What are the benefits of network security maintenance?

Benefits of network security maintenance: Strengthening network security is conducive to maintaining national security; it is conducive to protecting the personal privacy of citizens and protecting the rights and interests of Internet users; it is conducive to cultivating civilized trends and purifying social atmosphere; it is conducive to the health of the Internet Development; conducive to the healthy growth of young people; conducive to strengthening the construction of socialist spiritual civilization and developing advanced socialist culture; conducive to building a socialist core value system; conducive to strengthening social morality and personal moral construction; conducive to building a harmonious socialist society .

Main measures to protect network security

Protecting application security

Security protection mainly established for specific applications (such as web servers, online payment special software systems) Measures, which are independent of any other security protection measures of the network, although some protection measures may be a substitute or overlap of network security services, such as the encryption of network payment and settlement information packets at the application layer by web browsers and web servers. Encryption is provided through the IP layer, but many applications have their own specific security requirements.

Protecting system security

Refers to security protection from the perspective of the overall e-commerce system or online payment system. It is associated with the network system hardware platform, operating system, various application software, etc. , system security involving online payment and settlement includes the following measures.

(1) Check and confirm unknown security vulnerabilities in installed software, such as browser software, e-wallet software, payment gateway software, etc.;

(2) Technology and management Combined, the system has minimal penetration risk;

(3) Establish detailed security audit logs to detect and track intrusion attacks.

Relevant regulations

Article 25 of the National Security Law stipulates that the state shall build a network and information security system, enhance network and information security protection capabilities, and strengthen innovation in network and information technology. Research and develop applications to realize the security and controllability of network and information core technologies, key infrastructure and information systems and data in important fields; strengthen network management to prevent, stop and punish in accordance with the law cyber attacks, cyber intrusions, cyber theft, and dissemination of illegal and harmful laws Information and other illegal and criminal acts on the Internet, and safeguard national cyberspace sovereignty, security and development interests.

Traditional security is no longer adaptable to modern attacks

The network world in 2015 is still not peaceful. On February 27, the production monitoring equipment of Hikvision, which specializes in security products, was exposed to serious security risks, and some equipment has been controlled by overseas IP addresses. On April 22, a large number of high-risk vulnerabilities appeared in the health and social security systems of more than 30 provinces and cities, including Chongqing, Shanghai, Shanxi, Shenyang, Guizhou, and Henan, and the social security information of tens of millions of users may have been leaked. On May 21, some professional netizens revealed that there were high-risk vulnerabilities in the system of China Life Guangdong Branch, and that the information of 100,000 customers could be leaked on a large scale at any time.

Looking at the online world in the past decade or so, network security construction seems to have fallen into a strange circle: Domestic security manufacturers have sprung up like mushrooms after a rain, and the coverage of hundreds of security products in more than 20 categories is not incomplete. , but the network is still very fragile and security incidents still occur one after another. Why are there so many problems?

Industry expert Ning Jiajun believes that the problem lies in the traditional security protection system framework. He introduced that the traditional security system has two characteristics: first, border-based protection. Each border isolates a relatively independent military area. The central task of defense is to ensure that the border is unbreakable; second, strategic protection based on known characteristics. Assume that all threats are known and can be controlled in advance through prefabricated strategies.

“In short, traditional security is actually based on static, passive, and defensive operational thinking. With the development of the network, network attacks have also undergone new changes with the times.

First of all, with the development of mobile Internet, BYOD, virtualization and other technologies, boundaries in the traditional sense no longer exist; secondly, attacks are no longer flexing muscles, but more based on politics, economics, military, etc. Organized targeted attacks with specific purposes. Unknown threats and advanced threats such as 0-day are increasingly used in attacks. Obviously, the traditional network security protection system can no longer adapt to this change. " Ning Jiajun said.

Change the thinking from defense to confrontation

Zhou Yonggang, product manager of Netcom Huiyan Cloud, introduced that through the analysis of a large number of historical attack cases, the attacks can be roughly divided into There are three stages: intrusion, internal penetration, and information theft.

“Every intrusion and penetration involves target detection, use of attack tools, vulnerability exploitation, and malware implantation. Due to the use of unknown threats such as 0-day, the success rate of initial intrusion is getting higher and higher. Once the intrusion is successful, the intruder will find a support point through which to gradually penetrate internally and continue to look for other support points until Find the attack target, and then collect and steal data. In this process, each support point became a springboard for the attacker to succeed. So discovering these support points is key. Zhou Yonggang said, "We found that these support points will produce a lot of abnormal behaviors during the penetration process. By analyzing these abnormal behaviors, we can discover these support points, thereby finding safety hazards, which becomes the key to solving the problem." ”