A unit terminal security solution

Source: Internet
Author: User
Tags system log
Release time: 2011-03-02 Author: Venus Chen

Background requirements

A unit has always attached great importance to information security construction and management, as at the end of 2006, has established a more perfect information security protection system and strict management system, information security management level to reach the industry-leading level. However, with the continuous progress of information technology and the continuous expansion of banking business, many new security threats and problems will not be a group, in the new situation, the new security problems are focused on the following aspects:

1 has built the information security protection system, still can not effectively prevent viruses, trojans and other malicious code, such as large-scale outbreak of ARP spoofing virus, resulting in network congestion, seriously threatening the normal operation of the business;

2 foreign computers and the presence of security risks of office computers, without any identity authentication can be free access to the network, and become a virus and illegal personnel attack network and key server source and springboard, but the existing security protection system is difficult to prevent it;

3 The safety management system of the terminal relies on the user's active cooperation and safety awareness to a great extent, and the actual effect is very little;

4 Internal employees use public accounts in the network to publish inappropriate speech, but can not find the real responsibility, to the security management system to carry out a great deal of difficulties.

Solution

After detailed communication and in-depth communication, a unit to determine the choice of qiming stars of the intranet compliance management products-"days 珣 Intranet risk Management and Audit system" (hereinafter referred to as Days 珣), as a unit user real-name management platform, and through this platform to effectively solve the many problems mentioned above.

Relying on day 珣 has the industry-leading "multi-level access control" technology, days 珣 can be in the terminal itself, the internal network access boundaries, key network areas and key business systems, to build a visiting terminal and user authentication and safety and health status check of the "Security" system, Not only can the visiting terminal and the user carry on the authentication which the multifactor binds, but also may carry on the security condition inspection to the terminal which applies for the access, examines the terminal whether exists the flaw, guarantees only the legitimate and the safe terminal can access the intranet and accesses the intranet resources.

Day 珣 access control, provide the industry's most complete multifactor binding identity authentication, you can login the user name, IP, MAC, VLAN, resource use validity, security conditions, such as one or more of the conditions of the binding authentication, only the terminal to apply for access and all the user input conditions are correct, Can pass the identity authentication, only then is eligible to access intranet.

Moreover, with the help of 珣, the end user real-name network access can facilitate the implementation of intranet security management strategy according to accurate user and terminal information, and ensure the implementation of the strategy.


Figure 1 Building the real-name management framework

For example: if the user+ip+mac+ validity + security status of the Multifactor binding authentication, then only apply for access to the terminal and user identity conditions are fully satisfied, end users can be allowed access. Then all network actions by the terminal and the user in the intranet will not be counterfeited and tampered with after being authorized to access, even if only one of the IP addresses of a violation is found in a certain system log, the "real name relationship" established by the Multifactor binding authentication provided by access control can be used to identify the illegal behavior accurately. is by which user, use which terminal and IP address, at what time, visited which network, trace traceability, find out the source of the accident and the responsible person of the problem.

Case reviews

Through the days of 珣 built in the intranet real-name control and audit system, you can ensure that only legitimate and healthy terminals and users can be real-name access to the intranet, so as to achieve network terminal management and control. Through this system, realize the terminal active protection ability and effective management, greatly reduce the illegal access or unauthorized access of foreign and unsafe computers, effectively detect and intercept the attack and spread of worm viruses and trojans, and prevent the whole network from being blocked or even paralyzed because of individual client computer security problems, Ensure the normal operation of banking and office, greatly reduce the occurrence of network security incidents, improve network security protection to a higher level, to ensure that the core business system running uninterrupted. Article Source: Venus Chen back to the topic | Close this page related articles back to home a financial Management department security Service a unit terminal security solution a security system of a rural credit cooperatives construction of a commercial bank's online banking security solution a bank electronic bank risk Assessment service a commercial bank's security domain to construct a commercial bank's online bank whole solution A bank's information technology risk Management Security Advisory Service construction of a financial institution's safety protection system Commercial Bank IDs: Upgrading wagon

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.