Inforguard's solutions for enterprise-level applications in the telecom industry

Source: Internet
Author: User
Tags website server hosting website hosting website hosting services
Inforguard's solutions for enterprise-level applications in the telecom industry

Product Introduction
The inforguard system is divided into three subsystems based on the network location and function:
The monitoring center (MC), hereinafter referred to as MC, acts as the control center in the inforguard system and is mainly responsible for managing monitoring agents and backup files, it also audits and processes monitoring information and alarm information.
The Monitoring Agent Ma (MA) is used as a monitoring engine in the inforguard system to monitor changes in the file system and analyze the changes as an event source, determine the legitimacy of file changes.
Maintenance terminal MT (maintenance terminal), hereinafter referred to as Mt. MT is a client tool provided by inforguard for user convenience. Through its Windows standard interface, users can remotely maintain the website system more securely and conveniently.
Generally, the Network Location of the inforguard subsystems is as follows: the user installs the Monitoring Agent Ma on the server to be protected; the monitoring center MC is installed on a device in the secure location of the user's network; the maintenance terminal MT can be installed anywhere on the user's network or Internet.

Introduction to the working principle of the Alibaba Cloud web page tamper-proofing system inforguard
1. Monitoring and recovery process
After you add Ma to the MC, back up the website first, back up the files to be protected by the website server to the device where the monitoring center is located (the backup operation is only used when the user initially configures inforguard ). Then, the MC starts monitoring a certain Ma, which monitors the file system of the server (all file types, including dynamic web files) and analyzes file system changes, determine the legitimacy of file changes. If the change is illegal, submit the alarm information to the monitoring center MC, MC restores files that have been illegally tampered with (within milliseconds) based on legitimate backup files in real time. This is the core process of monitoring and recovery.
2. Normal website maintenance process
The basic website maintenance process after inforguard is deployed is shown in:

Inforguard supports three remote maintenance methods:
1) directly operate the local backup directory of the MC terminal;
2) use our maintenance terminal mt to remotely update the website. To use this method for remote website maintenance, the inforguard administrator must issue a permission certificate to the user, which provides strong authentication and encryption functions. If the website maintenance personnel are located outside the LAN, for example, the website hosting users in the Information Center perform maintenance through the Internet or broadband, the information center needs to open a firewall port;
3) upload the files to be updated to the backup directory of the monitoring center Mc using your own release tools, such as ftp. The MC will automatically update the website server. This method is applicable to website Systems with automatic release (CMS.
Of course, you can choose one of them to maintain the website based on your actual needs, or use them in several ways. No matter which method is used for website maintenance, inforguard supports concurrent operations by multiple users.

Inforguard solution in actual environment
To better describe the application of inforguard in the telecom industry, we will take a typical network structure as an example.
Traditional telecommunication website system applications
The network structure of the Telecommunications Department is generally divided into two parts: internal office business department (Intranet) and external network service (Internet), two parts (intranet and Internet) generally, isolation cards and other devices are physically isolated to ensure the security of internal business systems.
The Internet part is mainly responsible for two aspects: first, the telecommunications department's own portal website system, providing Internet service acceptance and other services. Second, it provides website hosting services for enterprises and institutions, including host hosting and space leasing. The following figure shows a typical network structure of the Telecom Department:

