Free Trial

Please fill in the following information for free trial.

  • Company

    *
  • Name

    *
  • Post

    *
  • Phone

    *
  • E-mail

    *

Free Download

Please fill in the following information for free trial.

  • Company

    *
  • Name

    *
  • Post

    *
  • Phone

    *
  • E-mail

    *

Products & Solutions

Cloud Security Solution

Solution Overview

According to the security dimension of AWS Cloud Framework and the company's own situation, ECCOM can provide comprehensive cloud security solutions covering all aspects of cloud infrastructure and application security protection, including:

● Network resource access protection: including basic network security, DDoS protection, tenant isolation and virtual machine firewall, and web attack protection provided by cloud WAF

● Account and authorization management

● System security configuration and maintenance

● Data security, resource backup and protection on the cloud

● Security incident monitoring and response

 

 

Four-dimensional cloud security solution

ECCOM uses the four-dimensional cloud security perspective to promote the security transformation of enterprises, and help enterprises construct suitable method of security control. For each dimension, Action can be taken and measured:

● Establish safety guidelines: Establish safety management, risk and compliance models which meet the environment and characteristics of the enterprise.

● Identify security precautions: Protecting business load, reduce threats and system vulnerabilities. 

● Monitoring and inspection: Improve overall visibility and transparency of deployment and operations on the AWS platform

● Establish operational and maintenance specifications for the security response

 

 In the actual solution implement,ECCOM provides full protection on security by following methods:

● Account and authorization

Creating independent IAM user and reflect the customer's organizational structure through IAM Group. In addition to the basic best practice of setting up MFA, regularly updating passwords/keys, etc., our security practices include: subdivide AWS resources by operation content, identify user groups, build a standardized tag system for security requirements, integrate external account system through Federation. 

 

● Network security

In terms of basic network security, security group and NACLs are used to detailing network access authorization. For more complex requirements, NGFW can be integrated to protect network security. Using VPC peering, VPN, and Direct Connect for secure network interconnection. Besides, according to the application security of the enterprise, it is necessary to integrate WAF and perform encryption and decryption of application access with ELB. 

 

● Monitoring, Audit, Analyze

Logs of AWS platforms and services are recorded by CloudTrail. CloudWatch is used to centrally collect, manage, track, and set alerts for AWS platforms and services, as well as system, application performance metrics, and logs. Continued security check through Trusted Advisor.

 

● Security operation and event response

Deploy AWS resources through CloudFormation and versioning control the configuration files. Setting up CloudWatch Alarms and integrate with AWS SNS to alert security personnel to response or use Lambda to automatically response when a specific security event happens. With the help of third-party SIEM like splunk, customer can process more extensive, more detailed, more intelligent and more complex security event monitoring.

 

● Data Protection

Classify the data according to the needs of enterprise or compliance requirements. By using the methods of resource tags, IAM or S3 bucket, different customized tags are applied to various of resources to define and realize the strategies of each data classification. Encryption of the transmission process and storage of data is also included.

 

 

Outcome

● Protect private and public cloud environments from advanced threat attacks. Effective defense against all kinds of DDOS, WEB attacks. Secure the cloud infrastructure.

● Isolation between different tenants. Ensure communication security and data confidentiality between tenants.

● Security is easily extended when replacing or migrating to a new cloud service provider. There is no need to change the security policy.

● Lower operating costs and use fewer resources to accomplish more tasks. 

● Optimize security of virtual environment and mixed deployment. 

 

Relevant Content

ECCOM will provide you with public cloud lifecycle services from planning, deployment to operation and maintenance

Public Cloud Solution

As a MSP service provider, ECCOM network currently provides a series of professional services such as consultation, migration, secure hosting and optimization, etc. for customers' public cloud, private cloud, hybrid cloud and traditio nal IT infrastructure.

MSP

 

 

 

 

TAC

Tel    : 400-820-5-820,800-820-5-820
mail  : TAC@eccom.com.cn
web  : www.ECCOM.NET.CN


Services

Services

ECCOM Smart Service
360° Comprehensive Lifecycle Services

More >


Contact Us

Shanghai

TEL:021-61372888

Nanjing Office

TEL: 025-84677650

Hangzhou Office

TEL: 0571-26890266

Beijing-Yintai Centre

TEL: 010-85216999

Beijing-Shoudong Centre

TEL:010-87224666

Jinan Office

TEL:0531-67880519

Xi'an Office

TEL:029-89384503

Shenzhen-Futian Office

TEL: 0755-33966800

Guangzhou Office

TEL: 020-28059288

Xiamen Office

TEL: 0592-5376000-92020

Fuzhou Office

TEL:

Chengdu Office

TEL: 028-65533878

Chongqing Office

TEL:023-88280080

Kunming Office

TEL:0871-3602050

Wuhan Office

TEL:027-87267899

Xianggang Office

TEL:+852 39735958