Simplified and refined Enterprise Intranet Security Management (1)

From the first day of commercial use, LAN technology has been adopting an open and shared resource-based model. While pursuing high convenience, security will inevitably be affected, which is also the most important cause for the problem of Intranet security from the beginning.

The fineness and depth of management often determine the final level of an Intranet security system. The solutions with higher levels tend to be simpler in terms of management and application. As we all know, a complicated security tool often causes more security problems due to misuse. An idealized Intranet security status should simplify the complicated Intranet security problems through lean management.

Wen/Huang Wenzhang xinnan, Henan Xinyang Power Supply Company

According to various published survey data, even in the most optimistic circumstances, the loss caused by Intranet security problems exceeds the internet security problems. Nearly 3/4 of security issues are caused by internal reasons of the Organization, including unauthorized access to enterprise information facilities and leakage of electronic documents.

On the one hand, this situation reflects that the security protection measures deployed on the Intranet and Internet boundaries actually block a large number of external attacks. On the other hand, it is not difficult to draw such a conclusion, intranet security has become the most important and most difficult topic in the information security field.

When organizations are worried about hackers wandering in the internet space, they do not know who are trusted because of their own mistakes or even material temptations, opens the door for attackers. From the popular network security problems and their attack methods, we can see that using Intranet security has become a mainstream trend.

Almost all of the well-known Trojan Horse programs have built-in mechanisms to initiate a bounce connection to the Internet after being infected with an intranet computer. This is an unpleasant experience for organizations that allow employees to access the Internet relatively freely. In addition, a large number of computers on the internal network are occupied by attackers and used for large-scale DoS attacks.

The universality and severity of Intranet security problems make it impossible for us to stop focusing on the level of Intranet security, and we must have a thorough and clear understanding of it, in this way, the problem can be properly solved.

One drawback of Intranet security is that people often cannot correctly distinguish the scope of Intranet security. For example, some people often consider the concepts of Intranet security and terminal security. In fact, Intranet security and terminal security are quite different. Generally, a terminal refers to servers, clients, network devices, and other nodes in the intranet. Although these nodes represent the main goals of Intranet security protection, they are by no means the whole of Intranet security.

From a wide understanding, Intranet refers to a local network that is connected to the Internet but has security isolation equipment in the middle. Intranet security should cover information security issues within the entire organization. Terminal security is an integral part of Intranet security. It overemphasizes terminal security or Intranet security issues in other fields, is not comprehensive.

This fallacy often leads to the most important problem of Intranet security, that is, the security protection system is not complete, the integration between various security protection points and protection measures is insufficient, and the coordination between them is not good. For a complete Intranet security protection system, not only the security of each terminal node is enhanced, it also monitors network traffic transmitted in the Intranet, confirms whether data access complies with permission regulations, and handles changes to hardware and software environments.

Moreover, with the advancement of information security awareness, enterprises' focus is no longer limited to monitoring and management of information nodes, and more factors such as application efficiency and management efficiency are also taken into account. That is to say, users' awareness of Intranet security is becoming more sound, healthy, and comprehensive. This puts forward many new requirements for Intranet security technologies and products, just as UTM-type integrated security devices are becoming increasingly recognized, integrated Products and Services in the Intranet security field will undoubtedly be welcomed by users.

As Ms. Wang Haiyang, Technical Director of dingpu technology, said: "We not only provide products, but also provide a complete set of solutions, this includes media use management, illegal terminal external management, and patch issuance ". Third-stream companies sell products, second-stream companies sell services, and first-class companies sell standards, only products with sound systems, technical specifications, and accurate requirements can truly improve the quality of Intranet security protection for users.

Another issue that must be paid attention to is the conventional discussion in the information security field, that is, the management level. This is not only the emphasis and support provided by the management layer, but also the importance of the management system. It is more manifested in the management functions and even the "intelligence" of the Intranet security system ". In practice, many Intranet security products do have many functional components, but different users often have different security requirements.

In contrast, a product that can flexibly customize and manage features based on different user needs will undoubtedly generate greater security efficiency. For example, for port management commonly used in Intranet security, some products can only restrict access to ports such as USB and network, some advanced products can also monitor the use status of these ports and return alarm information in real time.

I. Technical article: seek technical advice on Intranet security issues

Introduction: for people who are concerned about Intranet security, they may need to handle Intranet security problems in the organization, or suffer from Intranet security problems every day. In this article, we will analyze common problems and related solutions in the Intranet security field from a perspective closer to the Frontline Battlefield.

In the real world, there are indeed many internal network security dilemmas caused by technical factors, the most important of which is the hybrid platform issue. Even in some small enterprises, there may be more than one operating system environment. For example, advertising companies that require Windows operating systems to handle daily office business and iMac design work. Although some organizations only use the operating systems provided by one vendor, it is difficult to ensure that the operating systems of the same version are used due to different computer hardware configurations.

As for a hotel customer we have seen, the Novell Server System is often used to support the operation of the hotel business software, and the matching terminal even includes the legacy DOS system. Generally, file services and Web services are controlled by Windows 2003 Server or a later version of the Server operating system, the office area is a mix of desktop operating systems from Windows 98 to Windows XP.