In the war, a line of defense without depth will collapse after a single point of breakthrough. However, when multiple lines of defense are built, the lack of timely and intelligent coordination between lines of defense may compromise the attack defense efficiency. Because the soldiers in various defense lines fight independently, they cannot organize effective counterattack after a line of defense is broken,
Network security challenges
In recent years, with the continuous growth of business volume and the continuous emergence of new business affairs, the internal application behavior of financial enterprises tends to be complex. At the same time, with the emergence of virus, Trojan, and malicious attacks with frequent variants, we have been fighting against these threats. The traditional method of dividing security areas and deploying firewalls for border protection has been adopted by most enterprises; to handle terminal PC viruses, deploy anti-virus software and InterScan devices; to audit security events inside the network, A large number of IDS devices are deployed. To achieve application management on the client PC, Windows AD or professional desktop management software must be installed ...... In terms of network security construction, enterprises have invested a lot of energy and money to deploy a large number of systems in institutions at all levels to build more and more lines of defense.
In the face of increasingly complex security threats, our measures can indeed be comprehensive. However, the various products and solutions of applications are usually "self-scanning in front of the snow", and heterogeneous issues also lead to multiple lines of defense, which are difficult to achieve unified scheduling management. Once a single product/solution is ineffective, it will lead to out-of-control management, and even cause serious impact on the business, bringing great management pressure to network managers.
For example, in a LAN of a financial enterprise, an ARP spoofing attack causes large-scale business interruption for LAN users in a region. Due to the concealment of virus scripts, anti-virus software cannot effectively process them. The CPU usage of the switch increases sharply after a large number of abnormal ARP packets flood, causing management difficulties, anti-virus and firewall cannot be deployed at the boundary. When the number of events reported by IDS reaches astronomical numbers, they cannot be processed. network administrators keep a bunch of security systems and devices, however, you can only perform manual search repeatedly ".
How can we combine existing network security solutions and methods to build a network security solution that provides both strategic depth and smart linkage?
Overview of ruijie GSN Solution
Based on years of experience in network planning and construction in the financial industry, as well as in-depth research and mature application in network access security, ruijie network is able to address the challenges of network security in the financial industry, the GSN (Global Security Network) Global Security Network solution is released. This solution adopts the user identity management system, endpoint security protection system, and network communication protection system to build three lines of defense, realizing the strategic depth of network security and ensuring the network security of financial enterprises.
Figure three lines of defense of GSN