Talking about the plan of network anti-virus system

The form of computer virus and the way of transmission is becoming more and more diverse, network anti-virus work is no longer a simple single computer virus detection and removal, the need to establish multi-level, three-dimensional virus protection system, but also to have a sound management system to set up and maintain the virus protection strategy. The multi-layered virus protection system here refers to installing an antivirus system on each client computer in the enterprise, installing a server-based antivirus system on the server, and installing an Internet gateway based antivirus system at an Internet gateway. For enterprises, the prevention of virus attacks is not to protect a server or client computers, but from the client computer to the server to the gateway so that each of the different Business Application Server comprehensive protection, so as to ensure that the entire network is not affected by computer viruses.

1, antivirus system master plan

Antivirus system is not only detection and removal of viruses, but also to strengthen the protection of the virus, in the network not only to deploy passive defense system (anti-virus system) but also the use of active defense mechanism (firewall, security policy, vulnerability repair, etc.), the virus isolated in the network outside the gate. Deploy antivirus systems uniformly through the management console to ensure no antivirus vulnerabilities occur. As a result, remote installation, centralized management, and unified antivirus policies are important requirements for enterprise-class anti-virus products.

In the Cross-regional Wan, to ensure that the entire WAN security non-toxic, first of all to ensure the safety of each LAN non-toxic. In other words, an antivirus system for an enterprise network is built on every local area network's antivirus system. Should be based on each local area network anti-virus requirements, the establishment of LAN anti-virus control system, respectively, set up targeted anti-virus strategy. From the headquarters to the branch, from top to bottom, each LAN anti-virus system combined to form a three-dimensional, complete enterprise network Virus protection system.

1. Building Control center centralized management structure

Ensure that all client computers and servers in the network can be updated in time from the management system, while system managers can manage the whole anti-virus system at any time, any place through the browser, so that any node in the whole system can be managed by the system management personnel, ensure the whole anti-virus system effective, Intercept the virus in a timely manner.

2. To build a comprehensive, multi-level anti-virus system

Combined with the actual network anti-virus needs of the enterprise, a multi-level virus defense is constructed, which is the network layer anti-virus, the mail gateway Antivirus, the Web gateway Antivirus, the groupware anti-virus, the application server anti-virus, the client antivirus, and the virus can be spread and parasitic every node to realize the complete dispatched of the virus.

3. Building an efficient Gateway anti-virus subsystem

Gateway Antivirus is the most important line of defense, on the one hand, eliminate the threat of foreign mail SMTP, POP3 virus, on the other hand, eliminate the virus through HTTP, FTP and other applications of the risk, while the message in the keyword, spam blocking, effectively blocking the most important way to spread the virus.

4. Building an efficient network layer anti-virus subsystem

The prevention of network virus in enterprise is the most important precaution work, by deploying Network virus system in network interface and important security area, eliminating the threat of exotic virus in the network layer, making network virus no longer wantonly spread, combining with the transmission way that virus uses, combining security strategy to carry on active defense.

5. Construct the control system that covers the life cycle of virus attack

When a vicious virus invades, the anti-virus system not only uses the virus code to guard against the virus, but has the consummation early warning mechanism, the elimination mechanism, the repair mechanism to realize the virus high efficiency processing, especially to use the system loophole, the port attack as the method paralysis entire Network The new virus has the very good protection method Antivirus system before the arrival of virus code, through the gateway suspicious information filtering, port shielding, sharing control, important file/folder write protection and other means to effectively control the virus, so that the new virus does not come in, and after the lack of diffusion channels. During the cleanup and repair phase, the detected virus can be effectively purged and the system is restored to its normal state quickly.