The Solution Of Security Management In E-government Network Based On Windows Domain Environment

The security of e-government network relates to public service level of the government and public service image of the government. However, currently the lack of unified and standard management system in e-government network security is a universal phenomenon. Especially remote users’ behaviour when they access the internet、 operate the computers and store the data is one of the main factors that cause the e-government network security problems. The key step to ensure network security, stability and healthy development is how to provide a standardized network environment to restrict the remote users’behavior of accessing the internet, operating the computers and storing data in the e-government system.This thesis builds a three-layer security management system which includes remote access layer, health detection layer and operating standard layer for e-government based on windows domain environment. On the remote access layer, it is provided with prerequisite for remote access clients to accept e-government network centralized management while permitting remote clients to join e-government network safely by VPN based on PEAP-EAP-TLS. On the health detection layer, in order to avoid security risks to the entire government network by unsafe individual remote clients, remote clients were enforced health detection before they acquire full access to resources in e-government network through NAP. On the operating standard layer, Firstly, we achieve the orderly user-oriented access when remote clients access WEB as local clients by Forefront Threat Management Gateway(TMG 2010); Secondly, with the help of System Center Configuration Manager(SCCM 2012), we restrict client users’ behaviour, reduce the failure rate of clients, improve the maintenance efficiency of administrator through unified supervision on the clients of software installation, patch update, virus protection, hardware manage etc. Finally, in our system, users can securely store and easily access government data by storing government data to the server and mapping the data to users by distributed file system (DFS).The centralized management platform based on windows domain environment integrated the security islands of conventional e-government network management and formed a centralized and controllable e-government network architecture.