摘要
随着信息化建设的全面推广,信息安全领域面临来自于企业外部的层出不穷的入侵和攻击,也有来自内部的违规和泄漏。针对存在的诸多信息安全问题,通过对信息内外网边界安全监测系统的技术方案及关键技术进行了全面阐述,提出通过采集信息网路各个边界、各种系统、各类设备的安全事件与安全日志,基于大数据分析技术进行交叉分析与关联分析,不仅实现了对各边界安全态势的集中评估和告警,还能够实现全网安全态势的综合评估以及安全事件的分析,从而提高了信息安全的管控水平。
With the comprehensive promotion of information construction,information security is faced with not only the endless intrusions and attacks from the extranet,but also the irregularities and information leakage from the intranet.In view of the problems of information security,this paper presents the technical scheme and key technology of the monitoring system for information intranet-extranet boundary security.Through acquiring security incidents and security logs of the information network boundaries,systems and various types of equipment,the cross analysis and correlation analysis are conducted based on big data analysis technology.This method can not only achieve the intensive evaluation and alarm of the boundary security situation,but also realize the comprehensive evaluation of the entire network security situation and the analysis of the security incident,so as to improve the level of information security controls.
作者
叶水勇
吴斌
陈清萍
蔡翔
方圆
陈明
刘琦
YE Shuiyong;WU Bin;CHEN Qingping;CAI Xiang;FANG Yuan;CHEN Ming;LIU Qi(State Grid Huangshan Power Supply Company,Huangshan 245000,China;State Grid Anhui Electric Power Co.,Ltd.,Hefei 230022,China;State Grid Anhui Information and Communication Company,Hefei 230061,China)
出处
《电力与能源》
2019年第1期59-62,共4页
Power & Energy
关键词
安全监测
网络隔离
数据采集
数据分析
架构体系
safety monitoring
network isolation
data acquisition
data analysis
architecture system
