개인정보 등 중요 정보 자원을 보안이 한층 강화된 별도 Zone에서 관리합니다
Security Service for Safer Management of Important Information Assets
Secure Zone provides the infrastructure and network configuration to help you stay in line with the Information and Communication Act and other relevant regulations.
Use Secure Zone Firewall, DB Security Solution, and Secure Zone for safe information management.
- Minimized Business Loss from Personal Information Leakage
- The increasing amount of hacking or intrusions from external sources and negligence or malicious acts from internal sources are becoming a serious threat to business continuity due to the leakage of sensitive data, such as customers’ personal information. Secure Zone provides an optimized environment to protect important customer information from various internal and external threats based on the Personal Information Protection Act.
- Linking with Existing Products for Convenient Usage
- Connect with your existing products, such as Server, Storage, and LB, to extend and configure the service in a quickly and easily. You can safely extend your existing service by connecting the Server in the Secure Zone and other Zone products of general service to a private IP.
- Network Access Control Between the Service Zone and Secure Zone
Set an access control policy to the instance created within the secure zone. You can use the following features:
· High performance traffic/session management
· Object management and traffic usage lookup
· Default redundancy configuration to ensure high availability
Secure Zone Usage Process
You can configure Secure Zone by selecting the products to meet your needs and purpose: SSL-VPN, Secure Zone Firewall, DB Security Solution, and Secure Zone.
Server Access via SSL-VPN
Server access is only available via SLL-VPN, since Secure Zone does not provide a public IP. Thus, if the server is a Secure Zone generated server, it provides a strong security service for not only for personal information DB but also for WAS and the general server.
Access Control via Secure Zone Firewall
Secure Zone Firewall provides the following features:
- Firewall Policy: Set to allow or deny bidirectional network access control rules for IPs, protocols, and ports between Service Zone and Secure Zone.
- IP address: See the list of IP addresses for the Service Zone and Secure Zone on the policy configuration page and minimize user input errors.
- Address Group: Create a group using the customer VM list and use it for policy configuration.
- Network Usage: Look up and view the firewall traffic usage (billable) in daily or hourly units.
- Secure Zone Firewall log information will be necessarily collected and stored into Cloud Log Analytics (CLA) service.
DB Security Through DB Security Solution
An access control solution and an encryption solution must be applied to DBs that contain personal information in order to meet the personal information protection measures set forth by law. And the access control solution must include the query monitoring function.
You can use your own solutions or use the features included in the DB. However on public cloud, you must you a CC certified encryption solution, which includes a cryptographic module approved by the relevant institution in Korea.
* Secure Zone Desktop: We do not provide a secure zone for desktop. You need to configure a separated Internet environment for the device to access the personal information database.
* DB Security Solution: You need to select a 3rd party solution for configuration.
The following prices are charged depending on the products selected for using Secure Zone. For Secure Zone Firewall, a basic usage fee is applied.
SSL VPN Service Fee
|Service Type||Single-factor authentication||Two-factor authentication|
|Up to 3 external access IDs can be registered||9,000 KRW/month||40,000 KRW/month|
|Up to 5 external access IDs can be registered||12,000 KRW/month||70,000 KRW/month|
|Up to 10 external access IDs can be registered||24,000 KRW/month||100,000 KRW/month|
- You can select an option of 3, 5, or 10 IDs. The price is based on the selected product, rather than the number of IDs that the customer has registered.
(For example, if you select the 3 ID service, you will be charged for 3 IDs even if you only register 2 IDs.)
- If the SSL VPN usage fee is charged on a monthly basis and the usage time is less than one month, the fee will be calculated by the number of days used.
- Pricing will be implemented based on Korea Standard Time (UTC+9).
Network Transfer Fee
Any network traffic generated by 3rd party access to the server via SSL VPN will be charged with the network traffic used by the server.
Secure Zone Firewall
|Basic Usage Fee||400,000 KRW/month|
|Additional Usage Fee||
Based on hourly peak traffic,|
· Under 30 Mbps: Free.
· Over 30 Mbps: 50 KRW/hour per 10 Mbps exceeding the basic 30 Mbps.
(※ The excess usage is rounded up to the nearest 10 Mbps for calculation.)
- The basic usage fee is charged if you choose to use Firewall, a mandatory product for using Secure Zone. (The basic usage fee will be calculated on a daily basis from the time of application until the time of termination.)
- An additional usage fee will be calculated by rounding up to the nearest 10 Mbps on the hourly peak traffic handled by the Secure Zone Firewall.
- Up to 30 Mbps of hourly Peak Traffic will be provided free-of-charge, but any excess usage will be charged by rounding up to every 10 Mbps.
E.g. 1: If the hourly peak traffic does not exceed 30 Mbps in the month, only the basic usage fee of 400,000 KRW will be charged.
E.g. 2: If the hourly peak traffic of 45 Mbps is generated only for 1 hour and the traffic is under 30 Mbps at other times in the month, an additional usage fee of 100 KRW is charged along with the basic usage fee.
100 KRW = 15 Mbps (45 Mbps - 30 Mbps). 15 Mbps is rounded up to 20 Mbps. So, using the price per hour unit, 20 Mbps x 50 KRW/10 Mbps x 1 Hour = 100 KRW
- Pricing will be implemented based on Korea Standard Time (UTC+9).
Cloud Log Analytics
Secure Zone Firewall requires you to use Cloud Log Analytics service.
※ The CLA fee is charged by combining the log storage fee and API call fee.
|Billing Basis (Monthly)||Unit||Billing Amount (KRW/Unit)|
|Combined Log Usage||Provided as default (1GB or less)||0 KRW|
|Capacity (Per 1GB)||800 KRW|
Case 1) If you store 10GB worth of application logs for 20 days, then store 20GB for the remaining 10 days of the month,
the monthly average amount of data stored (GB-month) is as follows:
(Usage is calculated on an hourly basis, for 30 days in a month)
- Monthly average log usage = [10GB x (20 days x 24 hours) + 20GB x (10 days x 24 hours)]/720 hours = 13.3 GB-month
- Monthly log storage fee = 13.3GB-month x 800 KRW = 10,640 KRW
- The data storage period is 30 days. After 30 days, the data is automatically deleted without prior notice.
- API calls are used when you use the public API of CLA from external services. Currently, it is free of charge.
DB Security Solution
- DB control access solution: Select a solution on the product or contact customer support for information on other external solution services.
- DB encryption solution: Select a solution on the product or contact customer support for information on other external solution services.