Stock Abbreviation : Topsec      Stock Code : 002212
7*24 hour service: 400-777-0777
Product Service
View all
  • Infrastructure Network
  • Data security
  • Industrial Internet Security
  • IoT
  • Safety service and operation
  • Cloud computing and cloud security
  • Zero Trust
Border Security
Application Security
Security Management
Safety Detection
Endpoint Security
Popular products
Zero Trust
Build a dual system security framework of zero trust inference and trusted inference.
Consulting and support services
Security Operations
Red blue confrontation service
Security Cloud Service
New technology testing services
Security integration
Industry specific services
Popular products
Zero Trust
Build a dual system security framework of zero trust inference and trusted inference.
Special Topics in Security
Security Research
About Us
About Topsec
China's leading cyber security, big data and cloud service provider
Learn about Topsec
About Us
Contact Us
Zero Trust
Build a dual system security framework of zero trust inference and trusted inference.
EN

Cloud Security

Help users build a three-dimensional defense system for Cloud Security

Background

With wide application of cloud computing in China, an increasing number of customers choose cloud computing to host their service systems. Cloud computing has altered previous IT architecture, organizational structure, and application modes, providing value to users while posing new security challenges. For example, the problem of virtual machine escape caused by resource reuse technology, the problem of traffic monitoring in the cloud, the problem of cloud computing configuration compliance, the problem of elastic allocation of security resources. These new security challenges have slowed service migration to the cloud significantly. In many cloud related surveys, security has always been one of the biggest concerns for users to migrate their services to the cloud.

Relevant Policies
Security Guidelines and Capability Requirements of Cloud Computing Services
GB/T 31167-2014 Information Security Technology Security Guide of Cloud Computing Services standardized the security requirements for CPC and government authorities to adopt cloud computing services for the first time.
View Details
Security Guidelines and Capability Requirements of Cloud Computing Services
GB/T 31168-2014 Information Security Technology - Security Capability Requirements of Cloud Computing Services standardized the security requirements for CPC and government authorities to adopt cloud computing services for the first time.
View Details
Opinions on Strengthening Cybersecurity Management of Cloud Computing Services in CPC and Government Authorities
Opinions on Strengthening Cybersecurity Management of Cloud Computing Services in CPC and Government Authorities ([2014] No. 14 Document of Office of the Central Cyberspace Affairs Commission) clearly stated that the CPC and government authorities need to conduct a cybersecurity review of cloud computing services.
View Details
Measures for Security Assessment of Cloud Computing Services
The Cloud Computing Services Security Assessment Measures was jointly issued by the Cyberspace Administration of China, the National Development and Reform Commission, the Ministry of Industry and Information Technology, and the Ministry of Finance on July 2, 2019 to strengthen the implementation of cloud computing security review.
View Details
Information Security Technology Security Reference Architecture of Cloud Computing
GB/T 35279-2017 Information Security Technology Security Reference Architecture of Cloud Computing standardized the terms and reference models related to cloud computing security.
View Details
Cybersecurity Classified Protection 2.0
GB/T 22239-2019 Information Security Technology Baseline for Classified Protection of Cybersecurity defined the basic security requirements in the cloud computing environment and expanded the scope of application of cloud security compliance.
View Details
Cybersecurity Classified Protection 2.0
GB/T 28448-2019 Information Security Technology Evaluation Requirement for Classified Protection of Cybersecurity defined the basic security requirements in the cloud computing environment and expanded the scope of application of cloud security compliance.
View Details
Cybersecurity Classified Protection 2.0
GB/T 22240-2020 Information Security Technology Evaluation Requirement for Classified Protection of Cybersecurity defined the basic security requirements in the cloud computing environment and expanded the scope of application of cloud security compliance.
View Details
Security Guidelines and Capability Requirements of Cloud Computing Services
GB/T 31167-2014 Information Security Technology Security Guide of Cloud Computing Services standardized the security requirements for CPC and government authorities to adopt cloud computing services for the first time.
View Details
Security Guidelines and Capability Requirements of Cloud Computing Services
GB/T 31168-2014 Information Security Technology - Security Capability Requirements of Cloud Computing Services standardized the security requirements for CPC and government authorities to adopt cloud computing services for the first time.
View Details
Opinions on Strengthening Cybersecurity Management of Cloud Computing Services in CPC and Government Authorities
Opinions on Strengthening Cybersecurity Management of Cloud Computing Services in CPC and Government Authorities ([2014] No. 14 Document of Office of the Central Cyberspace Affairs Commission) clearly stated that the CPC and government authorities need to conduct a cybersecurity review of cloud computing services.
View Details
Measures for Security Assessment of Cloud Computing Services
The Cloud Computing Services Security Assessment Measures was jointly issued by the Cyberspace Administration of China, the National Development and Reform Commission, the Ministry of Industry and Information Technology, and the Ministry of Finance on July 2, 2019 to strengthen the implementation of cloud computing security review.
View Details
Information Security Technology Security Reference Architecture of Cloud Computing
GB/T 35279-2017 Information Security Technology Security Reference Architecture of Cloud Computing standardized the terms and reference models related to cloud computing security.
View Details
Cybersecurity Classified Protection 2.0
GB/T 22239-2019 Information Security Technology Baseline for Classified Protection of Cybersecurity defined the basic security requirements in the cloud computing environment and expanded the scope of application of cloud security compliance.
View Details
Cybersecurity Classified Protection 2.0
GB/T 28448-2019 Information Security Technology Evaluation Requirement for Classified Protection of Cybersecurity defined the basic security requirements in the cloud computing environment and expanded the scope of application of cloud security compliance.
View Details
Cybersecurity Classified Protection 2.0
GB/T 22240-2020 Information Security Technology Evaluation Requirement for Classified Protection of Cybersecurity defined the basic security requirements in the cloud computing environment and expanded the scope of application of cloud security compliance.
View Details
Development Trend
Security cloudification

