China Gezhouba Group Co., Ltd

Pain points and needs

1、In 2017, the Cybersecurity Law was officially implemented, and policies and regulations have put forward higher requirements for information security construction. As a large state-owned enterprise group, Gezhouba Private Cloud Platform needs to fully meet the various standards of Level 3 security.

2、With the development of hacker technology, the security situation is becoming increasingly severe. After the concentration of group business, higher requirements have been put forward for security protection. The group needs to establish a comprehensive security protection system to deal with various security threats.

3、With the establishment of private cloud platforms, labels such as cloud platforms, multi tenancy, and personalized needs have made the security construction of Gezhouba increasingly complex. The existing traditional security protection methods can no longer meet the security needs of cloud based business.

The solution

Based on user demands, Shenxin has designed a comprehensive security framework for the cloud data center of Gezhouba, constructing a comprehensive security protection system from four aspects.

Boundary security: Through physical devices and the ability to integrate security, achieve isolation, protection, and analysis of boundaries.

Tenant Security: Fully utilize software defined security, pool and service security resources, and provide elastic and boundary complementary security capabilities.

Cloud internal security: Focusing on the cloud, providing visible and controllable capabilities for cloud internal security, and establishing cloud internal security boundaries around business systems.

Global Security: Utilizing the ability of integrated security, combined with big data and artificial intelligence, to provide unified management of network security visualization and linkage blockade.

Program value

·Fully meet the security requirements of the Cybersecurity Law and Level Protection 2.0, and the business system is more standardized and regulated.

·The integrated security defense system has established a three-level protection system of "cloud within cloud boundary cloud platform" and a detection and analysis platform, which can provide comprehensive security protection for private cloud platforms.

·Clear division of responsibilities for cloud security, matching corresponding management interfaces for different user roles, clarifying the rights and responsibilities of secondary units and groups, and reducing security frictions; Software defined security enables rapid expansion of network, computing, and security components through resource pools, with flexible expansion and uninterrupted business operations.

·Centralized network wide security visualization, unified management of private cloud security through the Deep Trust Security Perception Platform, clear security situation and access relationships, big data assisted security decision-making, precise positioning of security events, and quick identification of which secondary unit or business system is at fault.