Upgrade to Pro — share decks privately, control downloads, hide ads and more …

小米-企业安全实践

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for laiwei laiwei
July 28, 2014
Technology
1
5.3k

 小米-企业安全实践

xiaomi

Avatar for laiwei

laiwei

July 28, 2014
Tweet

More Decks by laiwei

See All by laiwei
小米运维自动化
Avatar for laiwei laiwei
0
5.6k
小米自动化运维实践 qcon 2014 Beijing
Avatar for laiwei laiwei
2
12k
小米运维基础设施
Avatar for laiwei laiwei
2
1.4k
noops in xiaomi @ Velocity 2013 beijing
Avatar for laiwei laiwei
1
1.4k
laiwei #adc2013# #taobao adc#
Avatar for laiwei laiwei
5
3.8k

Other Decks in Technology

See All in Technology
SOC2は、取った瞬間よりその後が面白い
Avatar for hima 3flower
1
190
Data Intelligence on Lakehouse Paradigm
Avatar for Scott Hsieh scotthsieh825
0
200
DEVCON 14 Report at AAMSX RU65: V9968, MSX0tab5, MSXDIY etc
Avatar for Akira Tsukamoto mcd500
0
220
人はいかにして 確率的な挙動を 受け入れていくのか
Avatar for vaaaaanquish vaaaaanquish
4
2.6k
書籍執筆での生成AIの活用
Avatar for Satoru Takeuchi sat
PRO
1
210
なぜCREを8年間続けているのか / cre-camp-4-2026-01-21
Avatar for missasan missasan
0
1.3k
Git Training GitHub
Avatar for Yuki Hattori yuhattor
1
270
困ったCSVファイルの話
Avatar for もっち mottyzzz
2
360
フルカイテン株式会社 エンジニア向け採用資料
Avatar for FULL KAITEN fullkaiten
0
10k
AI Agent Agentic Workflow の可観測性 / Observability of AI Agent Agentic Workflow
Avatar for yuzujoe yuzujoe
7
2.3k
Vivre en Bitcoin : le tutoriel que votre banquier ne veut pas que vous voyiez
Avatar for Renaud Lifchitz rlifchitz
0
360
3リポジトリーを2ヶ月でモノレポ化した話 / How I turned 3 repositories into a monorepo in 2 months
Avatar for Masatoshi Kubode kubode
0
110

Featured

See All Featured
The Mindset for Success: Future Career Progression
Avatar for Greg Gifford greggifford
PRO
0
220
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
Avatar for Dr. Kim W Petersen kimpetersen
PRO
0
230
Color Theory Basics | Prateek | Gurzu
Avatar for Gurzu gurzu
0
190
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
Avatar for Kenny Baas-Schwegler baasie
0
210
From π to Pie charts
Avatar for Rasagy Sharma rasagy
0
120
Art, The Web, and Tiny UX
Avatar for Lynn Fisher lynnandtonic
304
21k
Paper Plane
Avatar for Katie Cordina Lindsey katiecoart
PRO
0
46k
CSS Pre-Processors: Stylus, Less & Sass
Avatar for Bermon Painter bermonpainter
359
30k
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
Avatar for Aleyda Solis aleyda
2
9.4k
Helping Users Find Their Own Way: Creating Modern Search Experiences
Avatar for Dan Newman danielanewman
31
3.1k
HDC tutorial
Avatar for Michiel Stock michielstock
1
330
Designing for humans not robots
Avatar for Tammie Lister tammielis
254
26k

Transcript

  1. 图说企业安全建设 看屌丝是怎样建设安全基础设施 --- 小米安全中心:康竟淞 新浪微博:@淡定淞淞

  2. 前言 权限管理  Godlike -- 认证,授权,审计(AAA)  Medusa -- 密码管理

    入侵检测  NIDS -- Suricata+ELK  LIDS -- OSSEC Web安全  Webscan -- 扫描平台 安全防护  Shield -- 应用防火墙 数据分析  安全日志分析  流量分析

  3. GODLIKE •关键字: Google authenticator Cmdrecorde  Kerberos Ldap

  4. 示意图 用户 堡垒机 验证 服务器 目标服务器 SSH 审计服务器 办公网 IDC

    审计员 权限管理员

  5. 用户 权限管理 审计员 各角色界面

  6. IDS • 关键字: Suricata ELK(elasticsearch + Logstash + Kibana) Ossec

    SyslogNG

  7. 示意图 GUI & Report Logstash Indexer Shiper 3 Elasticsearch Storage

    & search Kibana Web Interface Shiper 2 IDC1 服务器 网络设备 SyslogNG OSSEC Shiper 1 Network Network Interface PF_RING Sensor Suricata Rules eve.json Logstash- forwarder

  8. 界面图

  9. SHIELD • 关键字: Nginx Lua Redis

  10. 示意图 Client 部分 Tengine Lua Sqlite Shield Client Pipe Server部分

    Mysql Webconsole Redis

  11. 界面图

  12. 安全日志分析 • 关键字: Kafka Storm Redis

  13. 示意图 流量镜像 Storm Redis Mysql Kafka Web应用 Java 应用

  14. 界面图

  15. THANKS! Q&A