Research And Implementation Of Security Management Platform For Business

With the increasing level of network information, the business of the companies andorganizations rely on the network increasingly. Because of so many security threats, a variety ofsecurity products are deployed in companies and organizations. Traditional security operationscenter (SOC) provides a set of security management solutions with assets at the core. But withthe growing scale of business information, user requirements for network security managementare not only to protect their network security devices. The underbelly of lacking businessperspective makes the traditional SOC unable to meet the business development needs. Althoughbusiness service management (BSM) system can monitor the customer’s applications andbusiness, it doesn’t take into account the security factors. In order to solve the above problems, amodel of business-oriented security operations center (BOSOC) is presented. The BOSOCprovides a full range of security monitoring from a business perspective, analysis and audit forsecurity incidents and the view of business risk and emergency response management in order toimplement security management, business service management and operation and maintenancemanagement.Firstly, we find the key factors which hinder its development and make SOC impracticalby studying and analyzing the development status of the existing domestic and international SOC.The UML-based business modeling technology is used to sort out the business in order to guidethe whole design, development and deployment of BOSOC. Secondly, we design the architectureof SOC and the various subsystems and business functions of BOSOC from business perspectiveto achieve effective integration of safety management and business. Finally, the.NET three-tierarchitecture is used to implement BOSOC, so that the BOSOC has better maintainability andscalability.BOSOC is an integrated security operations center with business at the core which canmonitor the business collecting security events from a variety of assets in business systems in theenterprises and organizations and various business indicators in real time. The BOSOC providesanalysis and audit for security incidents. At the same time, it includes real-time alarm andemergency response management with operational security as the core ideology. Besides,BOSOC can show the security situation of the business in real time by dynamic charts andreports. The comprehensive testing results indicate that BOSOC has more advantages comparedto traditional SOC. It not only ensures network security, but also creates the value of businessmanagement with a better user experience.