youjiageng1/doc-exports
1
0
Fork 0
forked from laiweijian4/doc-exports
Code Pull Requests Activity
doc-exports/docs/css/umn/css_02_0006.html
Zheng, Xiu 0c90df93b1 CSS UMN 20230404 Version 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Co-authored-by: Zheng, Xiu <zhengxiu@huawei.com>
Co-committed-by: Zheng, Xiu <zhengxiu@huawei.com>
2023-04-05 08:45:09 +00:00

18 lines
2.9 KiB
HTML
Raw Blame History

<a name="css_02_0006"></a><a name="css_02_0006"></a>
<h1 class="topictitle1">How Does <span id="en-us_topic_0076852832_text1724143149145256">CSS</span> Ensure Data and Service Security?</h1>
<div id="body8662426"><p id="css_02_0006__en-us_topic_0076852832_p25071515153118">CSS uses network isolation, in addition to various host and data security measures.</p>
<ul id="css_02_0006__en-us_topic_0076852832_ul1892414323310"><li id="css_02_0006__en-us_topic_0076852832_li8924163263111">Network isolation<p id="css_02_0006__en-us_topic_0076852832_p4650609320"><a name="css_02_0006__en-us_topic_0076852832_li8924163263111"></a><a name="en-us_topic_0076852832_li8924163263111"></a>The entire network is divided into two planes: service plane and management plane. The two planes are deployed and isolated physically to ensure the security of the service and management networks.</p>
<ul id="css_02_0006__en-us_topic_0076852832_ul06574073313"><li id="css_02_0006__en-us_topic_0076852832_li1515616590327">Service plane: This is the network plane of the cluster. It provides service channels for users and delivers data definitions, indexing, and search capabilities. </li><li id="css_02_0006__en-us_topic_0076852832_li6182175917322">Management plane: This is the management console, where you manage <span id="css_02_0006__en-us_topic_0076852832_text17947472920">CSS</span>.</li></ul>
</li><li id="css_02_0006__en-us_topic_0076852832_li137646345314">Host security<p id="css_02_0006__en-us_topic_0076852832_p143720134517"><a name="css_02_0006__en-us_topic_0076852832_li137646345314"></a><a name="en-us_topic_0076852832_li137646345314"></a><span id="css_02_0006__en-us_topic_0076852832_text14734145515910">CSS</span> provides the following security measures:</p>
<ul id="css_02_0006__en-us_topic_0076852832_ul17390102914514"><li id="css_02_0006__en-us_topic_0076852832_li13901298458">The VPC security group ensures the security of the hosts in a VPC.</li><li id="css_02_0006__en-us_topic_0076852832_li4390102918458">Network access control lists (ACLs) allow you to control what data can enter or exit your network.</li><li id="css_02_0006__en-us_topic_0076852832_li1839012916458">The internal security infrastructure (including the network firewall, intrusion detection system, and protection system) monitors all network traffic that enters or exits the VPC through an IPsec VPN.</li></ul>
</li><li id="css_02_0006__en-us_topic_0076852832_li55738695818">Data security<p id="css_02_0006__en-us_topic_0076852832_p1532919171598"><a name="css_02_0006__en-us_topic_0076852832_li55738695818"></a><a name="en-us_topic_0076852832_li55738695818"></a>Multiple replicas, cross-AZ deployment of clusters, and third-party (OBS) backup of index data ensure the security of user data.</p>
</li></ul>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="css_02_0051.html">General Consulting</a></div>
</div>
</div>
View Git Blame Copy Permalink