检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:刘安 徐雷[1] 郭新海 蓝鑫冲 Liu An;Xu Lei;Guo Xinhai;Lan Xinchong(China Unicom Research Institute,Beijing 100048,China)
机构地区:[1]中国联通研究院,北京100048
出 处:《邮电设计技术》2023年第4期20-23,共4页Designing Techniques of Posts and Telecommunications
摘 要:安全基线核查是系统及设备对自身需求、部署环境和特定时期内应满足的基本安全要求,也是网络防护的第一道防线。分析了安全基线核查的痛点,探讨了通过堡垒机连接设备自动化进行基线核查的方案,提高自动化水平,降低设备账号、密码等敏感信息泄漏的风险。方案能够针对设备不合规检查项自动生成修复脚本,对设备进行整改,并从不同维度统计展示核查结果,方便从整体把握设备安全状态,从而使安全基线核查过程达到自动化、标准化、持续化、可视化,进一步提升网络的安全合规化水平。Security baseline verification is the basic security requirements that the system and equipment should meet for their own needs,deployment environment and specific period,and it is also the first line of defense for network protection.It analyzes the pain points of security baseline verification,and discusses the scheme that realizes security baseline verification by connecting equipment automatically through fortress machine,which improves the automation level and reduces the risk of leakage of sensitive information such as equipment account number and password.The scheme can automatically generate repair scripts for equipment non-compliance inspection items to rectify the equipment.Moreover,the verification results are statistically displayed from different dimensions,which is convenient to grasp the safety status of the equipment as a whole.Thus,the safety baseline verification process can be automated,standardized,sustained and visualized,and the safety compliance level of the network can be further improved.
分 类 号:TN915.08[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.7
