and controls its own resource usage, including terminating its scanning and checking if resource consumption becomes too high a percentage of the system available resource. It features a machine learning-based scanning engine that operates across all user environments, with techniques, algorithms, new attack type definitions and vulnerabilities shared. Alibaba Cloud Security Center can save IT security administrators considerable time undertaking critical tasks such as patching zero-day vulnerabilities across multiple servers and is also designed to met compliance and regulatory requirements. Overall, its capabilities can be separated into three categories: prevention, detection and response. The product now has the capability to secure containers as well, across container image, configuration and runtime.
Alibaba Clouder - July 10, 2019
Alibaba Clouder - July 12, 2019
Alibaba Clouder - February 21, 2020
Alibaba Clouder - April 8, 2021
Alibaba Clouder - June 28, 2019
Alibaba Clouder - August 28, 2020
Explore Web Hosting solutions that can power your personal website or empower your online business.Learn More
A cloud firewall service utilizing big data capabilities to protect against web-based attacksLearn More
Alibaba Cloud is committed to safeguarding the cloud security for every business.Learn More
Security Center is a flagship security product that integrates both Server Guard and Threat Detection Service. It is a unified security management system that recognizes, analyzes, and alerts of security threats in real-time.Learn More
More Posts by Alibaba Cloud Community