虚拟数据中心安全防护的调研分析
发布时间:2018-11-05 10:21
【摘要】:随着信息技术的不断发展,数据中心规模和数量也呈现出爆炸性增长,由于数据中心设备的利用率和机房基础设施的低能源效率,电力消耗和管理维护的成本占数据中心成本的比例越来越高。为解决这一问题,企业对服务器进行虚拟化改造,在原有的硬件资源上创建多个虚拟机操作系统来实现数据的分布式共享,这样能有效降低数据中心的能耗,提高资源利用率。 采用虚拟化技术的数据中心整合能够显著的节约运营成本,然而,在虚拟化带来好处的同时,也带来了新的安全风险。由于虚拟化环境独特的动态特性,传统的静态安全措施变得越来越力不从心,不仅难以管理动态虚拟服务器池周边的静态安全设备,而且静态安全措施甚至还可能会遮掩虚拟化所带来的好处。因此,,寻求适合的安全方案,对虚拟数据中心进行安全防护,在解决安全隐患的同时,也能保障数据中心的性能,这是企业当前十分关注的问题。 本文通过调研国内外知名厂商的虚拟化安全解决方案和产品,根据产品白皮书以及相关技术文档来详细阐述各个产品的架构图、核心组件和功能特性等,并从防火墙和防病毒两大方面出发,归纳总结可以应用于虚拟数据中心安全防护的解决方案。本文采用实验法,针对防火墙和防病毒两方面的安全方案,根据不同的性能评估项,设计不同的测试场景并搭建实验环境进行测试。最后,本文结合定性和定量分析方法,对实验测试结果进行分析对比。 本文采用调研和实验相结合的研究方法,分析虚拟化安全解决方案,并搭建实验环境,测试这些方案对虚拟数据中心提供服务能力和性能的影响,对测试结果进行分析总结,并给出企业对虚拟数据中心进行安全防护方面的建议和展望。
[Abstract]:With the continuous development of information technology, the size and number of data centers have also shown explosive growth, due to the utilization of data center equipment and the low energy efficiency of computer room infrastructure. The cost of power consumption and management and maintenance is increasing in proportion to the cost of data center. In order to solve this problem, the enterprise carries on the virtualization transformation to the server, creates several virtual machine operating systems on the original hardware resources to realize the data distributed sharing, thus can effectively reduce the data center energy consumption, enhances the resource utilization ratio. Data center integration using virtualization technology can significantly reduce operating costs, however, virtualization brings benefits as well as new security risks. Because of the unique dynamic characteristics of the virtualization environment, the traditional static security measures become more and more difficult to manage the static security devices around the dynamic virtual server pool. And static security may even mask the benefits of virtualization. Therefore, it is very important for enterprises to seek suitable security scheme and protect virtual data center, which can not only solve the hidden danger of security, but also guarantee the performance of data center at the same time. By investigating the virtualization security solutions and products of well-known domestic and foreign manufacturers, this paper elaborates the architecture diagram, core components and functional features of each product according to the white paper and related technical documents. From two aspects of firewall and antivirus, the solution that can be applied to the security protection of virtual data center is summarized. In this paper, according to different performance evaluation items, different test scenarios are designed for firewall and antivirus security schemes, and the test environment is built. Finally, this paper analyzes and compares the experimental results with qualitative and quantitative methods. In this paper, we use the research method of combining research and experiment to analyze the virtualization security solution, and build the experimental environment, test the influence of these solutions on the service ability and performance of the virtual data center, and analyze and summarize the test results. The suggestion and prospect of enterprise security protection to virtual data center are also given.
【学位授予单位】:华南理工大学
【学位级别】:硕士
【学位授予年份】:2013
【分类号】:TP308
本文编号:2311762
[Abstract]:With the continuous development of information technology, the size and number of data centers have also shown explosive growth, due to the utilization of data center equipment and the low energy efficiency of computer room infrastructure. The cost of power consumption and management and maintenance is increasing in proportion to the cost of data center. In order to solve this problem, the enterprise carries on the virtualization transformation to the server, creates several virtual machine operating systems on the original hardware resources to realize the data distributed sharing, thus can effectively reduce the data center energy consumption, enhances the resource utilization ratio. Data center integration using virtualization technology can significantly reduce operating costs, however, virtualization brings benefits as well as new security risks. Because of the unique dynamic characteristics of the virtualization environment, the traditional static security measures become more and more difficult to manage the static security devices around the dynamic virtual server pool. And static security may even mask the benefits of virtualization. Therefore, it is very important for enterprises to seek suitable security scheme and protect virtual data center, which can not only solve the hidden danger of security, but also guarantee the performance of data center at the same time. By investigating the virtualization security solutions and products of well-known domestic and foreign manufacturers, this paper elaborates the architecture diagram, core components and functional features of each product according to the white paper and related technical documents. From two aspects of firewall and antivirus, the solution that can be applied to the security protection of virtual data center is summarized. In this paper, according to different performance evaluation items, different test scenarios are designed for firewall and antivirus security schemes, and the test environment is built. Finally, this paper analyzes and compares the experimental results with qualitative and quantitative methods. In this paper, we use the research method of combining research and experiment to analyze the virtualization security solution, and build the experimental environment, test the influence of these solutions on the service ability and performance of the virtual data center, and analyze and summarize the test results. The suggestion and prospect of enterprise security protection to virtual data center are also given.
【学位授予单位】:华南理工大学
【学位级别】:硕士
【学位授予年份】:2013
【分类号】:TP308
【参考文献】
相关期刊论文 前3条
1 房晶;吴昊;白松林;;云计算的虚拟化安全问题[J];电信科学;2012年04期
2 宗小忠;赵春红;;虚拟服务器技术及其在网络管理中的应用[J];电脑知识与技术;2010年27期
3 乔梁;;服务器虚拟化技术在数据机房节能方面的应用及分析[J];China's Foreign Trade;2010年22期
本文编号:2311762
本文链接:https://www.wllwen.com/kejilunwen/jisuanjikexuelunwen/2311762.html
