Wangsu Security: To prevent the "barrel effect" of network security, how can enterprises build "systematic security"?

Wangsu Security: To prevent the "barrel effect" of network security, how can enterprises build "systematic security"?

In the future, Wangsu's systematic defense capabilities of integrating Web and infrastructure protection, office and security, security services and security hosting will continue to evolve, helping enterprises develop digital intelligence and maximize security value. change.

Recently, the Wangsu Security New Product Technology Exchange Conference was held in Beijing with the theme of " Innovation in Digital Security " . Wangsu Security is a sub-brand of Wangsu Technology. Based on the core concept of "systematic security", it has brought the latest technological achievements such as WAAP full-site protection system, SASE office security integrated system , and MSS comprehensive security service hosting system.

In recent years, the failure of traditional border security has become a consensus in the industry. According to the cyber threat report released by SonicWall in 2023 , throughout 2022 , there will be a significant increase in malware, network intrusions, cryptojacking and IoT malware. It can be said that in the absence of systematic defense measures, the situation of cyber attacks in various industries has become more serious.

Frequent network security incidents are due, on the one hand, to the fact that in the process of digital transformation, with the popularization of cloud and mobile network architectures, traditional security boundaries are broken, and the trend of diversified applications and micro-service architectures makes the attack surface Also increased dramatically.

On the other hand, the security threats faced by enterprises are also more diverse. While technological advancements benefit enterprises, they also arm criminals. In recent years, new attack methods have emerged in an endless stream, and the anchor points of attacks have continued to increase. From network layer, application layer, business layer to API attacks, no one is immune.

"Cybersecurity has an obvious 'barrel effect'. If one weak link is breached, the entire network will collapse." Lu Shibiao, vice president and chief security officer of Wangsu Technology, said that network security needs to be based on the overall situation and achieve security through systematic core logic. Same high water level for all modules.

What is "systematic security"? Specifically, Wangsu Security's "systematic security" mainly includes the WAAP full-site protection system for Web security, the SASE office security integrated system for enterprise production and office security, and the MSS comprehensive security service hosting system for enterprise security construction . .

WAAP site-wide protection system: protecting Web security

WAAP ( Web Application and API protection ), namely Web application protection and API protection . In 2021 , Gartner analysts Jeremy D'Hoinne and Adam Hils coined the term WAAP , which can be seen as an evolution and innovation of WAF ( Web Application Firewall, Web Application Firewall ), aiming to improve industry vendors and users. The importance enterprises attach to API security protection - As an important infrastructure for enterprise digital transformation, APIs have gradually become the main target of attackers.

According to Gartner predictions, by 2026, more than 40% of enterprises with C-side applications will rely on WAAP to mitigate bot attacks, although the proportion will be less than 10% in 2022. Currently, the cloud web application and API protection market is growing rapidly.

Based on the WAAP concept, Wangsu Security adopts a cloud service approach and integrates the four major capabilities of DDoS cloud cleaning, Bot management, API security and Web attack protection. It replaces the simple superposition of various security capabilities of Web security and can provide enterprises with comprehensive Web infrastructure. Integrated protection solutions for , applications and businesses . It is worth mentioning that Wangsu WAAP is the first WAAP security protection solution in the country to pass the China Academy of Information and Communications Technology (WAAP) security capability inspection.

DDoS Cloud Cleaning is a self-developed protection algorithm developed by Wangsu Security based on its own resource advantages and combined with big data analysis. It can detect and clean all kinds of DDoS attacks in real time. The platform protection capability exceeds 15 T/ 1 billion QPS .

The distributed Bot management network is combined with the risk control decision-making brain and uses key technologies such as human-machine confrontation, device fingerprinting, AI models, and threat intelligence to achieve hierarchical management of business risks.

In terms of API security, Wangsu WAAP conducts real-time refined detection and protection of API traffic by taking inventory of API assets and risks to ensure API data security and high business availability.

For the protection of WEB attacks, Wangsu WAAP can defend against various types of Web attacks and avoid malicious website intrusions. At the same time, because it is equipped with full-site isolation technology, it can effectively hide the website source code, JS, API, development framework and other exposed surfaces to ensure business Data Security.

According to Lu Shibiao, Wangsu WAAP can provide L3-L7 layer threat in-depth defense and protection engine architecture. It uses Wangsu resources, data, practical experience and AI-driven intelligent protection technology as the capability base. In complex attack scenarios, through universal The linked protection between modules and scenario-based protection modules can effectively improve confrontation efficiency and protection capabilities. Compared with overlay security solutions, Wangsu WAAP can reduce processing delays by 30%, increase response speed by 5 times, improve protection effects by more than 30%, greatly simplify operational complexity, and significantly improve operational efficiency .

Beforehand, we can discover asset exposure in advance through one-click access and identification of web assets; during the incident, we can use technologies such as DDoS / CC protection, Web attack protection, distributed Bot management, API security management, and full-site isolation to implement full-site protection management. A closed loop of Web protection is realized under unified management; afterwards, Wangsu security operation experts can provide solutions such as business prevention strategy optimization and security reinforcement suggestions through aggregate analysis of data. In this way, Wangsu WAAP achieves full life cycle protection for Web assets.

In the 2022 China public cloud anti-DDoS and cloud web application firewall market share rankings, Wangsu Security ranks among the top 5, and Wangsu WAAP is gaining recognition from more and more partners.

