Updated on 2025-08-13 GMT+08:00

Data Protection

KooSearch employs the following methods to protect data and service security:

  • Network isolation

    The entire network is divided into two planes: service plane and management plane. The two planes are isolated physically to ensure the security of the service and management networks.

    • Service plane: It is the cluster's network plane. It provides service channels and knowledge Q&A capabilities for users.
    • Management plane: It provides a management console that you can use to manage CSS.
  • Host security

    This includes the following security measures:

    • VPCs and security group rules can be configured to enhance host security.
    • Network access control lists (ACLs) enable granular control of inbound and outbound traffic to regulate data flow across your network perimeter.
    • The internal security infrastructure (including network firewalls, intrusion detection system, and protection system) monitors all network traffic that enters or exits the VPC through an IPsec VPN.
  • Data security

    The vector database used by KooSearch uses multiple replicas, cross-AZ cluster deployment, and a third-party (OBS) backup solution to ensure data security.