The Traffic Security Monitoring module is a crucial Apsara Stack Security service capable of detecting attacks within milliseconds. By conducting an in-depth analysis of traffic packets mirrored by the Apsara Stack network ingress, this module identifies various attacks and unusual activities in real-time. It collaborates with other protection modules to implement defenses, providing essential information and foundational data support for the entire Apsara Stack Security defense system.
Generates flow statistics on incoming and outgoing traffic through flow mirroring, offering a visual representation in the form of a flow graph.
Detects attacks initiated by malicious hosts within the Virtual Private Cloud (VPC) and identifies internal cloud servers under control.
Utilizes flow mirroring to identify abnormal flows surpassing specified thresholds.
Employs bypass blocking technology to intercept common web application attacks at the network layer based on default detection rules.
Leverages intelligence gained from combating hacker attacks, promptly identifying popular Internet attacks and 0-day attack methods and providing users with comprehensive security capabilities.
Analyzes major vulnerabilities and security incidents in advance, enabling timely responses to prevent security problems.
Utilizes big data modeling and analysis to identify network-wide security threats and fully display the security situation, incorporating over 30 algorithm models and combining historical, network, and host data for real situational awareness.
Adopts a cloud architecture design with functional modules based on the general x86 hardware platform, achieving independence from hardware.
Provides complete protection capabilities for network, host, application, data, and identity. All protection components engage in linked responses and intelligence sharing through automated operations.
Adopts an architecture of “network exit detection + server operating system linkage,” utilizing data analysis to identify security threats. This approach is fully compatible with all Internet Data Center (IDC) environments and avoids complexities in IDC network structures.