Shulou(Shulou.com)06/01 Report--

"four security capabilities that are necessary to maintain a secure network environment"

1. Risk prediction ability

Through the active exploration, analysis and evaluation of internal safety data and external hazard intelligence by using big data technology, we can find the problem early on the premise of danger, and adjust the security strategy to protect against the danger that can occur.

2. Defense capability

Use a hardening and isolation system to reduce the system's ability to find vulnerabilities and execute code, and to make it difficult for people to locate system core and exploit vulnerabilities by means of transferring * *. Through accident prevention and security policy compliance audit, through unified policy management and policy linkage to prevent unauthorized access to the system.

3. Hazard detection capability

Through the comprehensive detection of business data and infrastructure, combined with the existing security policy, put forward rectification suggestions, and link with the network operation and maintenance system to achieve security policy rectification and continuous monitoring after change. combined with the external situation to quickly find security vulnerabilities and respond.

4. Event response ability

Connect with the network operation and maintenance system to realize security linkage, quickly adjust the security policy in a short time when security loopholes occur, isolate infected systems and accounts, review and analyze the complete process of the event, use the data obtained by continuous monitoring to solve the corresponding security problems.

Design of Network layer Security Protection

1. Implement network layer access control and malicious code through FW, AV and IPS modules in FW or vFW.

Protection, * defense.

2. At the boundary of each intranet security domain, a firewall is deployed to realize the network layer access control of the domain boundary.

3. Deploy traffic monitoring equipment at the boundary of the internal network to achieve panoramic network traffic monitoring and audit.

The data packet is parsed, and the service performance and interaction response time are judged by session time, protocol type and so on.

Security protection and design of host layer

1. Deploy a security sandbox at the core exchange in each region to achieve host behavior and unknown threats

Analysis and early warning.

2. Through the adaptive security monitoring system, the host operating system type, version, process, account rights

Limit, rebound shell, vulnerability threats and other comprehensive monitoring and early warning.

Application layer security protection and design

1. Deploy WAF devices through external service domains to achieve security protection in the application layer based on * feature recognition.

List of Safety Protection equipment

Cloud firewall

Hardware firewall

Cloud waf

Hardware waf

IPS

Antivirus gateway

Online behavior management

Isolation gate

Flow analysis system

Multi-source threat Intelligence Analysis system

Unified security vulnerability management platform

V fortress machine

Yunbao bastion machine

Database audit

Situational awareness platform

System vulnerability scanner

Web vulnerability scanner

Database vulnerability scanner

Image file encryption

Yunbao bastion machine

Cloud database audit

Unified identity certificate

Virtual terminal reinforcement and protection software

Virtual host encryption machine

Data anti-disclosure

Network access equipment

Server hardening software

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.