论文部分内容阅读
近年来随着企业信息化建设步伐的加快,业务需求成倍增加,企业对信息化重视程度的提升,导致企业网络规模越来越大、结构也越来越复杂。目前企业网络主要存在如下问题:网络边界不够清晰;对内网安全需求缺乏统一规划;没能对核心业务系统进行很好的访问控制;各接入系统之间没有进行明确访问控制,局部安全问题容易威胁到整网安全。本文通过阐述模块化特性,将整个网络以模块形式分为多个安全域,通过安全域的划分,从纵深的角度全盘考虑安全的部署和应用,利用模块化的方法构筑大型企业网络的安全体系结构,以灵活的适应不断变化的网络安全需求。
In recent years, with the accelerating pace of enterprise information construction, business requirements have multiplied, and enterprises have increased their emphasis on informationization. As a result, the scale of enterprise networks has become larger and larger, and the structure has become more complicated. At present, there are mainly problems in the enterprise network: the network border is not clear enough; lack of unified planning for the internal network security requirements; failure to make good access control to the core business system; no clear access control and local security issues among the access systems Easy to threaten the entire network security. Through expatiating on the modularization characteristics, this paper divides the whole network into several security domains in the form of modules. Through the division of security domains, we consider the deployment and application of security in a deep-rooted way and construct the security system of large-scale enterprise network by using the modularization method Structure to adapt flexibly to changing network security needs.