| The development of computer network is enthusiastic, it gives people great convenience, in the mean time, it also accompany great security hazard. As network application extends, network security problems increase geometrically. Whatever network perators or individual users, they all face unprecedented challenges. So how to prevent security attacks, improve network security and build a integrated security management platform, possesses very important research meaning.This article comprehensively introduces the mainstream technologies of network information security, describes the related protocols and standards of information security, introduces the current states of the analysis of SIM and SOC domestically and abroad, it thoroughly analyzes the related key technologies of the SOC, through the distributed kernel that based on services, to support the cooperation of varies security modules of "security architecture structure", through developing and loading different security middleware and engine, the entire information system can conveniently add new security products and technologies, the key of the SOC is the building of the system model of the security operation center.Through analyzing the operation states and faced security problems of province-level telecom IP network, this article presents the construction goal of the SOC (Security Operation Center) of province-level IP network, suggests to build a new distributed, multi-layered, based on telecom carrier unified security operation center, it presents an overall SOC structure module of the province-level telecom IP network, this structure adopts multi-layer design, there are three layers,the application layer, the data handling and analysis layer and the interface layer. It provide preventive measures of DDOS attack ,monitoring and filtering of network worm flow, analyzing of abnormal flow and handling of garbage email complain, from the entire security management and control aspect to decrease the security hazard that now faced. It integrates preventing, detecting, analyzing and counterattacking as a whole, to form a strong platform of security threat analysis and counterattack..In the end, through using the above key technologies, this article designs and realizes the SOC of Xigu Telecom IP network, and details the realization of the function layer of its important apart----the garbage email complain handling module. |
PDF Full Text Request