Demystifying the architecture and application scenario practice of security solutions for government and enterprises
Posted May 25, 2020 • 7 min read
What are the challenges faced by government and enterprises in network and online?
Government and enterprises cover several industries such as government, finance, media and traditional enterprises. With the rapid development of the "Internet +" format, the digital transformation of government and enterprises is at the time, especially under the influence of the new crown epidemic. The pace of capacity building is further accelerated, and the construction of network and business online has become an indispensable capability for government and enterprises.
Specific to various business scenarios, in the area of government affairs, the country vigorously promotes online business to achieve digital governance, providing smooth and stable online services to the public to enhance its service level and efficiency, and improve public satisfaction; in the financial industry, online banking , Mobile payment, mobile securities, online business halls and other emerging financial applications are developing rapidly, and more business processes such as transactions, certifications, and audits are completed on the Internet; The development of media business, the status of Internet-based broadcast and television new media, and fusion media in the industry are increasing. The access experience and security on the Internet are becoming more critical. In the traditional enterprise field, the process of achieving energy efficiency improvement through digital transformation will experience digitalization. , Networked, and intelligentized, in which the interconnection of devices in the process of networking, business networking on the cloud, enterprise online marketing and services and other scenarios have become the primary tasks of traditional enterprises.
At the same time, China's supervision of network security is also continuously strengthened, and it emphasizes independent controllability, especially critical information infrastructure(refers to the Internet, the public to provide network information services or support communications, finance, transportation, public utilities Information systems or industrial control systems in important industries such as careers), which are critical to national security, economic security, social stability, public health and safety. On April 27, 12 ministries and commissions, including the Internet Information Office, the Ministry of Industry and Information Technology, the People s Bank of China, the State Administration of Radio, Film and Television, the State Secrets Bureau, and the Password Bureau, jointly formulated the Cyber Security Review Method , which The network security review of key information infrastructures such as media news websites, enterprises and institutions websites, and office systems has raised further clear safety supervision requirements, which deserves high attention from the government and enterprise industries.
In summary, the core challenge facing the government and enterprise industry is to be open online, smooth and stable, and safe and compliant. How to help the government and enterprise industry better meet the needs of security and acceleration, and ensure the transmission security and user access experience on the Internet, this is also a problem that cloud computing practitioners are particularly concerned about and need to solve.
The overall structure of the government and enterprise security acceleration solution
Alibaba Cloud's government-enterprise security acceleration solution released this time is a one-stop solution that takes into account acceleration, security and compliance. It integrates static acceleration and total station acceleration, including four-layer IP application acceleration and seven-layer WebSocket acceleration, which can comprehensively improve user access efficiency. At the same time, it integrates security capabilities such as edge WAF, DDoS attack protection, and distributed CC attack protection. Supporting the national security algorithm https security mechanism at the level of transmission security can effectively help the government, media and other fields to improve anti-tampering and anti-crawler capabilities and avoid corresponding content security risks.
The government-enterprise security acceleration solution empowers government-enterprise customers in three dimensions:security compliance, stability, speed and effort. First of all, with the above security capabilities, we can help customers resist malicious attacks from the Internet, ensure that service availability is not compromised, and ensure the safety of content and data. At the same time, rich and comprehensive security features can also help customers meet high-standard compliance requirements. Secondly, relying on Alibaba Cloud CDN's resource and technology reserves and best practices accumulated over the years, it can provide users in the government and enterprise industries with a stable and extremely fast access experience. Third, the solution also builds a professional service team for the government and enterprise industry. The team has the best practical experience of large-scale projects in many national ministries, large joint-stock banks, and central media. It can provide daily services, emergency response, and escort of major events. And multiple security support. At the same time, there is no need to deploy equipment in the product solution, and the application system is quickly accessed through the API and console, and the technical connection is very simple and convenient.
Application scenarios and industry value of government and enterprise security acceleration solutions
- Scenario 1:Government affairs platform
The government and enterprise security acceleration solution serves all kinds of government portals, e-government, one-net office and other applications, as well as party building learning and online education platforms, helping it relieve more than 95%of network traffic pressure and effectively shield access bottlenecks caused by the surge of users Problems, and hide and protect the source site. At the same time, the transmission link layer encryption is implemented based on the national secret algorithm https, which effectively prevents hijacking and tampering, and protects the content of the website. In addition, through UA/IP black and white lists/Refer anti-theft chain, and DRM digital rights management and other security mechanisms, it can prevent video piracy in multiple dimensions and protect high-quality copyright content from infringement.
- Scenario 2:Finance
In the financial field, there are strict security compliance requirements in business scenarios such as portal websites of banks, securities and insurance institutions, mobile app and transaction certification audits, financial dual recording, and internal training. SSL certificates and national secret requirements are relatively high. The government and enterprise security acceleration solution provides an end-to-end national secret https transmission encryption solution, including keyless, dual certificate, IPv6 and other security requirements that require more explicit security compliance. At the same time, the solution is based on DDoS/CC protection and edge WAF to help financial institutions respond to cyber attacks and ensure business security and stability without interruption. In addition, the solution integrates full-site acceleration, based on Layer 7/Layer 4 acceleration, effectively increasing the transaction success rate to 99.9%, shortening the transaction duration by more than 30%, and optimizing the user experience of financial companies across countries and large-scale transactions and visits.
- Scene 3:Broadcasting Media
In the field of radio and television media, radio and television new media platforms, local media, and district and county financial media applications are generally faced with technical challenges such as low https penetration rate, content tampering risk, copyright video piracy and hacking, and video fluency. Government and enterprise security The acceleration solution effectively prevents hijacking and tampering through national secret https transmission encryption. At the same time, it is based on UA /IP black and white lists/Refer anti-theft chain, and DRM digital rights management and other security mechanisms to ensure that high-quality copyright content is not stolen and stolen.
- Scene 4:Corporate office
The business scenarios of traditional enterprises, such as retail, car companies, energy, aviation, etc., can be divided into two parts:online office inside the enterprise and various services and applications facing customers. The government-enterprise security acceleration solution can be based on full-station acceleration and Layer 7/Layer 4 acceleration to support cross-region and cross-operator system coordination and API acceleration to improve platform access experience. At the same time, in terms of security, the integrated edge WAF capability in the solution can effectively achieve protection against crawlers, anti-brushes, and WEB system intrusions, avoid core data leakage caused by corporate websites being crawled and platforms being brushed, and ensure corporate data. And the safety of the source station.
Alibaba Cloud's government and enterprise security acceleration solutions have been widely used in government platforms, online banking, retail, aviation and other fields, helping customers meet the requirements of compliance, security and user access experience, empowering online businesses with speed, A safe and reliable Internet experience helps more governments and enterprises to seize the opportunities of digital development and gain an opportunity in digital transformation.
Benefits:Before June 30, 2020, CDN accelerates bandwidth free trial within 10Mbps for 1 month, 30Gbps DDoS protection, and advanced version of WAF for 1 week, and gives a free vulnerability scanning service. The total quota is limited to 100.
Q & A group:34249460