Network security solutions
There is a security industry jargon,three technology, seven parts management, meaning security technology should be subordinate to management. When many security vendor in sell your product, often only emphasize how good their products, but not to the customer the product is applicable to the actual environment of the target enterprise. Actually security technology, security products, are necessary to the security management, only because of management and technology, from the use of security technology and product to safety management should do, is to put the cart before the horse. Enterprise information security plan accordingly, if compared to a ship, as a beacon, information security management, command of the ship where to go, how to go, if you don't go in accordance with the instruction of the lighthouse helmsman, the boat sank E on rocks is likely
The financial industry solutions
1. The bank information system overview
Banking system, including the people's bank of China, the China banking regulatory commission, and the subordinate departments and there are commercial Banks, joint-stock Banks and banking institutions such as unionpay information system, the security situation is directly related to national security and public interests. Bank business information across the country is going in the front. From the planning point of view, the information security of the bank building and bank of the whole electronic, information and network is closely related to the modernization of supervision and management of financial risks and the regulation of the financial risk of electronic, information and network closely together, is the basis of the construction of the bank of information security.
1) bank business information security situation
For commercial Banks, mainly involving the bank value management information system, information resource management system, product service management information system, bank risk regulatory system, bank account management information system, electronic bank business management system (network bank system, banking self-service system, etc.), gateway and office system, bank management center, bank operating system (call service center, electronic ticket center and information exchange center, etc.), bank development center system and disaster system, etc. For the business information systems, due to the banking system has a high degree of safety awareness, leadership attaches great importance to, the safety of the banking system's earlier work, formulate the relevant standards and norms, the security planning and implementation of the part. Widely used firewall, intrusion detection system, encryption key security products such as establishing the foundation of safety protection and monitoring system, but because of lack of money, make safety construction are still many deficiencies, there are many potential safety problems and issues.
2) bank network system security situation
Current bank network system security the safety of the important performance after the data centralization, the prominent problem is the emergency disaster preparedness system construction, isolation between systems in many systems, production of private network and public network isolation, access control security, outsourcing services, key nodes, large-scale intrusion detection and protection, and covert channel, safety training and other issues. The current increasingly networked computer application is increasingly wide, computer, system vulnerabilities also will increase. Over the years, the bank competition under the pressure, and constantly expand the electronic network, launch new electronically, ignoring the computer management system and the construction of safety measures, make the computer security problem increasingly prominent. On the other hand, becoming increasingly prevalent in computer knowledge, to international financial network development, computer crime technology also is rising, there is an upward trend in use of computer crime case, it is pressing for bank information system has a higher security system.
2. Business challenges
1) personnel issues:
, information security awareness of weak staff wrong operation, incorrect setting system downtime, data loss, caused by information leakage, etc
Unauthorized access privileges, personnel, such as: system administrators, application administrators to unauthorized access and transmission of sensitive data
, internal staff and the outgoing staff to steal business secret, especially the key employee turnover, collective flow, etc
2) technical issues:
• virus and hacker attacks more and more, more and more frequent, the outbreak of directly affect the enterprise normal business operations
3) legal issues:
Network abuse, employees political speech, access, illegal sites
Legal system is not sound, industry of unfair competition (such as: to steal secrets, destroy the enterprise business services)
3. The solution
Risk management as the core, prevention first, technology as the support, over information and information system life cycle, gradually set up by security organizations, regulations and technical guidelines, operation and technical protection measures with independent innovation ability and ability in developing new security system.
The government industry solutions
Nearly in recent years, with the surging development of domestic electronic government affairs, the government reached a climax on the Internet, open government, resource sharing and so on is the inevitable trend of government information, so that it would inevitably involve the issue of information security. Considering the inherent openness, international network itself and discharges, government network application in increasing degrees of freedom at the same time, the government network are put forward higher requirements for safety.
1. Description of industry:
Government agencies as an organ of the state function, the information system security is together with national security. In recent years, with the surging development of domestic electronic government affairs, the government reached a climax on the Internet, open government, resource sharing and so on is the inevitable trend of government information, so that it would inevitably involve the issue of information security. Considering the inherent openness, international network itself and discharges, government network application in increasing degrees of freedom at the same time, the government network are put forward higher requirements for safety.
