| Security Information Management (Security Information Management, SIM), is a new direction in the security management development field. SIM is a centralized security information management platform for IT computing environment of enterprise comprehensive. The platform can collect security logs and events from the enterprise computing environment, various devices and applications, and store, monitor, analysis, warning, response and reporting. Characteristics of the platform can be summarized as follows:change from passive to a single point of defense for the whole network and comprehensive defense.Security information management SIM's main task is to complete the unified management of the IT computing environment of enterprises and organizations of various safety equipment, it is more than one management platform, but also a set of tools which inherits a set of best practices has been recognized set of tools.SIM is not a simple auditing system, but it is a unified management platform that goes beyond existing security products,SIM enables centralized management of security information, which includes a centralized collection and analysis of security information data, unified storage, concentration and control of emergency response. These have contributed to the implementation of security policy, and to achieve the security goals of enterprises and organizations.Because the platform centralized management, the platform are contributing to eliminate the secure defense island of enterprises and organizations,and the SIM can be the existing security defense system of organic combination of defensive and will not create new islands.Currently, SIM is widely used in enterprise threat management, compliance auditing, logging centralized management, security audits, and emergency response and so on. It can be combined with network-centric status quo,to improve the building of the public network platform, the integrated network management platform construction outside the network and information security system, to achieve network, system, environment, security and other centralized integrated management and ultimately to improve the safety and maintenance of network-centric the level of protection and security.In this paper, the following aspects of work:1.Introduced the basic concepts of SIM briefly, and analysised the role of SIM played at the enterprise and organization, and the SIM security maintenance in the enterprise shown by the advantages.Through recounted the SIM in risk management in the basic concepts and principles,highlighting the risk of the importance of management in the SIM.2.According to the requirements of enterprises and organizations, basing on national and international standards of safety and through considerating assets, threats,vulnerabilities and enterprise equipment (assets) of the relationship synthetically, and analysing and summarizing the IT technology of the use throughout the system carefully, the paper made feasible framework for the risk management of SIM.3.Through structuring the framework, it achieved SIM risk management systems,and provided users with a solid security information and event management platform, and at last it met the needs of users at the maximum extent possible.4.Through analysis,processing a variety of devices and the application of security information in enterprise computing environment, SIM risk management system storage, monitoring, analysis, warning, response and reporting these security information.It delivers value to enterprises and organizations from different levels. |
PDF Full Text Request