| 主权项 |
1. A network functions virtualization (NFV) security services controller of an NFV security architecture for managing security monitoring services of the NFV security architecture, the NFV security controller comprising:
one or more hardware processors; and one or more data storage devices having stored therein a plurality of instructions that, when executed by the one or more hardware processors, cause the NFV security services controller to:
transmit a security monitoring policy, via a secure communication channel, to one or more NFV security services agents distributed in a virtual network function (VNF) infrastructure of the NFV security architecture via an NFV security services provider of a virtual infrastructure manager (VIM) of the NFV security architecture, wherein the security monitoring policy comprises a set of monitoring rules usable by the NFV security services agents to monitor telemetry data of the NFV security architecture and adjust configuration settings of the NFV security services agents; andenforce the security monitoring policy transmitted to the one or more security monitoring components of the NFV security architecture; andaudit telemetry data stored at an audit database in network communication with the NFV security services controller, wherein the telemetry data is timestamped by a secure clock corresponding to the NFV security services agent that transmitted the telemetry data to the audit database, and wherein to audit the telemetry data comprises to (i) verify the telemetry data and (ii) sequence the telemetry data. |
