Discussion on the solution of Intranet Security in

  • Detail

Talking about the safety solutions in the manufacturing industry

1 The current situation of information security in manufacturing industry

in recent years, the informatization of China's manufacturing industry has developed rapidly. The construction of large-scale manufacturing networks and various informatization application systems has been improved. Its network scale is large, the degree of informatization is high, and the security construction is relatively perfect. Most large manufacturing enterprises have network security protection systems, computer anti-virus systems, etc., and the informatization of enterprises has gradually shifted from the "construction period" to the "maintenance and management period"; In China's manufacturing industry, the majority of small and medium-sized enterprises are small and medium-sized enterprises. Restricted by various conditions, the construction of information management and information security has not reached a mature stage. In this process, a considerable part of us gradually realize that the truth of services is that enterprises do not have security planning. While manufacturing enterprises gradually transform their input into real productivity through the informatization "construction period", it is particularly important for the maintenance and management of the enterprise's internal network, and the first problem is the internal safety management

2. Security requirements in the manufacturing industry

through the research on the manufacturing information system, the most important information assets of manufacturing enterprises are enterprise digital intellectual property and enterprise business information. Enterprise digital intellectual property includes product data, design documents, drawings, formulas, source codes, etc., and enterprise business information includes customer data, project data, bidding documents, etc. Most of the enterprise's digital intellectual property rights and business information exist in the form of files. Some of these files are stored centrally on the file server, and more are widely distributed on the employees' terminal computers. These important data are stored dispersedly. Most manufacturing enterprises do not manage the employees' computers uniformly and effectively, and the security of the enterprise's important data is not guaranteed, There are many ways for employees to abuse computers and disclose important data. The risk of the company's internal core data being leaked is increasing. It is necessary to adopt information security protection technology and management system to effectively protect the important data of the enterprise

computer virus protection system is also a necessary part of internal security construction. Including host anti-virus, host firewall, anti Trojan horse, anti spyware, etc. at present, most manufacturing enterprises have built a computer virus protection system, and many small manufacturing industries use personal anti-virus software as a computer virus protection measure

for large and medium-sized manufacturing industries with a wide range of regions and scattered computers, desktop operation and maintenance is also a common demand. As an assistant of IT personnel, desktop operation and maintenance automates manual work, such as software distribution and remote assistance, to improve work efficiency

from this, we can summarize the general security requirements in the manufacturing industry: computer security protection is the basic requirement, data leakage protection is the core requirement, and desktop operation and maintenance management is also a common requirement. Based on the analysis of the safety in the manufacturing industry, we understand the current situation and find the demand. We should start from the overall situation of internal safety management and start from the root cause of the problem, and make an overall plan for internal safety

3. Security solutions in the manufacturing industry

"internal prevention is better than external prevention, technical management is equally important, and data security is the priority" is the idea of this paper for the security construction in the manufacturing industry. It establishes a comprehensive internal security management system that "takes computer security protection as the foundation, data leakage protection as the core, desktop operation and maintenance management, host monitoring and audit, network access control as the auxiliary, and management system as the constraint"

1) data leakage prevention (DLP) construction

data leakage prevention (DLP) is to prevent the designated data or information assets of the enterprise from flowing out of the enterprise in the form of violating the security policy through certain technical means. The value of building data leakage protection in manufacturing enterprises is to prevent both internal unintentional disclosure and external intrusion, especially the loss caused by internal employees' intentional disclosure

it has become the consensus of DLP manufacturers at home and abroad to ensure data security and prevent disclosure through data encryption and permission control. It is also the most effective solution at present, and has been recognized by many users. At present, the mainstream data leakage protection products in the market mainly protect plaintext data by data encryption and permission control. Their functions include: File transparent encryption and decryption, file permission control, file authorization management, file outgoing management, file operation audit, etc. the encrypted ciphertext protection will also be combined with access control, identity authentication, log audit, document backup, system disaster recovery, business process approval Mobile device protection and other means to strictly prevent internal disclosure and external theft

2) computer security protection construction

the value of computer security protection established by manufacturing enterprises is to prevent external intrusion on terminals through terminal protection, ensure the availability of terminals and networks, and prevent information assets from leaking or damaging due to intrusion. Computer security protection is the most basic protection for internal security. Its function takes host anti-virus and host firewall as the core to realize security protection, including anti-virus, anti Trojan, host firewall, host intrusion protection, anti ARP spoofing, anti spyware, etc

3) desktop operation and maintenance management construction

the value of desktop operation and maintenance in manufacturing enterprises is to improve the work efficiency of IT personnel, save costs and standardize management through automation. Desktop operation and maintenance is the extension of products on the desktop. As a tool for IT personnel, it automates the previous manual work, especially for large and medium-sized manufacturing industries with extensive regions and scattered computers. Desktop operation and maintenance is more important, which can significantly improve efficiency and save costs. The functions of desktop operation and maintenance include software distribution, patch distribution, remote assistance, asset management, mass messaging, etc