Cloud computing has introduced new concepts into the sales, product form, and delivery of security products. As more Internet enterprises and security vendors investigate ways to sell and deliver security products in the cloud, each vendor must improve the architecture of their original security products. Typical products include cloud WAF, anti-DDoS could, and cloud security resource pool.

Hybrid multi-cloud security management

Cloud computing has been developing rapidly. Multi-cloud, hybrid cloud, and distributed cloud scenarios have been developed to meet the needs of different industries. The cloud security field is also closely following the development of cloud computing, actively investigating security collaborative management in multi-cloud, hybrid cloud, and distributed cloud scenarios, as well as how to ensure security level consistency.

Cloud security systematization

The cloud security field is gradually shifting from single point construction to systematic construction after years of development. In terms of best practice, the CSA has proposed the cloud security control matrix; the United States Department of Defense proposed the Secure Cloud Computing Architecture (SCCA). In terms of compliance, China has launched Cybersecurity Classified Protection 2.0, which has standardized the security requirements in the cloud computing environment from multiple levels.

Users' Pain Points
Cloud traffic is invisible
Cloud computing is similar to a black box. Traditional technical means cannot monitor the east-west traffic of the cloud, and security managers cannot assess the cloud's security status.
Tenant security is difficult to achieve
Cloud computing typically adopts a multi-tenant architecture, with tenants' resources isolated from one another. Traditional security products and cloud computing platforms cannot provide tenants with independent security technology means.
There is a lack of elastic expansion security capabilities
The cloud computing services change frequently, and the future scale is uncertain. The traditional security architecture design is oriented to the fixed service scale and cannot adapt to cloud computing's elastic expansion and on-demand use features.
Technical System
Systematic cloud security architecture According to the security challenges faced by the current cloud computing environment and Chinese cloud computing compliance requirements, Topsec has introduced a cloud security in-depth protection system to address security issues in such fields as cloud computing boundary security, security management, east-west traffic security in the cloud, tenant-level security, and host security. Tenant-level security For the multi-tenant scenario of cloud computing, Topsec has introduced a cloud security resource pool system. The system provides each tenant with multi-level security capabilities covering hosts, networks, applications, and data. Tenants can enable security capabilities on demand according to their own needs. Hybrid multi-cloud security management Cloud computing is progressing toward multi-cloud, hybrid cloud, and distributed cloud models. Topsec actively adapts to the development of cloud computing, evolving from a cloud security solution for a single cloud environment to a hybrid multi-cloud and distributed cloud security solution, so as to provide a consistent level of security for various cloud environments.
Comprehensive Strength
Topsec adheres to the concept of "empowering security with cloud, empowering cloud with security, and integrating cloud and security", and actively embraces cloud technologies. In this way, Topsec infuses its security genes into the cloud computing product system and empowers security products and solutions with cloud. With these efforts, Topsec has launched 11 security network elements on the cloud computing platform, including the next-generation firewall, security audit, vulnerability scanning, baseline management, and security policy management. This helps to ensure that cloud services run securely on the cloud. Topsec adheres to openness and innovation in the field of cloud security, and extensively participates in building a cloud security ecology and formulating many national cloud security standards. With these efforts, Topsec ranks among the top in terms of market share.
Relevant Recommendations
RELIABLE NETWORK SAFE WORLD

Product Service

Security Research

Special Topics in Security

About Us
Hot products
Next Generation Firewall NGFW® Hyper-converged Management Emergency Response Service Data Security Management Platform
Typical cases
CNCC security construction project Loophole Scanning Project of a Communication Group Internet surface exposure detection project of a central ministry
More Recommendations
Data Security Cloud Computing Industrial Internet Internet of Vehicles
Copyright © 2022 Topsec Technologies Group. All Rights Reserved Privacy Policy