Research And Implementation Of Key Technology For The Security Operation And Maintenance Platform

Now, we are in an age of accelerating of information technology, various industry organizations are expanding business in this day and age, the degree of information construction is also increasing. However, the majority of enterprises in order to cope with the rapid development of business, often lacking in information construction overall planning, at the same time to meet the business needs, but to simplify the security needs. How to protect the enterprise business continuity and reliability, as much as possible to reduce network security threats, companies are most concerned about the issues.In recent years, to solve the increasing complexity of the emerging network security issues, within the enterprise has deployed a unified threat management system, firewall, intrusion detection systems, anti-virus systems, vulnerability scanning system, built up a large number of security defenses. These security products in the early development of enterprises can usually meet their security needs, however, with the development of the enterprise business, security, defense becomes a simple pile of security products, the lack of effective management and dispatching mechanism can’t collaborate, and therefore can’t give full play the effectiveness of various types of equipment. More serious, complex IT resources and facilities and its security defense facilities during operation will continue to produce a large number of security logs and events, which may be the presence of a large number of false positives and false negatives. In the same time, the limited security managers need to understand the different devices and systems management monitoring panel, in various product management platform to see and review alarm events, perform processing process, fill out a report on the results of these efforts, however, probably because the alarm repeat, process complicated and can’t be assessing the results of the work lead to inefficiency, it is difficult to really protect the enterprise’s information security.In this paper, on the basis of the presentation and analysis of the Current Situation of enterprise information security management and security management platform, pointed out the limitations of traditional security management platform, and combined with the safe operation and maintenance management system, design a business for new, safe operation and maintenance platform. Then detailed describe the structure and function, and multi-source data collection and standardization of heterogeneous devices, multi-domain dynamic map alarm technology, the safe operation of the process of dimensional design, with the test.Multi-source heterogeneous data collection and standardization of equipment in the security monitoring center in the event management module, this paper, the module in the data collection process and field standards of design and realization, and testing its results. Map multi-domain dynamic alarm is mainly distributed in the view of the management module in the operation and maintenance center configuration management and monitoring center, including the configuration of the map and the alarm display on the map, this article is mainly to achieve asset registries, maps configuration management, and alarm displayed in real time on the map. The process of the security operation and maintenance is in the order management and early warning alarm module of the center of the operation and maintenance work, this paper focuses on the flow of business processes Design and Implementation. Research and Implementation of these key technologies for new, safe operation and maintenance platform is superior to the traditional security management platform, and finally in practice proved not only to ensure the safety of the network, but also has a better user experience.