The Research Of The Security Operations Center Scheme Based On Core Business Monitoring

Nowadays, the level of the network information is improving, many companies and organizations are paying more attention to the security of the information and business, and they have been deploying many security equipments, such as firewall, IDS, gateway and so on, but all the devices work independently and have much potential danger and management deficiencies, so the SOC is promoted in China. SOC is mainly aim to collect all the devices together, and makes them coordinate with each other, share information. But, the traditional SOC cares more about the security of the asset and have no collection with the company business and business monitor, this lead to much shortage to the traditional SOC.On the base of implement process of the Security Operations Center project, this paper is viewing of the SOC deficiency, putting forward a scheme of facing of core business of monitoring Security Operations Center from the perspective of business. To grasp the operational state and make sure the platform is in the state of monitoring and responding, the system will analysis the safety equipments and process the business by warming, alarming, monitoring connected with business process. The monitor way is divided into two aspects:automatic and artificial, the system will formulate the warning grade, and response based of the event grade, it will collect information from the devices, and process them with association analysis to get the property information. Simultaneously, the administrator is divided into different roles and they have detailed responsibility. They can analysis the information by counting the trend graph and situation graph, and make sure the potential danger can be solved immediately when finding them. Both of the two ways are aim to achieve the business monitor.At last, the paper puts forward a new program about the problem, and tests the program in different environment to verify the expected result, and then indicate the development trends of the SOC of basing on the business monitoring.