摘要
为适应国网信息化的业务高集成、数据高交互、边界广延伸、终端多类型对现有信息安全管理工作带来的新挑战,湖北省电力公司依靠"两网三区",坚持"四统一"、"四步走",变查漏补缺、被动防御为整体掌控、主动防御,实现对终端运行情况的实时监控和分析,规范了从用户、终端设备、网络设备入网信息注册,到信息关联,再到安全事件管理等一整套监测的流程和方法,实现了系统分布部署,策略统一下发,信息逐级上传,事件统一展现。
To adapt to the new challenge of information integration, data interaction, boundary extension and terminal multi-type in State Grid Corporation of China(SGCC) information to security management, Hubei Electric Power Company relies on the "two networks with three regions"(TNTR) technology and the principle of "four unity" and "four steps", realizes the real-time monitoring and analysis of the terminal operation. A set of monitoring flow and method including network registration, information association and security events management is proposed. The TNTR technique can deploy system dispersedly, distribute strategy uniformly, upload information step by step and display events uniformly.
出处
《电力信息与通信技术》
2015年第8期106-111,共6页
Electric Power Information and Communication Technology
关键词
两网三区
终端安全
主动防御
two networks with three regions
terminal security
active defense