In such a website application, the Telecommunications Department manages multiple website servers at the same time, including hosting hosts, virtual hosts, and its own portal websites. The Management and Maintenance of portal websites are usually carried out by website administrators of China Telecom on the Internet. The normal management and maintenance of hosted websites are usually as follows: host hosting users use their own terminal tools to remotely update their website servers over the Internet. No matter which method, it only updates website files and does not monitor and protect file changes. Therefore, such a management and maintenance method will inevitably bring about the following problems:
1. website hosting users' preferred terminal tools include FTP, telnet, PC Anywhere, CMS, WinVNC, and Remote Desktop. Users can choose different website maintenance tools and methods, the telecom department needs to open up the corresponding firewall ports for users, which leads to the opening of many ports in the Internet firewall of the Telecom Department, and the security is naturally greatly reduced, hackers and viruses use these open ports to attack and damage the website system, leading to website service exceptions, seriously affecting the normal operation of the Telecom Department and damaging the image and interests of website users.
2. because there is no real-time protection and alarm mechanism for website publishing directories, it is difficult for website hosting users and telecom administrators to learn about the website in a timely manner after an illegal event occurs, as a result, some illegal files (such as malicious pages, viruses, Trojans, etc.) will reside on the website server for a long time, and the harm is self-evident.
3. website hosting users have a large number of optional terminal tools and do not have uniform authentication functions. In addition to security issues, this will inevitably increase the management difficulty of the Telecommunications Department and increase management costs.
4. website hosting users do not usually have strong encryption functions on their own terminal tools and maintenance methods. They are prone to deliberate attacks to capture network information or even tamper with network information, resulting in the destruction of website content.
Through the above description, we can draw a conclusion: the traditional website hosting operation method has great defects in security and ease of use, it also increases the management burden and operation costs of website administrators.

Deploy telecommunication website system applications after inforguard
Based on the above analysis results, we have studied and implemented the inforguard webpage tamper-proofing system to solve website security, ease of use, and management issues. The following describes the network structure of the telecom industry, describe the Application Deployment of inforguard in the website system in detail, as shown in:

The user installs the Monitoring Agent Ma on the website server (virtual host, hosted host, portal website, etc.) to be protected and performs simple configuration, as shown in the "run monitoring agent" Id.
The user installs the monitoring center MC on a common computer device in the network. The device is selected by the user, as shown in the "running monitoring center" Id. After simple configuration of adding a proxy Ma, all the monitoring agents distributed in the user's network are managed and maintained by the monitoring center MC; once the website server where a Monitoring Agent Ma is located suffers illegal tampering, it submits the alarm information to the monitoring center Mc without delay while restoring the file, the MC processes subsequent alarms and log records.
Remote maintenance of website server files can be completed through any device on the user's network or the Internet. You can use the website maintenance tool Mt provided by inforguard to achieve Remote Maintenance of the website, as shown in the "use maintenance terminal" logo. All files must be updated and published to the inforguard monitoring center. The system automatically updates the website server. The entire publishing process is shown in the blue line.
After inforguard is deployed, the website system has the following new features:
1. The Telecommunications Administration Department only needs to open up a firewall port (randomly selected) to support the requirements of all website hosting users for website updates, greatly improving the security.
2. the website is under real-time monitoring and protection. In the event of illegal tampering, the system will immediately recover and trigger alarms in various forms (such as phone calls, text messages, emails, and ringtones, ensure that you are notified to relevant website personnel immediately. The latter can analyze website application vulnerabilities and find illegal Attackers Based on log records.
3. Simplified and traditional. Many of the original release tools are regarded as a specific tool ?? Inforguard maintains the terminal Mt. The inforguard system uniformly issues digital certificates to all users and automatically performs remote maintenance authentication management. This greatly reduces the management difficulty and cost of the Telecommunications Department.
4. inforguard maintenance terminal Mt provides strong encryption function to effectively prevent all kinds of network information tampering and spoofing during transmission, and ensure the absolute correctness and non-repudiation of user information.
Of course, for the portal website of China Telecom, because the website administrator of China Telecom is in the same CIDR block as the website server, you can also use an existing maintenance tool or CMS client to update the website.
Note: if there are many monitoring sites in the user's network, to ensure the efficiency of website maintenance, we recommend that you configure multiple monitoring centers (MC) and manage some monitoring agents (MA) separately to achieve load balancing and improve efficiency.

Resources required for inforguard deployment
As shown in, usually, only one computer device needs to be added as the Publishing Server to deploy the application using inforguard. the specific requirements of the device are as follows:
CPU: Memory above MHz: Above MB
Of course, the higher the configuration of this device, the more obvious the advantages of inforguard system efficiency. You can also install MC and Ma on the website server to save deployment costs.

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.