Shulou(Shulou.com)06/01 Report--

Second-class equal insurance

Serial number recommendation function or module proposal scheme or product importance is mainly based on remarks security level secondary sub-level secondary evaluation index weight 1 border firewall

Very important network security access control (G2) A) access control devices should be deployed at the network boundary to enable access control functions; 1

B) the ability to explicitly allow / deny access to the data flow should be provided based on session state information, and the control granularity should be at the network segment level. one

2. Detection system.

(module)

Very important network security * Prevention (G2) should monitor the following * behaviors at the network boundary: Port scanning, brute force * *, * backdoor * *, denial of service * *, buffer overflow * *, IP fragments * and network worms * *, etc. 1.

3WEB Application Firewall (Module)

Important application security software fault tolerance (A2) A) data validity verification function should be provided to ensure that the data format or length input through the man-machine interface or through the communication interface meets the requirements set by the system. 1 some old applications have no related verification function, and the application requests can be filtered by the WEB application firewall. The syslog server is very important. Network security audit (G2) a) the network equipment operation status, network traffic and user behavior in the network system should be logged. 1

B) the audit record shall include the date and time of the event, the user, the type of event, the success of the event and other information related to the audit. 0.5

The host security audit (G2) c) shall protect the audit records from unexpected deletions, modifications, or overwrites. 0.5

5 Operation and maintenance audit system

(fortress machine)

General network security network equipment protection (G2) (d) identity authentication information should not be easily used, and passwords should be required to be changed regularly; 1 some network devices do not support password complexity policy and replacement policy, it needs to be implemented by third-party operation and maintenance management tools. 6 Database audit

Critical host security audit (G2) a) the audit scope should cover every operating system user and database user on the server; 1

7 terminal management software

(patch distribution system)

Critical network security boundary integrity check (S2) should be able to check the behavior of internal users that appear in the internal network without permission to connect to the external network. 1 limit the host security in the case of terminal multiple network cards through terminal management software * G2) the operating system should follow the principle of minimum installation and install only the required components and applications. and by setting up the upgrade server and other ways to keep the system patch updated in time. Patch 8 enterprise antivirus software can be distributed uniformly through terminal management software

Important host security malicious code prevention (G2) a) should install anti-malware software and update the anti-malware version and malicious code base 1 in a timely manner.

B) Unified management against malicious code should be supported. one

9 Local backup scheme

Critical data management security backup and recovery (A2) a) should be able to back up and restore important information; 0.5

Third-class insurance

Serial number recommendation function or module suggestion scheme or product importance is mainly based on remarks security level three-level sub-item three-level evaluation index weight 1 border firewall and area firewall

(bandwidth management module)

Very important network security access control (G3) A) access control devices should be deployed at the network boundary to enable access control functions; 0.5

B) the ability to explicitly allow / deny access to the data flow should be provided based on session state information, and the control granularity should be at the port level; 1

Network security structure security (G3) f) should avoid deploying important network segments at the network boundary and directly connecting to external information systems, and adopt reliable technical isolation measures between important network segments and other network segments; 0.5

G) bandwidth allocation priorities should be specified in order of importance to business services to ensure priority protection of important hosts in the event of network congestion. 0.5

2Protective system

Very important network security (G3) A) the following * behaviors should be monitored at the network boundary: Port scanning, brute force, backdoor, denial of service, buffer overflow, IP fragments and network worms.

B) when * behavior is detected, record * source IP, * type, * purpose, * time, etc., and provide an alarm in case of serious * * incident and deal with it in a timely manner. (implementation) 0.5

Network security access control (G3) c) should filter the information content in and out of the network, and realize the command-level control of application layer protocols such as HTTP, FTP, TELNET, SMTP, POP3, etc. 1

3 antivirus gateway

Important network security malicious code prevention (G3) a) malicious code should be detected and cleared at the network boundary 1

B) upgrades of malicious code bases and updates of detection systems should be maintained. 0.5

4WEB Application Firewall

(or tamper proof)

Critical data management security data integrity (S3) a) should be able to detect that the integrity of system management data, authentication information and important business data is compromised during transmission, and take necessary recovery measures when integrity errors are detected Application security software fault tolerance (A3) a) data validity verification function should be provided to ensure that the format or length of the data input through the man-machine interface or through the communication interface meets the requirements set by the system; 1 some old applications have no related verification function, and application requests can be filtered by WEB application firewall; 5 terminal management software

(patch distribution system)

Important network security boundary integrity check (S3) b) should be able to check the private connection of internal network users to the external network, determine the location, and effectively block it. 1 limit the host security in the case of terminal multiple network cards through terminal management software (G3) c) the operating system should follow the principle of minimum installation and install only the required components and applications. And by setting up an upgrade server and other ways to keep the system patch updated in time. 0.5 Patch 6 enterprise antivirus software can be distributed uniformly through terminal management software

It is very important that host security malicious code prevention (G3) a) install anti-malware software and update the anti-malware version and malicious code base in a timely manner; 1

B) the host anti-malicious code product should have a malicious code base different from the network anti-malicious code product; 0.5

C) Unified management against malicious code should be supported. 0.5

7 Network admission system

Critical network security boundary integrity check (S3) a) should be able to check the private connection of unauthorized devices to the internal network, accurately determine the location, and effectively block it; 1

Audit system of the 8th Chronicle

It is very important that the network security audit (G3) a) log the operation status of network equipment, network traffic and user behavior in the network system; 1

B) the audit record shall include the date and time of the event, the user, the type of event, the success of the event and other information related to the audit. 0.5

C) should be able to analyze based on recorded data and generate audit statements; 1

D) Audit records should be protected from unexpected deletions, modifications or overwrites. 0.5

Host security audit (G3) e) should protect the audit process from unexpected disruptions; 0.5

9 Database audit

Critical host security audit (G3) a) the audit scope should cover every operating system user and database user on the server and important client; 1

10 Operation and maintenance audit system (fortress machine)

Important network security network equipment protection (G3) d) the main network devices should choose two or more combination of authentication technologies for identity authentication from the same user; 1 some network devices do not support two-factor authentication, password complexity policy and replacement strategy, which need to be implemented by third-party operation and maintenance management tools. E) identity authentication information should not be easily impersonated, and passwords should be required to be complex and changed regularly; 1 host security access control (S3) b) should assign permissions according to the roles of administrative users, so as to separate the privileges of administrative users and grant only the minimum permissions required by administrative users; 0.5

11 network management system

Important host security resource control (A3) c) should monitor important servers, including monitoring the use of CPU, hard disk, memory, network and other resources of the server; 0.5) the system (e) which uniformly monitors equipment resources at all levels through protocols such as SNMP) should be able to detect and alarm the service level of the system to a predetermined minimum value. 0.2

12 remote backup scheme

Critical data management security backup and recovery (A3) A) Local data backup and recovery functions should be provided, complete data backup at least once a day, backup media stored off-site; 0.5

B) remote real-time backup function should be provided, using communication network to back up data in real time to disaster backup center 0.5

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.