forked from docs/doc-exports
gtema
72909318a9
Reviewed-by: Goncharov, Artem <artem.goncharov@t-systems.com> Co-authored-by: gtema <artem.goncharov@gmail.com> Co-committed-by: gtema <artem.goncharov@gmail.com>
18 lines
2.3 KiB
HTML
18 lines
2.3 KiB
HTML
<a name="css_02_0006"></a><a name="css_02_0006"></a>
|
|
|
|
<h1 class="topictitle1">How Does <span id="text1724143149145256">CSS</span> Ensure Data and Service Security?</h1>
|
|
<div id="body1505370061292"><p id="css_02_0006__p25071515153118">CSS uses network isolation, in addition to various host and data security measures.</p>
|
|
<ul id="css_02_0006__ul1892414323310"><li id="css_02_0006__li8924163263111">Network isolation<p id="css_02_0006__p4650609320"><a name="css_02_0006__li8924163263111"></a><a name="li8924163263111"></a>The entire network is divided into two planes: service plane and management plane. The two planes are deployed and isolated physically to ensure the security of the service and management networks.</p>
|
|
<ul id="css_02_0006__ul06574073313"><li id="css_02_0006__li1515616590327">Service plane: This is the network plane of the cluster. It provides service channels for users and delivers data definitions, indexing, and search capabilities. </li><li id="css_02_0006__li6182175917322">Management plane: This is the management console, where you manage <span id="css_02_0006__text17947472920">CSS</span>.</li></ul>
|
|
</li><li id="css_02_0006__li137646345314">Host security<p id="css_02_0006__p143720134517"><a name="css_02_0006__li137646345314"></a><a name="li137646345314"></a><span id="css_02_0006__text14734145515910">CSS</span> provides the following security measures:</p>
|
|
<ul id="css_02_0006__ul17390102914514"><li id="css_02_0006__li13901298458">The VPC security group ensures the security of the hosts in a VPC.</li><li id="css_02_0006__li4390102918458">Network access control lists (ACLs) allow you to control what data can enter or exit your network.</li><li id="css_02_0006__li1839012916458">The internal security infrastructure (including the network firewall, intrusion detection system, and protection system) monitors all network traffic that enters or exits the VPC through an IPsec VPN.</li></ul>
|
|
</li><li id="css_02_0006__li55738695818">Data security<p id="css_02_0006__p1532919171598"><a name="css_02_0006__li55738695818"></a><a name="li55738695818"></a>Multiple replicas, cross-AZ deployment of clusters, and third-party (OBS) backup of index data ensure the security of user data.</p>
|
|
</li></ul>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="css_02_0001.html">FAQs</a></div>
|
|
</div>
|
|
</div>
|
|
|