数据中心整体安全解决方案数据中心整体安全解决方案数据中心整体安全解决方案目录1.概述..................................................................................................................................................11.1.方案目标................................................................................................................................11.2.参考依据................................................................................................................................12.数据中心面临的安全挑战.................................................................................................................32.1.网络边界接入风险..................................................................................................................32.2.面向应用层的攻击..................................................................................................................32.3.虚拟化安全风险.....................................................................................................................42.4.APT攻击风险........................................................................................................................52.5.数据泄露风险.........................................................................................................................52.6.安全运维的挑战.....................................................................................................................53.方案思路...........................................................................................................................................73.1.总体思路................................................................................................................................73.2.设计原则................................................................................................................................74.方案设计...........................................................................................................................................94.1.安全域划分.............................................................................................................................94.1.1.边界接入区..................................................................................................................94.1.2.网络基础设施区...........................................................................................................94.1.3.业务接入区..................................................................................................................94.1.4.运维管理区................................................................................................................104.2.整体设计..............................................................................................................................104.3.各安全域安全架构设计.........................................................................................................114.3.1.互联网接入区.............................................................................................................114.3.2.外联接入区................................................................................................................124.3.3.内部接入区................................................................................