Government Industry Information Security Solution

One. Analysis of the status quo With the popularity of the network, security has increasingly become an important issue affecting the performance of the network, and the openness, internationality and freedom of the internet have increased the degree of freedom of application while putting forward higher requirements for security. How to make the information network system free from viruses and hackers has become one of the important things to consider for the healthy development of government information technology.

The information involved in government units can be said to be inherently confidential. Therefore, information security issues such as leakage of sensitive information, hacking, illegal use of network resources, and computer viruses will constitute information security for government agencies. Threat. In order to ensure the security of the government network system, it is necessary to design a special security for its network.

If one machine on the internal network is compromised, it will affect many other systems on the same network. Spreading through the Internet will also affect other networks that are connected to the system's network; the impact may even involve security-sensitive areas such as law and finance.

The spread of new viruses on the government information network has greatly improved the complexity of security protection, summed up the various types of virus hazards that have occurred in the near future. At present, the security work of the public security information network mainly has the following hidden dangers and deficiencies:

The general network is divided into several sets of networks, such as regional networks, extranets, and private networks. The external network is connected to the Internet to provide users with access to the Internet and to send and receive emails from external networks. The regional network provides users with services. Daily work and the release of internal information; the private network connects the business-specific network with the business network of the upper and lower levels. Multiple sets of network physical isolation.

The main devices included in the network are: file server, mail server, web server, client.
All clients have two systems inside and outside. Users can manually switch between internal and external networks.
The system platform included in this implementation:

Client system: win98, winme, winXXpro, winxp;

Server system: winXXserver, winXXserver, linux8.0

two. x government industry solutions

Deploy multiple network anti-virus products according to the customer's network conditions. That is, select a server in the external network to install and deploy the x antivirus software network version of the external network system center; select a server in the regional network to install and deploy the x antivirus software network version of the regional network system center. Select a server in the private network to install and deploy the x antivirus software network version of the regional network system center. An anti-virus wall is deployed at the gateway of each network, and an x-network security early warning system is deployed on the main switch. After that, deploy the x anti-virus software network client/server on all other clients. The regional network clients all point to the regional network system center. The external network clients all point to the external network system center. Point to the private network system center, the specific deployment diagram is shown below.

External network antivirus product deployment map

Regional network antivirus product deployment map

Private network anti-virus product deployment map

Product upgrade is an important indicator to measure the quality of a security product. For the characteristics of the network structure, the external network can directly access the Internet. The external network system center automatically upgrades through the x upgrade website, and then the external network system center. Notify the external network client to perform automatic upgrade, and no user participation is required at all. However, the regional network and the private network are physically isolated from the external network and the interconnection department, so this online automatic upgrade mode cannot be performed. The upgrade package can only be manually downloaded to the x website through the external network machine, and then the upgrade package is copied to the area. Manual upgrade on the network system center server. When the regional network system center is upgraded, the regional network client will automatically upgrade from the regional network system center.

three. Product selection

x network version of anti-virus software
x Anti-virus network security early warning system IV. x The main functions implemented by government industry solutions

By deploying x anti-virus wall, x network security warning system, and x anti-virus software network version, network administrators can manage and monitor the anti-virus status in the network anytime and anywhere, and can alert the virus information in advance so that it can be resounded and adjusted in time. The corresponding anti-virus strategy suppresses virus transmission and harm and maintains the normal operation of the network. The anti-virus wall solves the virus flowing in and out of the external network, greatly reducing the administrator's anti-virus management pressure and improving work efficiency. At the same time, through daily intelligent updates, including software and hardware virus database signature files and viruses. The scan engine, whose virus signature file is always up to date, is designed to protect against the latest viruses.