Hello, everyone!
Security Index Service (SIS) is a security assessment service for your cloud environment. It provides you with unified, clear, and multi-dimensional security views.
With SIS, you can know promptly whether your cloud environment is properly configured, whether the security measures are sufficient, and whether the proactive and passive security situations are good enough. In addition, SIS provides convenient paths to other security services. SIS is divided into three levels: security, low risk, and high risk.
Functions
SIS provides the following functions:
Security check: Evaluate user cloud environments from the aspects of identity authentication, access control, intrusion prevention, resource control, and backup and restoration, provide suggestions for modifying insecure configurations based on best practices, and provide links for quick recovery.
Compliance report: According to the technical requirements of classified protection specifications, detect user cloud environments from three dimensions (network and communication security, equipment and computing security, application and data security) and provide compliance reports to assist users in classified protection evaluation.
Working Principles
Component | Function | Typical Deployment Principle |
---|---|---|
SCC-Console | Security service management console. Users can access SIS through this module to create, use, and manage the service. | Deployed in two-node cluster mode at the Global |
SCC-LB | Load balancing node of security services. It balances the load of the clusters that pass through SCC-Service. | Deployed in two-node active/standby mode at the Region |
SCC-Service | Service node of security services, which implements service-oriented management of SIS | Deployed in two-node cluster mode at the Region |
SCC-GaussDB | Database node, which provides the data storage capability for SIS | Deployed in two-node active/standby mode at the Region |
ECS | Protected object of the security service | - |
DBSS | SIS requests instance information from DBSS. | - |
Reduce security risks with SIS
That's all, thanks!