趋势科技研发实验室

Click to edit Master text styles,Second level,Third level,Fourth level,Fifth level,Click to edit Master text styles,Second level,Third level,Fourth level,Fifth level,趨勢科技研發實驗室,Introduction to Cloud Computing,.Cloud computing is,Internet-based computing,whereby,shared resources,software and information,are provided to computers and other devices,on demand,like the electricity.,Wikipedia,.a style of computing in which,dynamically scalable and often virtualized resources,are provided,as a service over the Internet”,Wikipedia,“.a,pay-per-use model,for enabling available,convenient,on-demand network access to,a,shared pool of,congurable,computing resources(e.g.,networks,servers,storage,applications,services,)that can be,rapidly provisioned and released,with minimal management effort,or service provider interaction.”,-National Institute of Standards and Technology(NIST)11,“Clouds are a large pool of easily usable and accessible virtualized resources(such as hardware,development platforms and/or services).These resources can be dynamically re-,congured,to adjust to a variable load(scale),allow-,ing,also for an optimum resource utilization.This pool of resources is typically exploited by a,pay-per-use model,in which guarantees are offered by the Infrastructure Provider by means of,customized,SLAs,.,-Paper by Vaquero et.al.:“A break in the clouds:towards a cloud,denition,”,Cloud Computing Defined,Shared resources,resources are abstracted/virtualized,Software,Platform,Storage,Infrastructure,Internet-based,open interface and on demand,Elastic capacity,scale up/down on demand.,Pay-per-use,(no commitment,utility prices).,How many/good/long,According to service level agreement(SLA),Cloud Computing-Enabling Technologies,Several key components have matured and are essential building blocks of many Cloud services:,Web 2.0,ex:,Ajex,Web Service,HTML5,Distributed/Cluster/Grid computing,ex:,MapReduce,Service Oriented Architecture,Distributed Storage,ex.,Hadoop,Distributed File System,Google File System,Google,BigTable,Amazon S3,Virtualization,ex.,Xen,Vmware,KVM,VirtualBox,Copyright 2009-Trend Micro Inc.,Software-as-a-Service,Ex.Google Apps,http:/ 2009-Trend Micro Inc.,Infrastructure-as-a-ServicePlatform-as-a-Service,Ex.Amazon,EC2(Elastic Compute Cloud),“a web service that provides resizable compute capacity in the cloud.”,http:/ Instance(Default)1.7 GB of memory,1 EC2 Compute Unit(1 virtual core with 1 EC2 Compute Unit),160 GB of instance storage,32-bit platform,05/18/09,Classification,Amazon EC2(cloud computing example),EC2 allows users to,rent virtual computers,on which to run their own computer applications.,EC2 allows,scalable deployment of applications by providing a web service,through which a user can boot an Amazon Machine Image to create a virtual machine,A user can create,launch,and terminate server instances as needed,paying by the hour for active servers,hence the term elastic”.,Copyright 2009-Trend Micro Inc.,Amazon Web Services(cloud computing example),Amazon Web Services(AWS)delivers a set of services that together form a reliable,scalable,and inexpensive computing platform“in the cloud”.,http:/ 2009-Trend Micro Inc.,趨勢科技智慧防護網絡,(Smart Protection Network),http:/ Patterns,數目正不斷上升。在,2005,年，一天約有,50,個新,Virus Patterns,增加至,Pattern database,。到,2008,年，數目已經增加到,5,000,個。趨勢科技把大多數的,Virus Patterns,儲存到雲端資料庫，目的是減低儲存在端點的數目，並減少佔用在網絡或端點的頻寬，而且更提供即時的網絡保障。,超越傳統的阻擋威脅方法，將安全保護範圍延伸至,Internet,，並採用趨勢最新的雲端運算技術將,Internet,上的威脅阻擋在網絡或電腦之外。,Public,Copyright 2009-Trend Micro Inc.,趨勢科技智慧防護網絡,(Smart Protection Network),Smart Protection Network,利用,Reputation Technologies,，連結來自網絡、檔案、及電子郵件的威脅，並持續更新雲端的威脅資料庫，利用,Cloud-oriented Architecture,以偵測與分析最新的網絡威脅。,Smart Protection Network,結合雲端技術，確保用戶無論在何時何地，或是以任何方式上網，均能隨時獲得最新最強的安全保護。,Public,Copyright 2009-Trend Micro Inc.,趨勢科技智慧防護網絡,(Smart Protection Network),網站信譽服務,(Web Reputation Service),趨勢科技的網站信譽資料庫屬全世界最大之一，其網站信譽技術能夠追蹤網域的可靠程度，方法是以網站的歷史、網址的轉變、以及惡意軟件行為分析所發現的可疑活動等因素，給予一個信譽評分，並阻止使用者進入風險較高的網站。,Public,Copyright 2009-Trend Micro Inc.,趨勢科技智慧防護網絡,(Smart Protection Network),電子郵件信譽服務,(Email Reputation Service),電子郵件信譽技術藉著查核已知垃圾郵件來源的信譽資料庫，以及使用時評估發信者信譽的動態服務來驗證,IP,地址。信譽評分是根據,IP,地址的行為、活動規模、與先前紀錄而制定。發信者的,IP,地址一經查明，惡意電子郵件在抵達網絡之前就可被阻擋，並有效防止如：,zombies,或,botnet,的威脅進入網絡或是用戶的個人電腦。,Public,Copyright 2009-Trend Micro Inc.,趨勢科技智慧防護網絡,(Smart Protection Network),檔案信譽服務,(File Reputation Service),結合網站與電子郵件信譽技術，雲端檔案信譽技術能夠檢查每份流經端點、伺服器、或閘道的檔案，並與防毒模式系統作比較。高效能內容傳輸網絡與區域快取伺服器能確保在檢查過程中的存取時間減到最低。,由於有關惡意軟件的資料已儲存在雲端網絡，所以用戶可以隨時獲得相關資訊。與下載防毒模式檔案的傳統方法比較，檔案信譽技術不但可以節省用戶時間，亦可以大幅減少下載檔案的端點儲存空間。,05/18/09,Public,Copyright 2009-Trend Micro Inc.,趨勢科技智慧防護網絡,(Smart Protection Network),行為分析的相關性技術（,Correlation technology with behavior analysis,）,以行為分析來檢查一系列網絡行為的相互關係，以判斷其惡意程度。獨立的網絡行為可能看似無害，但是將若干行為串連在一起時，則可能發現當中的惡意企圖。透過不斷更新威脅資料庫和比對不同的惡意行為，趨勢科技可以即時提供自動防禦功能。,05/18/09,Public,Copyright 2009-Trend Micro Inc.,趨勢科技智慧防護網絡,(Smart Protection Network),即時回應及更新功能,可以保持趨勢科技的產品技術和公司,24x7,的網絡威脅研究中心之間的緊密聯繫，提供雙向的溝通橋樑。例如，每當在用戶的電腦中偵測到新威脅，便會自動更新公司遍佈全世界的威脅資料庫，避免有更多用戶遇到同一威脅問題。趨勢科技不斷收集及處理由,honeyp