According to the National Economic and Trade Commission statistics, the number of small and medium-sized enterprises in China more than 10 million, in the national economy, 60% of the total output from SMEs, and to provide more than 70% of the social employment opportunities. With the popularization of information technology and network application, more and more small and medium-sized enterprises ' business dependence on information technology has been significantly improved. However, the small and medium-sized enterprises in speeding up the pace of their own information construction at the same time, because more focus on the development of various business applications, coupled with limited funds, technology, personnel and security awareness and other factors, resulting in the majority of small and medium-sized enterprises in information security construction relative lag. With the network of viruses and the rich and advanced methods of hacker attack, anti-virus and anti-Black has become an important subject of information security construction of small and medium-sized enterprises.
Similarly, this project is also a challenge for many information security vendors. From an information security product and even the development process of the solution, understanding the user's expectations is the most basic step: first, from the perspective of the general lack of funds for small and medium enterprises, the products or programs provided by information security vendors need to be highly available, targeted and economical, which is what we often say is inexpensive; , to ensure the ease of use of the solution in order to make up for the lack of professional and technical personnel; Again, to ensure that the program and products in anti-virus anti-Black has a strong function, can indeed play to protect the information system normal operation, to ensure that the business continued to carry out the effect.
Deep defense, the way of information security guarantee
However, among the concerns of these users, the key is the performance of the product or solution. So, what kind of products or solutions to achieve the small and medium-sized enterprise information security protection? Is it a simple anti-virus software, or a simple firewall? or a all-in-one product? is wrong, here to borrow an allusion to "clenched fist dozen talent pain", the use of information security products is also so. The real information security guarantee, not only the pure information protection, but also should pay attention to enhance the security early warning ability, the system intrusion detection ability, the system incident response ability and the system is destroyed by the intrusion the quick recovery ability.
The deep defensive strategy advocated by the Crown Group is embodying the core idea of information guarantee. The meaning of deep defense strategy is manifold, it tries to cover a layered and diverse security guarantee framework comprehensively. The core goal of a defense-in-depth strategy is that other protection mechanisms can provide additional protection if an attacker succeeds in destroying a protection mechanism. In the Deep defense strategy (Defense in Depth), people, technology and operation are the three main core factors, to ensure the security of information and information systems, the three are indispensable; the technology of deep defense strategy is embodied in including host, network, How to implement the five security content of early warning, protection, detection, Response and Recovery (WPDRR) in several network links, such as system boundary and supporting infrastructure.
Based on the accurate understanding of the security concept of information security, the Crown Group Jin-Chen, from the perspective of providing users with perfect information security, puts forward 3S concept, namely: Security Solution (Safety solution), Security application (safe application) and Security Service (secure services). From the earliest prevention of computer viruses in a comprehensive transformation to provide the overall information security solutions. In this process of transformation, we uphold the security of the deep defense strategy, and continue to enrich their overall security solutions. To now has gradually formed three series of seven major products: Host Series Security Products: Long host core protection, Tai-a Kill Anguang, network transmission Facilities Series Security Products: shaft firewall, gan/Moye intrusion detection system, shadow vulnerability scanner; Network Boundary series products: shaft firewall, Red Gateway filter system, Pure all Virtual Private network