The Study Of SOC Resolvent And The Implement Of TSOC-A System

Enterprises'natural production has been badlly threatened by theoccurrence of network viruses and intrusion events.Various securityproducts are increasingly deployed into them .when various securityproducts are enslaved to technology limitation of themselves and theyhave not finished revolutionary break through , a great deal ofinformation processing brings greatly bad influence to enterprises andincrease their cost.Presently users have many kinds of securityproducts ,suchas antivirus products ,firewall products and instusionproducts. Users have to cost much manpower and financial ability tomanage them.It is a difficult problem for enterprise to handlethat howto manage these network equipments and create a network which canreflect quickly and have no careless mistake which can ensure favourabeoperation running.And then, we need aprocdut that can satisfy studyand market reqirements .That is SOC(Security Operation Center) ,asecurity management system which can centralizedly manage variousproducts.SOC collect a great deal of data from all kinds of security products,distill important ones users take care of,helps users make associatedanalysis and PRI analysis .And besides,SOC have quite a high degreeof control and management capability with which SOC can do real timeor quasi real time security risk management .As a new recovery systemin the network security field ,SOC breaks limitation of actual generalsecurity products and make enterprise's security level fligh to ahigher stap.SOC first raise security recovery to a new status.SOC isnot only a new product but also a new security resolvent.Itsuppliesa resolvent to enterprise's security conformity and helpusers'enviroment get to centralized ,administrable security fromdispersive ones by the best security technology andprictice.At the beginning of 2001,IS-One started to develop SOC ,a brannewsecurity recovery system relying on their knowledgeof security technology an users' requirements.By the end of 2002,SOCwas first accepted by a TSP of some province and then used in business,so that the enterprise improved security recovery capabilityobservably. By the end of 2003,Is-One built SOC development center inNanJing which established stablefundation for SOC industrialization.Recently,many inlang and overseas companies brings forward SOC productor resolvent .China Mobile ,China Telecom and China UNICOM are allbrewing SOC projects .Several ones of province level have beenforthgoers.Study of SOC has been a dazzling point in securitymanagement field. Beijing Venustech Ltd.started developing SOC in the beginning of2004 and now have acquired VENUS SOC .VENUS SOC collects network events,frangibility information,assets information,standardizes theinformation and makes associated analysis and risk evaluation to formintegrated result in the end .These are primary functions of SOC.Thereare many assistant functions ,such as policy managenment,kownledgemanagement,diplay module. The paper relies on VENUS galxy project.The author participatedin SOC resolvent study ,requirement analysis , systemdesign and some modules relization. In this paper,the author studies SOC resolvent and designsTSOC-Asystem which can primarily manage VENUS products of TIAN series(tiantian,tianjing,),as well as other ones,such asfirewall procducts and anti-virus products.TSOC-A can also integrateassets management and associated analysis .It is one of VENUSindependent SOC products. The paper first expounds meaning and effect of SOC,and then bringsforword VENUS SOC resolvent . The paper primary expounds system design.Fuctions of all the modules are involved too.The paper also includessystem deployment and performance analysis .In the end ,the paper...