Abstract: The wide application of cloud computing technologies poses new challenges to VPC security monitoring on the cloud platform. VPC monitoring is difficult because of the following factors: large internal traffic, difficult identification of encrypted traffic, insufficient visualization of VPC monitoring, and difficult threat evidence collection. This document describes VPC monitoring. Based on technologies such as AI and SOAR, this document innovatively proposes a layered monitoring and in-depth cloud-network synergy monitoring system, and builds a cloud security monitoring center to implement two-level closed-loop monitoring within and between VPCs, resolving the key points and difficulties of VPC monitoring, build a secure and reliable cloud computing environment. This solution has been verified in practice and meets security compliance requirements. It can detect threats in the VPC in seconds and automatically collect evidence in minutes. It does not affect the normal running of tenant services. It is recommended that this solution be promoted to the entire cloud computing industry.

Key words: cloud cecurity, security monitoring, VPC monitoring, two-level closed-loop, depth monitoring

摘要： 随着云计算技术的广泛应用，对云平台（virtual private cloud，VPC）安全监测提出新的挑战．VPC监测难点在于内部流量较大难以检测、加密流量难以识别、VPC监测可视化能力不足、威胁难以取证．本文深入研究VPC监测，运用AI、安全编排，自动化和响应（security orchestration, automation and response，SOAR）等技术，创新性的提出分层监测、云网安协同联动的纵深监测体系，建设云安全监测中心，实现VPC内部、VPC之间的2级闭环监测，解决了VPC监测的重点和难点，共筑安全可信的云计算环境．此方案经过实践验证，满足安全合规要求，达到VPC内部威胁秒级检测，分钟级自动化取证，不影响租户业务的正常运行，建议向云计算全行业推广使用．

关键词: 云安全, 安全监测, VPC监测, 2级闭环, 纵深监测