Upgrade to Pro — share decks privately, control downloads, hide ads and more …

小米-企业安全实践

Avatar for laiwei laiwei
July 28, 2014
Technology
1
5.3k

 小米-企业安全实践

xiaomi

Avatar for laiwei

laiwei

July 28, 2014
Tweet

More Decks by laiwei

See All by laiwei
小米运维自动化
Avatar for laiwei laiwei
0
5.6k
小米自动化运维实践 qcon 2014 Beijing
Avatar for laiwei laiwei
2
12k
小米运维基础设施
Avatar for laiwei laiwei
2
1.3k
noops in xiaomi @ Velocity 2013 beijing
Avatar for laiwei laiwei
1
1.4k
laiwei #adc2013# #taobao adc#
Avatar for laiwei laiwei
5
3.8k

Other Decks in Technology

See All in Technology
Goでマークダウンの独自記法を実装する
Avatar for lag129 lag129
0
220
JavaScript 研修
Avatar for Recruit recruitengineers
PRO
4
320
microCMS 最新リリース情報(microCMS Meetup 2025)
Avatar for microCMS microcms
0
120
コスト削減の基本の「キ」~ コスト消費3大リソースへの対策 ~
Avatar for Makky12 smt7174
2
180
Effective Match Types - Scala Days 2025
Avatar for Jamie Thompson bishabosha
1
110
Figma + Storybook + PlaywrightのMCPを使ったフロントエンド開発
Avatar for Yuji Yamaguchi yug1224
9
2.9k
VPC Latticeのサービスエンドポイント機能を使用した複数VPCアクセス
Avatar for k-kun duelist2020jp
0
260
Gaze-LLE: Gaze Target Estimation via Large-Scale Learned Encoders
Avatar for Kazuyuki Miyazawa kzykmyzw
0
330
新卒(ほぼ)専業Kagglerという選択肢
Avatar for Ryota nocchi1
1
2.4k
Android Studio の 新しいAI機能を試してみよう / Try out the new AI features in Android Studio
Avatar for Yuki Anzai yanzm
0
280
LLMエージェント時代に適応した開発フロー
Avatar for Yuya Hirayama hiragram
1
420
アジャイルテストで高品質のスプリントレビューを
Avatar for Shigeki Shoji takesection
0
120

Featured

See All Featured
Making Projects Easy
Avatar for Brett Harned brettharned
117
6.3k
Build your cross-platform service in a week with App Engine
Avatar for Jose L jlugia
231
18k
Put a Button on it: Removing Barriers to Going Fast.
Avatar for kastner kastner
60
4k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
Avatar for mongodb mongodb
48
9.6k
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
328
39k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
Avatar for Morgane Peng morganepeng
131
19k
Product Roadmaps are Hard
Avatar for C. Todd Lombardo iamctodd
PRO
54
11k
The Language of Interfaces
Avatar for Des Traynor destraynor
160
25k
[RailsConf 2023 Opening Keynote] The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
30
9.6k
Designing for Performance
Avatar for Lara Hogan lara
610
69k
The Power of CSS Pseudo Elements
Avatar for Geoffrey Crofte geoffreycrofte
77
5.9k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
8
480

Transcript

  1. 图说企业安全建设 看屌丝是怎样建设安全基础设施 --- 小米安全中心:康竟淞 新浪微博:@淡定淞淞

  2. 前言 权限管理  Godlike -- 认证,授权,审计(AAA)  Medusa -- 密码管理

    入侵检测  NIDS -- Suricata+ELK  LIDS -- OSSEC Web安全  Webscan -- 扫描平台 安全防护  Shield -- 应用防火墙 数据分析  安全日志分析  流量分析

  3. GODLIKE •关键字: Google authenticator Cmdrecorde  Kerberos Ldap

  4. 示意图 用户 堡垒机 验证 服务器 目标服务器 SSH 审计服务器 办公网 IDC

    审计员 权限管理员

  5. 用户 权限管理 审计员 各角色界面

  6. IDS • 关键字: Suricata ELK(elasticsearch + Logstash + Kibana) Ossec

    SyslogNG

  7. 示意图 GUI & Report Logstash Indexer Shiper 3 Elasticsearch Storage

    & search Kibana Web Interface Shiper 2 IDC1 服务器 网络设备 SyslogNG OSSEC Shiper 1 Network Network Interface PF_RING Sensor Suricata Rules eve.json Logstash- forwarder

  8. 界面图

  9. SHIELD • 关键字: Nginx Lua Redis

  10. 示意图 Client 部分 Tengine Lua Sqlite Shield Client Pipe Server部分

    Mysql Webconsole Redis

  11. 界面图

  12. 安全日志分析 • 关键字: Kafka Storm Redis

  13. 示意图 流量镜像 Storm Redis Mysql Kafka Web应用 Java 应用

  14. 界面图

  15. THANKS! Q&A