Zhejiang University

Pain points and needs

Since 2015, the Education Department and Public Security Department of Zhejiang Province have clearly stated that universities need to carry out phased and graded protection construction for their business systems. The Yuquan Campus of Zhejiang University is an export of the Zhejiang Provincial Education and Science Network, carrying the backbone communication link between all higher education institutions in Zhejiang Province and the Ministry of Education. At the same time, as the core data center of Zhejiang University, the campus data center internally carries a large number of campus network business systems, and has very high requirements for network security protection.
1. It is necessary to meet the requirements of the Cybersecurity Law and level protection.
2. In 2017, the Cybersecurity Law was officially implemented, and the national requirements for the protection of university levels have become increasingly strict. As the highest academic institution in Zhejiang Province, Zhejiang University's business system is mostly classified as Level 3 protection. Since 2015, Zhejiang University has been required to conduct annual re evaluation and inspection of its systems, and to reinforce the security of its business systems.
3. Network attacks cannot be timely and effectively located.
4. In response to the increasingly severe network attacks on server vulnerabilities and application businesses, existing WAF devices are unable to effectively locate the attacks. In this situation, users need to build a stronger security defense system, analyze and effectively locate network behavior, and achieve analysis of network attacks, especially new types of network attack behavior. At the same time, they need to obtain dynamic security detection capabilities and rapid response capabilities to provide more comprehensive protection for business systems.

The solution

Based on the analysis of user needs and security status, Shenxin has designed a Level Protection 2.0 solution for users, which includes next-generation firewall AF, security awareness platform SIP, database audit DAS, bastion machine and other security devices, as well as emergency analysis and disposal services.

Next generation firewall

Shenxin believes that the next generation of firewalls will be deployed at the exit of the Education and Science Network and the exit of the core data center of Zhejiang University, ensuring that the security protection of the data center's core business system meets the requirements of level three protection, while also providing security protection for data accessed by different branch schools to the Yuquan data center.

Security Perception Platform

The security awareness platform is deployed in the security management area to continuously detect data passing through the data center, ensuring the security of core data. At the same time, by linking with the next-generation firewall of DeepTrust, residual attack detection is carried out to ensure that the data center business has the ability to detect unknown threats and meet the relevant requirements of level protection.

Emergency analysis and response services

On the basis of defense and detection, supporting security services can achieve rapid response after discovering problems, greatly reducing the impact of events.

Program value

With the help of the convincing Level Protection 2.0 solution, users have strengthened their security capabilities in defense and detection, meeting the relevant requirements of Level 3 protection. In addition, in conjunction with Shenxin Security Services, rapid discovery and resolution of problems have been achieved, ultimately constructing a security system for users that integrates warning, defense, detection, and response from "cloud" to "gateway" and then to "network" traffic.

The next generation firewall creates comprehensive L2-L7 layer security protection for users

With the powerful zombie network host detection capability of the next-generation firewall, we have successfully identified suspicious issues in the user's core email system. Deeply convinced that the next-generation firewall integrates the defense capabilities of the web application layer, compared to the original WAF defense function, it can generate more web attack interception logs. By comparing the attack logs, malicious code and abnormal traffic targeting the web application layer can be prevented in a timely manner. This not only makes up for the lack of user's ability to prevent malicious code at the regional boundary under the requirements of Level 3 protection, but also creates comprehensive security protection for user business at L2-L7 layers.

The security perception platform achieves global visibility and accurate detection of security situation

With the help of the DeepTrust Security Perception Platform, users have successfully identified the vulnerability issue of weak passwords in the core business system. Through continuous product upgrades, various suspicious threats have also been detected. In accordance with the requirements of the Ministry of Education to discover "zombie assets", we have helped users build a security aware detection system that focuses on core business and meets level protection requirements.

Implementing semi automated security disposal with rapid response and human-machine linkage through security services

Through multiple on-site visits by the Shenxin Security Service Team, we gradually understood the real needs of users in terms of network security. Combined with considerations of level protection compliance, we helped users make reasonable plans for device deployment. At the same time, after discovering problems with the equipment, manual handling services are provided to help users recover quickly and achieve a secure closed loop.