摘要
电力信息内网终端由于病毒感染、移动介质的非法使用、内外网互联等行为给整个电力信息网带来了极大的安全隐患,可以采取融合终端行为检测、行为审计及网络准入的主动式终端安全防护方法对网络终端进行管控。首先以信息网现状为基础,分析了信息网终端安全风险来源,再围绕终端网络地址使用情况、审计行为客户端进行终端接入行为的主动式监测,依据审计规则定义不同等级的终端安全风险并采用隔离、断网等措施,实现了信息终端接入的全方位管控,提升了电力信息网的终端安全管理水平。
Because of virus infection,illegal use of mobile media and Internet connection,the network of power information network brings great security risks to the entire power information network. The company adopts the integrated terminal behavior detection,the behavior audit and the network access active terminal safety protection method to control the network terminal. First of all,based on the present situation of information network,information network terminal security risk sources are analyzed,and then around the terminal network address usage,audit client terminal access behavior of active monitoring,and on the basis of the audit rules different levels of terminal security risks and isolation measures are defined. Then network is isolated and shut off to realize all-round control information terminal access to the promotion of the terminal security management level of electric power information network.
作者
叶水勇
张峻林
王文林
张弛
李莹
宋浩杰
汪静
YE Shuiyong;ZHANG Junlin;WANG Wenlin;ZHANG Chi;LI Ying;SONG Haoji;WANG Jing(State Grid Huangshan Power Supply Company,Huangshan 245000,China)
出处
《电力与能源》
2018年第4期473-476,共4页
Power & Energy
关键词
风险分析
审计行为
安全防护
终端异常
risk analysis
auditing behavior
safety protection
terminal abnormal