SASE integrated office security system: assisting office and production network security

The full name of SASE is Secure Access Service Edge, which is the secure access service edge. It is a security model proposed by Gartner in 2019. SASE combines comprehensive network-as-a-service functions with comprehensive network security functions.

With the development of cloud, big data, Internet of Things, edge computing and mobile office, most enterprises or organizations have more users, devices, applications, services and data located outside the enterprise. Enterprises need to meet security, cloud, remote access and connectivity requirements simultaneously. Gartner noted in its SASE market trends report that "customer demands for simplicity, scalability, flexibility, low latency and pervasive security are forcing the convergence of the WAN edge and network security markets."

According to Gartner's description of SASE, SASE integrates SD - WAN networking, security and remote access into a unified cloud service, and provides customers with the combination and security control functions of existing distributed networks through a new integrated cloud-native architecture. Including Software Defined Wide Area Network (SD - WAN), Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Network Firewall (FW) and Zero Trust Network Access (ZTNA) .

Currently, SASE has a variety of typical application scenarios, including hybrid offices, three-party access, mergers and acquisitions, network transformation, edge protection, etc. It supports end-to-end access security control to help enterprises of all sizes protect users, applications and Data Security.

Wangsu Security SASE platform is China's first cloud-native, globally distributed network architecture that provides highly integrated integrated cloud services. Based on SASE security architecture and zero-trust security concepts, it integrates SD-WAN intelligent networks, global edge computing nodes and security Protection capabilities provide integrated office security solutions in the form of a unified management platform and unified client, which can effectively reduce various attack risks caused by blurred enterprise network security boundaries and improve IT efficiency.

In the offensive and defensive confrontation, Wangsu's SASE integrated office security solution established an end-to-end zero-trust protection system based on the zero-trust concept of "identity-centered, never trust, continuous verification and dynamic authorization", and built The five-layer trusted defense line covering "application, terminal, identity, behavior, and data" realizes defense in depth and ensures the security of enterprise network and IT asset data.

In data security governance, the application of zero-trust SASE can integratedly solve the risk of data leakage with closed-loop protection covering the data life cycle.

In the security networking, Wangsu self-developed SD - WAN intelligent network, as one of the base capabilities of the zero-trust SASE platform, integrates wide area network optimization, key business guarantee, second-level real-time monitoring, multi-level early warning and visual intelligent centralized operation and maintenance, etc. technology. Wangsu SD - WAN platform supports multiple access methods such as MSTP, SDH , MPLS, Internet, 4G /5G , etc. Deploying CPE on the client can introduce user traffic to the platform nearby, and then complete the control through a control system Centralized management of planning, provisioning, monitoring, alarming, and management operations, and the application of multiple technologies on the platform's POP nodes can also help enterprises achieve business isolation, data encryption, and forwarding.

Wangsu SASE's powerful platform capabilities, full-scenario data security solutions, integrated zero-trust solutions, and high-level in-depth protection have helped Wangsu Security win market recognition and was selected into Gartner's "China's ICT Technology Maturity in 2023 " Curve Report》A benchmark manufacturer in the SASE field.

For many enterprises that are interested in or have already embarked on the SASE journey, the construction of SASE requires comprehensive changes in architecture, processes and security awareness, so the transition to a complete SASE architecture will take time. Wangsu Security recommends that for those enterprises that have moved towards zero trust, in order to achieve the evolution goals of SASE, they do not need to re-purchase all new technologies. Instead, they can combine the application of deployed technologies and various technology combinations to maximize security benefits. Maximize utilization in the SASE framework.

M SS comprehensive security service hosting system: serving the entire process of enterprise security system construction

Wangsu Security divides the construction of enterprise security systems into four stages: compliance construction period, risk prevention and control period, data protection period and confrontation and countermeasures period.

During the compliance construction period, enterprises need to ensure that IT infrastructure and online businesses meet regulatory compliance requirements. Wangsu Security can provide end-to-end compliance consulting services that integrate equal protection, confidentiality assessment and data security to help enterprises complete this. 1. Basic work for safety construction.

During the risk prevention and control period , enterprises provide security hosting services based on cloud-ground linkage to help enterprises quickly build rich risk perception capabilities and improve protection levels.

After entering the data protection period , enterprises need to improve internal trust and risk control mechanisms through overall prevention and control. Wangsu Security provides security operation optimization solutions based on the PDCA cycle to help enterprises optimize their security systems.

During the confrontation and countermeasures period , based on Wangsu's self-developed security products and services, we build an active defense system for enterprises to achieve actual combat empowerment and traceability countermeasures capabilities.

In addition, for scenarios such as multi-cloud heterogeneous and hybrid environments, Wangsu Security is equipped with an integrated cloud security management platform that spans public clouds, private clouds and physical environments, providing security protection components from the boundary, host to database levels, and integrating It provides multi-dimensional management capabilities such as assets, vulnerabilities, attack surfaces, and logs to achieve visual unified security operation management.


How to use the double-edged sword of "digital intelligence" is an issue that needs to be solved urgently in the industry. Wangsu Security has been deeply involved in the field of network security for more than 13 years, and has accumulated more than 50 security capabilities. The platform protection scale exceeds 15Tbps. In the long-term actual offensive and defensive operations, it has accumulated rich experience and massive threat intelligence data. In the future, Wangsu's systematic defense capabilities of integrating Web and infrastructure protection, office and security, security services and security hosting will continue to evolve, helping enterprises develop digital intelligence and maximize security value. change.