摘要
近年来,高级持续性威胁(APT,Advanced Persistent Threat)已经成为一种严重威胁企业数据安全的网络攻击。这种网络攻击具有针对性、隐蔽性、持续性和可变性特点,目的直达企业核心数据。传统基于"网关+服务器+PC终端"的三层安全防护架构过于分散,无法有效地发现和阻止此类攻击。文中提出了一种改进的分层集中式网络安全架构,通过集中分析和管控的方法,使企业内部的安全防护部件构成一个有机整体,能够有效地防范APT网络攻击。
In recent years, advanced persistent threat(APT) has become a serious threat to enterprise data security. This type of attack is of purposiveness, concealment, sustainability, variability and other characteristics, and focuses on core data of the enterprise.The traditional "gateway + server + PC terminal" based three-tier security architecture is unduly distributed and thus could not find and prevent such kind of attack. An improved hierarchical-centralized network security architecture is propsed, which, through centralized analysis and control method, makes the internal security components an organic entirety and thus effectively prevent APT network attack.
出处
《信息安全与通信保密》
2013年第6期65-67,共3页
Information Security and Communications Privacy
