新一代电信云网内生安全架构研究

摘要：数字化时代下，云网融合推动网络向虚拟化、服务化深度演进，传统基于边界防护的被动安全体系难以满足远程办公、智能运维等新兴场景的需求。聚焦新一代电信云网架构演进趋势，系统梳理业界内生安全技术路线，剖析其面临的云网环境下安全可见性不足、安全能力与云网业务协同滞后等挑战，提出一种深度嵌入云网基础设施的内生安全架构。该架构涵盖智能威胁感知、零信任策略联动等关键技术。本研究可为电信云网的安全范式转型及产业实践提供理论支撑与技术参考。

关键词：云网融合；内生安全；零信任；安全架构

Abstract: In the digital era, the cloud-network convergence drives networks toward deeper virtualization and servitization, while traditional passive perimeter-based security systems struggle to meet the demands of emerging scenarios such as remote work and intelligent operations. This paper focuses on the evolution trends of next-generation telecom cloud-network architectures, systematically analyzes existing endogenous security technical approaches in the industry, and examines the challenges they face in cloud-network environments, such as insufficient security visibility and delayed coordination between security capabilities and cloud-network services. We propose an endogenous security architecture deeply embedded in cloud-network infrastructure, which incorporates key technologies such as intelligent threat detection and zero-trust strategy coordination. The proposed architecture and technologies offer both theoretical foundations and technical references for the security paradigm transformation and industrial implementation of telecom cloud-network systems.

Keywords: cloud network convergence; endogenous security; zero trust; security architecture