Pain points and needs

With the rapid development of the internet, external network security issues have become increasingly prominent. In the past two years, security incidents such as hacker attacks and network viruses have occurred from time to time, and relevant national departments have repeatedly demanded that network security construction and management be effectively carried out. For Dongfeng Liuzhou Motor, there are currently several safety issues within the group :

1、The security construction is not systematic and standardized enough, the division of network security domains is not detailed and perfect enough, and there is no unified security management area.

2、Lack of internal network security detection, warning response methods and measures.

3、The security defense of each part is fragmented and has not formed a closed-loop security system.

4、Lack of endpoint (host) security protection measures, inadequate data security, communication security, and application security.

The solution

Implement safety requirements for graded protection in all aspects, meet compliance with safety standards, and maximize the protective capabilities of security measures

Refer to Level Protection 2.0, define critical systems and carry out security construction and rectification in accordance with the requirements of Level 3 protection; According to the principle of "one center, three layers of protection", the security domains are first divided into zones and domains, strictly based on the importance of regional functions and the logical characteristics of network usage. Based on the requirements of boundary isolation and access control between security domains, as well as overall planning requirements, security design and protection are carried out to ensure the security of enterprise data and business systems from multiple levels of protection, including external business security, business access and boundary security, and business carrying environment security.

Building a secure closed loop and dynamic protection capability of "prediction+defense+detection+response"

·The next generation firewall is deployed at the boundaries of Internet access domain, operation and maintenance management domain, server domain and other domains to replace the traditional "FW+IPS+WAF+AV" product stack mode, provide security protection of L2-L7 layers for business systems, not only save costs and simplify operation and maintenance, but also achieve regional isolation and network control, actively identify security risks, timely block various hacker security threats and attacks such as the WEB layer, and ensure the safe operation of the system.

·The deployment of anti-virus systems in the operation and maintenance management domain, as well as operation and maintenance bastion machines, meets compliance requirements such as malicious code prevention, centralized control, and operation and maintenance auditing, improving the overall defense capability of enterprise information systems; By managing online behavior and deploying database auditing equipment, the detection and auditing of terminal and data risks can be achieved, and the detection capability of the security system can be improved.

·Building a local security brain through security aware SIP, linking boundary firewalls, internet behavior management, endpoint EDR, and load balancing, to continuously detect enterprise business failures, risky users, external business risks, and overall network security situation. At the same time, through external threat intelligence, cloud sandbox, etc., we can provide intelligence and external linkage capabilities from an external perspective, strengthen external security assurance of business, build a dynamic protection system of local collaboration and cloud linkage, timely identify and deal with Internet business risks, and improve the enterprise's ability to respond to security incidents.

Program value

1、Meeting national policy requirements, enhancing compliance capabilities, and optimizing enterprise information security defense and management.

2、Building a security protection system that combines prediction, defense, detection, and response can continuously provide dynamic protection, greatly improving the overall network security defense capability.

3、Simple delivery significantly reduces the procurement and operation costs of security equipment, making security construction simpler.