虛擬數(shù)據(jù)中心安全防護(hù)的調(diào)研分析
發(fā)布時(shí)間:2018-11-05 10:21
【摘要】:隨著信息技術(shù)的不斷發(fā)展,數(shù)據(jù)中心規(guī)模和數(shù)量也呈現(xiàn)出爆炸性增長(zhǎng),由于數(shù)據(jù)中心設(shè)備的利用率和機(jī)房基礎(chǔ)設(shè)施的低能源效率,電力消耗和管理維護(hù)的成本占數(shù)據(jù)中心成本的比例越來越高。為解決這一問題,企業(yè)對(duì)服務(wù)器進(jìn)行虛擬化改造,在原有的硬件資源上創(chuàng)建多個(gè)虛擬機(jī)操作系統(tǒng)來實(shí)現(xiàn)數(shù)據(jù)的分布式共享,這樣能有效降低數(shù)據(jù)中心的能耗,提高資源利用率。 采用虛擬化技術(shù)的數(shù)據(jù)中心整合能夠顯著的節(jié)約運(yùn)營(yíng)成本,然而,在虛擬化帶來好處的同時(shí),也帶來了新的安全風(fēng)險(xiǎn)。由于虛擬化環(huán)境獨(dú)特的動(dòng)態(tài)特性,傳統(tǒng)的靜態(tài)安全措施變得越來越力不從心,不僅難以管理動(dòng)態(tài)虛擬服務(wù)器池周邊的靜態(tài)安全設(shè)備,而且靜態(tài)安全措施甚至還可能會(huì)遮掩虛擬化所帶來的好處。因此,,尋求適合的安全方案,對(duì)虛擬數(shù)據(jù)中心進(jìn)行安全防護(hù),在解決安全隱患的同時(shí),也能保障數(shù)據(jù)中心的性能,這是企業(yè)當(dāng)前十分關(guān)注的問題。 本文通過調(diào)研國(guó)內(nèi)外知名廠商的虛擬化安全解決方案和產(chǎn)品,根據(jù)產(chǎn)品白皮書以及相關(guān)技術(shù)文檔來詳細(xì)闡述各個(gè)產(chǎn)品的架構(gòu)圖、核心組件和功能特性等,并從防火墻和防病毒兩大方面出發(fā),歸納總結(jié)可以應(yīng)用于虛擬數(shù)據(jù)中心安全防護(hù)的解決方案。本文采用實(shí)驗(yàn)法,針對(duì)防火墻和防病毒兩方面的安全方案,根據(jù)不同的性能評(píng)估項(xiàng),設(shè)計(jì)不同的測(cè)試場(chǎng)景并搭建實(shí)驗(yàn)環(huán)境進(jìn)行測(cè)試。最后,本文結(jié)合定性和定量分析方法,對(duì)實(shí)驗(yàn)測(cè)試結(jié)果進(jìn)行分析對(duì)比。 本文采用調(diào)研和實(shí)驗(yàn)相結(jié)合的研究方法,分析虛擬化安全解決方案,并搭建實(shí)驗(yàn)環(huán)境,測(cè)試這些方案對(duì)虛擬數(shù)據(jù)中心提供服務(wù)能力和性能的影響,對(duì)測(cè)試結(jié)果進(jìn)行分析總結(jié),并給出企業(yè)對(duì)虛擬數(shù)據(jù)中心進(jìn)行安全防護(hù)方面的建議和展望。
[Abstract]:With the continuous development of information technology, the size and number of data centers have also shown explosive growth, due to the utilization of data center equipment and the low energy efficiency of computer room infrastructure. The cost of power consumption and management and maintenance is increasing in proportion to the cost of data center. In order to solve this problem, the enterprise carries on the virtualization transformation to the server, creates several virtual machine operating systems on the original hardware resources to realize the data distributed sharing, thus can effectively reduce the data center energy consumption, enhances the resource utilization ratio. Data center integration using virtualization technology can significantly reduce operating costs, however, virtualization brings benefits as well as new security risks. Because of the unique dynamic characteristics of the virtualization environment, the traditional static security measures become more and more difficult to manage the static security devices around the dynamic virtual server pool. And static security may even mask the benefits of virtualization. Therefore, it is very important for enterprises to seek suitable security scheme and protect virtual data center, which can not only solve the hidden danger of security, but also guarantee the performance of data center at the same time. By investigating the virtualization security solutions and products of well-known domestic and foreign manufacturers, this paper elaborates the architecture diagram, core components and functional features of each product according to the white paper and related technical documents. From two aspects of firewall and antivirus, the solution that can be applied to the security protection of virtual data center is summarized. In this paper, according to different performance evaluation items, different test scenarios are designed for firewall and antivirus security schemes, and the test environment is built. Finally, this paper analyzes and compares the experimental results with qualitative and quantitative methods. In this paper, we use the research method of combining research and experiment to analyze the virtualization security solution, and build the experimental environment, test the influence of these solutions on the service ability and performance of the virtual data center, and analyze and summarize the test results. The suggestion and prospect of enterprise security protection to virtual data center are also given.
