摘要
网络安全形势风云诡谲,企业的传统安全防护体系在面对高阶持续攻击时已无法实时监控系统持续运行、保护数据安全。为全方位保护企业的网络安全,结合纵深防御的指导思想构建一套从主机、应用到网络边界的安全防护体系。利用技术手段实现多点实时检测,结合威胁情报、日志安全分析以及自动化阻断恶意访问的安全防护体系,经过网络安全攻防演练实战检验,有效的告警信息和快速的处置手段可大幅减少应急响应处置的时间。
The situation of network security is changeable,and the traditional security protection system of enterprises has been unable to real-time monitor the continuous operation of the system and protect the data security in the face of high-level continuous attacks.In order to protect the network security of enterprises in an all-round way,combined with the guiding ideology of defense in depth,this paper constructs a set of security protection system from the host,application to the network boundary.Using technical means to achieve multi-point real-time detection,combined with threat intelligence,log security analysis and automatic blocking malicious access security protection system.Through the actual combat test of network security attack and defense drill,effective alarm information and fast disposal means can greatly reduce the time of emergency response disposal.
作者
周蒙
裘岱
ZHOU Meng;QIU Dai(SSE Infonet Co.,Ltd.,Shanghai 201203,China)
出处
《现代信息科技》
2020年第24期97-100,共4页
Modern Information Technology
关键词
网络安全体系
纵深防护
实时监测
network security system
depth protection
real-time monitoring
