Enterprise System Security Protection Scheme
1. overview of enterprise information systems
With the continuous occurrence of network security incidents in recent years, security issues have become a hot topic in the IT industry, and security issues are becoming more and more important for the development of XX enterprises. The security problem has become a problem to provide the normal effect of XX business platform and business stability, so enhance the security of our XX enterprises has become one of the important aspects of XX enterprises to enhance the competitiveness of enterprises.
XX enterprise group is one of the 520 major industrial enterprises and large pillar industry groups supported by the state. With the rapid development of information technology, XX group leaders fully aware of the importance of the construction of network security, in order to carry out the production, scientific research, decided to carry out technical transformation on the existing network security information system.
2. operators information system security analysis and recommendations
① Safety management
Link analysis:
Mainly refers to the XX enterprise group, equipment management, personnel management, strategy management, etc.;
At present, XX enterprise group has not a complete network security management system, we should establish a certain international standards to establish the construction management system.
Demand suggestion:
XX enterprise group information network needs to manage all the equipment and end users of the whole network. Technical personnel responsible for the management of computer and general computer users, rely on security technology and method and some good management measures, formulate some practical strategies of network security and the establishment of safety management system of XX enterprise information network. In addition, a mandatory network management system is proposed to manage network devices and clients
② Safety protection
Link analysis:
This section includes access control, confidentiality, integrity, availability, and non repudiation. This link mainly relies on some related technical means to realize. Access control mainly depends on firewall technology, Vlan technology, identity authentication technology and so on;
Confidentiality, availability, non repudiation: mainly include some means of information security, such as the use of VPN technology, the use of encryption software, or the use of CA certificates to ensure data security protection. Protection also includes the high availability of the line, network virus protection, data disaster protection and so on.
Demand suggestion:
Safety protection technology involved is very wide around more, for XX enterprise information network is currently the most needed means of protection is the protection to the entire network, firewalls, anti-virus and intrusion detection technology, on the basis of proposals to strengthen the protection system of XX enterprise data center information network. A VPN gateway is proposed to build a tunnel for the branch.
③ Safety monitoring
Link analysis:
Mainly refers to real-time monitoring, risk assessment, system reinforcement, vulnerability repair and so on;
The real-time detection of the intrusion detection system, the risk assessment on vulnerability analysis software system, reinforcement and patching requirements for network management personnel to keep track of all kinds of operating system and application vulnerabilities timely take necessary measures.
Demand suggestion:
For the XX enterprise information network currently no network security monitoring measures for network security problems need effective monitoring methods; risk assessment for the whole network needs to establish corresponding evalsuation system; system for reinforcement and repair loopholes need fixed work flow and vulnerability discovery and reinforcement plan.
④ Virus protection
Link analysis:
Mainly for the whole network, more than 1000 hosts and more than 30 servers for virus protection. Monitor the boundary and access point of the network.
Requirement analysis:
At present, XX enterprise group urgently needs a set of anti-virus software on the Internet to cover the whole network. Configuring antivirus gateway is recommended at the gateway.
⑤ Safety service
Link analysis:
The establishment of an excellent network security system depends not only on network security devices and related security measures, but also on how to build network security systems How to use the network security system? And how to deal with security problems? Users are very concerned about the general network of issues. What is the solution to these problems? We think professional matters should be left to professional people.
Requirement analysis:
In the XX enterprise group information network to build a good security system, we should be responsible for suggesting that the XX enterprise group should not ignore all kinds of security services provided by the security company in the early, medium and late stages.。