【學(xué)位授予單位】:華南理工大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2013
【分類號(hào)】:TP308
本文編號(hào):2311762
[Abstract]:With the continuous development of information technology, the size and number of data centers have also shown explosive growth, due to the utilization of data center equipment and the low energy efficiency of computer room infrastructure. The cost of power consumption and management and maintenance is increasing in proportion to the cost of data center. In order to solve this problem, the enterprise carries on the virtualization transformation to the server, creates several virtual machine operating systems on the original hardware resources to realize the data distributed sharing, thus can effectively reduce the data center energy consumption, enhances the resource utilization ratio. Data center integration using virtualization technology can significantly reduce operating costs, however, virtualization brings benefits as well as new security risks. Because of the unique dynamic characteristics of the virtualization environment, the traditional static security measures become more and more difficult to manage the static security devices around the dynamic virtual server pool. And static security may even mask the benefits of virtualization. Therefore, it is very important for enterprises to seek suitable security scheme and protect virtual data center, which can not only solve the hidden danger of security, but also guarantee the performance of data center at the same time. By investigating the virtualization security solutions and products of well-known domestic and foreign manufacturers, this paper elaborates the architecture diagram, core components and functional features of each product according to the white paper and related technical documents. From two aspects of firewall and antivirus, the solution that can be applied to the security protection of virtual data center is summarized. In this paper, according to different performance evaluation items, different test scenarios are designed for firewall and antivirus security schemes, and the test environment is built. Finally, this paper analyzes and compares the experimental results with qualitative and quantitative methods. In this paper, we use the research method of combining research and experiment to analyze the virtualization security solution, and build the experimental environment, test the influence of these solutions on the service ability and performance of the virtual data center, and analyze and summarize the test results. The suggestion and prospect of enterprise security protection to virtual data center are also given.
【學(xué)位授予單位】:華南理工大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2013
【分類號(hào)】:TP308
【參考文獻(xiàn)】
相關(guān)期刊論文 前3條
1 房晶;吳昊;白松林;;云計(jì)算的虛擬化安全問題[J];電信科學(xué);2012年04期
2 宗小忠;趙春紅;;虛擬服務(wù)器技術(shù)及其在網(wǎng)絡(luò)管理中的應(yīng)用[J];電腦知識(shí)與技術(shù);2010年27期
3 喬梁;;服務(wù)器虛擬化技術(shù)在數(shù)據(jù)機(jī)房節(jié)能方面的應(yīng)用及分析[J];China's Foreign Trade;2010年22期
本文編號(hào):2311762
本文鏈接:http://sikaile.net/kejilunwen/jisuanjikexuelunwen/2311762.html
最近更新
教材專著
