摘要
在以虚拟化为主要技术平台的云计算环境中,能够提供有效可行的安全隔离方案,将直接决定整个云计算安全解决方案的安全防护能力。论文基于一般性的安全防护需求给出了一种较为通用的安全域规划方法,并在此基础上从虚拟机网络驱动层、虚拟交换机层、虚拟机监控器网络驱动层、二层物理网络层、三层物理网络层这五个不同的层面,针对可部署安全隔离防护设备的方案进行了深入的分析,比较了方案之间的优缺点,为用户选择合适的云安全隔离方案提供了有价值的参考。
In a major technology platforms into virtual cloud computing environment, it is possible to provide an effective and feasible safety isolation scheme wil directly determine the safety of the entire cloud computing to solve security protection program. Based on the general safety requirement gives a more general security domain planning methods, and on this basis, the network driver layer from the virtual machine, the virtual switch layer, the virtual machine monitor network driver layer, Layer 2 physical network layer, three physical network layer for five different levels can be deployed safely isolated protective equipment program conducted in-depth analysis and comparison of the advantages and disadvantages between the program, the user selects the appropriate cloud security solutions for isolation provides a valuable reference.