4) host monitoring audit construction

the value of host monitoring audit in the construction of manufacturing enterprises is to carry out compliance control, behavior audit and violation alarm on the operation of employees, so as to be controllable in advance, checked afterwards and investigated. Host monitoring audit is to manage the activities of operating users on the terminal and ensure that the activities of users comply with laws, regulations and rules. The basic functions include file operation control and audit, host peripheral interface control and audit, network access control and audit, print control and audit, mobile storage management and audit, etc

5) network access control construction

network access control is realized only computers that pass the identity authentication and health examination can access the network. Generally, only large and medium-sized manufacturing enterprises have this demand. According to gb17565 (2) 007 general technical conditions for anti-theft security doors, the user name, password, IP, MAC, etc. of the computer can be easily purchased locally, the virus software and patch status of the access computer can be inspected, and the unqualified computer can be isolated and repaired

6) internal management system construction

safety has the concept of "three points of technology and seven points of management", and internal safety system construction and personnel training are also the focus of internal management. Manufacturing enterprises vary greatly. Affected by many factors such as informatization process, industry nature and enterprise scale, the key points of safety management system may be different, but personnel training and rules and regulations have certain commonalities

4. Analysis of domestic and foreign mainstream internal safety products

at present, there are many types of internal safety products at home and abroad, and each has its own characteristics. This paper describes the internal safety construction scheme for the manufacturing industry. The following will evaluate and analyze the mainstream internal safety products in the market in combination with the needs of the manufacturing industry

1) foreign internal security and DLP products

according to CCID's annual report on the market research of China's information security products in the past two years, the SEP product of Symantec company of the United States ranks first in the market share of China's terminal security market. The SEP product integrates virus protection, host firewall, host intrusion prevention, network access, DLP and other functions, and becomes the brand with the highest market share of the terminal market, However, the design of foreign DLP products does not focus on preventing internal intentional disclosure, which can not meet the needs of data leakage protection in the security management of the manufacturing industry. At present, data leakage protection is the most important issue in the current manufacturing industry. Based on different legal environments and cultural concepts, the specific problems to be solved by foreign DLP and domestic DLP are different. The difference is that foreign DLPs are designed to prevent external theft and internal unintentional disclosure, while foreign DLP products (such as McAfee and Symantec) are designed to prevent external hackers from stealing, equipment from losing, or internal unintentional disclosure by focusing on data encryption, content identification, export detection, confidential information warning, and log audit, However, for those internal personnel who deliberately want to steal important internal data and information, it is impossible to prevent and conduct effective audit. This stems from the culture of western developed countries. They trust their internal employees as data users, and cannot conduct content audit on internal employees, which will infringe upon privacy and even violate the law. Domestic DLP mainly focuses on preventing internal intentional disclosure, as well as internal unintentional disclosure, equipment loss and external intrusion

2) domestic internal security and DLP products

domestic internal security products are represented by China Software Corporation, beixinyuan company, isaiton and other companies, which have their own strengths and advantages. Domestic products focus on internal security and DLP, and generally do not have the functions of host anti-virus, host intrusion protection and other anti-virus software

a comprehensive internal security product represented by the unified terminal security management product of China Software Corporation. China software internal security product is the earliest internal security product in China. It has a 10-year development history and integrates functions such as data leakage protection, terminal security management, host monitoring and auditing, desktop operation and maintenance management, network access control, etc. China software product is the representative of "large and comprehensive" functions in internal security products. Its functional design includes manufacturing The demands of military industry, military, government and other industries can well meet the requirements of safety management in the manufacturing industry

represented by the VRV specsec terminal security management system of beixinyuan company, this kind of products are characterized by desktop operation and maintenance and terminal security when the oil pump suddenly stops working. Beixinyuan products were rated as the second largest terminal security market share in China by CCID report, but once lacked a DLP product line for data leakage protection. In 2010, beixinyuan released a data armor and electronic document security management system, DLP enables its product line to meet the requirements of safety management in the manufacturing industry

the DLP products represented by isetone focus on data leakage protection. These products focus on DLP. On the basis of DLP as the core, they gradually expand terminal security, network access, desktop operation and maintenance and other functions. The domestic DLP products represented by isetone can also meet the requirements of security management in the manufacturing industry

in a word, today, with the rapid development of manufacturing informatization, manufacturing enterprises vary greatly, and information security construction has its own advantages. The author suggests that in the security construction of the manufacturing industry, data leakage protection should meet the needs of information asset protection, desktop operation and maintenance should meet the needs of automation management, computer security protection should meet the needs of terminal protection, and host monitoring audit should meet the needs of user operation compliance, Satisfy the terminal with network access control

Copyright © 2011 JIN SHI