2. The security demand analysis:
Government networks are typically for government agencies at all levels to establish the uniform computer information networks, including: data, video, voice, multimedia communication, video conference, data sharing, security and other functions, meet the confidential communication of multimedia network communication and directly affiliated institutions and the requests of the office. For internal network, but also has resources classification and classification, the classification of the difference, storage, transfer and use of information, there are strict authority management. Strictly distinguish between classified and not classified computer networks, information needs to be regular inspection of the Internet.
The problems existing in the embodied in:
[in the network virus threat]
Network security incidents of arp virus outbreak, not through effective technical method to locate the source of the outbreak. Brake itself does not have virus protection, prevent Trojan function, most likely a network unit to the spread of the virus to the entire network.
The use of [traffic bandwidth]
Network all ports open, lack of the whole network traffic distribution after the first analysis means and mechanism.、
Intranet business systems (such as process management system, OA office systems, etc.) and web important business systems, such as file server hosting, but did not do a comprehensive safety inspection and evaluation, there may be a security loophole, lead to malicious attack;
 safety monitoring and management
In network deployment, a lot of security products, as well as many business systems and servers, the lack of a centralized security management platform, on the analysis of all kinds of information security products and the server event, early warning, security network operations.
3. The government network common information security requirements are as follows:
3.1 information of manageability
Because the Internet is a large number of bad information, the government network on the premise of effective and reasonable use of Internet resources, to avoid the negative influence of government on the Internet and improve the efficiency of authority, need to certain access control information. Now, the realization of the network access control is very much, have all sorts of different needs for more flexible means of the implementation of the various types of security products lead to similar, need professional network security professionals for the realization of the customer to choose the best way, to achieve the best cost performance, protect the interests of the customer.
3.2 information confidentiality and integrity
There are important information because the government network, confidentiality and integrity of information demand is very high. Information could face a multi-level security threats, such as interference by electromagnetic radiation or lines of physical threats, leakage or storing confidential information systems are attacked. E-government applications such as bonded on net at the same time also require strictly guarantee the integrity of information, this needs to be thought from the perspective of network security as a whole, with unified network security strategy and select the corresponding security products, security of network information security.
3.3 unified security management platform
The government information system is one of the more common security threats mainly from many unintentional risk caused by human factors. Such as virus proliferation due to user security awareness is not strong, weak account password security, etc., the safety of the centralized and unified management software, such as virus software management system, identity authentication management system and network security equipment system management software, etc. The demand is higher. Therefore the security management platform can effectively through the implementation of the entire network security management, at the same time can also according to the safety management and training for personnel, improve the safety of staff awareness. This is for security management platform and professional network security services put forward higher requirements.
4. The solution
The information security of the network as a professional service provider, has long been the service aim of "creating value for customers". Has to clients construction and implementation of the multiple acclaimed network security project, and provides the high quality of security services. For the government the information system of the industry, concerns the integrity, confidentiality, and manageability of information such as security requirements. Based on the mesh network for many years in the field of information security protection safety practice summary and the research of security technology, using complete IT security strategy management system to guide the design of information system security and the corresponding support system. Respectively from the perspective of technology system, organization system and management system to provide professional services and solutions for network security, safeguard government customers in the regulation of information also has highly effective, the security of network.
Regular inspection of safety products, assess the efficacy of customer's security products, provide the basis for protection strategy adjustment, and ensure the safety of the existing product running normally;
Don't adjust and optimize the security policy, software and hardware update regularly, safety protection products sustained and effective;
By monitoring the collection and analysis of security event logs and found security threats, security advice, reduce the safety risk;
Through security notification services to help customers in a timely manner to understand the current status of the industry the latest security vulnerabilities early warning;
Safety equipment hardware and software fault timely processing of operation, to ensure the safety of the project within the scope of the equipment performance is stable, effective operation;
According to the situation of security vulnerabilities to release, equipment manufacturers of security patch updates, etc., regularly or irregularly to hefei then security equipment upgrade the software and hardware operation;
According to the safety equipment operational situation, organizing all the work record, summarize safety equipment running status, strategy adjustment and fault handling conditions, etc.