In the face of endless loopholes, how to build a "practical" unified system vulnerability management platform is a headache for network security vendors and customers. A few days ago, the product market experts of Guolian Yian , a leading enterprise in China focusing on the research and development of classified protection, graded protection, business continuity security and big data security product solutions and related technologies in the confidential and non-confidential fields, gave the answer :
The first is to adopt multi-tenant management: different tenants set up vulnerability scanning policies in line with the characteristics of each tenant, and can only view the current tenant's vulnerability status; platform administrators can manage and monitor global unified system vulnerabilities.
The second is to do a good job in network space asset detection: traverse the asset space to realize the asset discovery of the entire network, identify surviving hosts, network equipment, databases and other related equipment and attributes in the network environment, automatically generate network topology, and support asset export, import, and asset data. Manual correction.
The third is to cover all-scenario vulnerability scanning : the platform covers space asset detection, system vulnerability scanning, virtual machine vulnerability scanning, Web vulnerability scanning, database security scanning, security baseline verification, industrial control vulnerability scanning, WiFi security detection, App security scanning, and big data platform Vulnerability scanning, security compliance association and other vulnerability scanning functions.
The fourth is to carry out Windows security reinforcement: support automatic and manual security reinforcement for the configuration, network, access, log, protection, etc. of the Windows operating system. Reinforcement content includes: configuration management (host configuration, user policy, identity authentication, patch management, software management), network management (service port, firewall management), access management (peripheral management, autoplay, remote login, wireless network card) , log audit, malicious code prevention (data protection, anti-virus software), etc.
The fifth is to achieve report association: the platform analyzes the scanning results in the form of reports and graphics, and can analyze the scanning results in predefined, customized and multi-angle and multi-level ways. Provide complete vulnerability risk levels, vulnerability categories, vulnerability descriptions, vulnerability types, and vulnerability solutions.
The sixth is to complete the distributed vulnerability management: the distributed management function of the entire network, the system supports the distributed management function, the system can issue scanning tasks to the lower-level engine, receive the scanning results uploaded by the lower-level engine, perform unified analysis, and generate an overall scanning report.
Seventh, it can be upgraded with one key in a shortcut way : by using the product upgrade module built in the program, the vulnerability database and software can be upgraded online, locally, or regularly through the network or local data packets.
A new generation of vulnerability scanning management system independently developed by Guolian Yian's research team - a unified system vulnerability management platform , covering cyberspace asset detection, system vulnerability scanning, virtual machine vulnerability scanning, Web vulnerability scanning, website security monitoring, database Functions such as security scanning, security baseline verification, industrial control vulnerability scanning, WiFi security detection, App security scanning, big data platform vulnerability scanning, Windows security hardening, etc. Various vulnerability problems exist, and provide professional and effective vulnerability analysis and repair suggestions. At the same time, combined with a credible vulnerability management process, the vulnerability is alerted, scanned, repaired, and audited. At present, the platform has been applied in different environments of multiple customers such as the Internet, local area network, industrial Internet, cloud environment, and big data center .
About Guolian Yi'an
Beijing Guolian Yi'an Information Technology Co., Ltd. (formerly known as Beijing Zhiheng Union Technology Co., Ltd.), referred to as "Guolian Yi'an", was established in 2006. It has two brands of "Guolian Yi'an" and "Zhiheng Union". A leading company in the research and development of classified protection, graded protection, business continuity security and big data security product solutions and related technologies in the confidential and non-confidential fields. A number of security technologies of the company fill the gaps in domestic technology, and are widely used in government, finance, security, telecom operators, military industry, large and medium-sized enterprises, energy, education, medical e-commerce and other fields.
In addition to R & D and production of professional security products, Guolian Yian also provides customers with professional security services such as expert consultation on comprehensive detection and protection solutions, source code security assessment, security operation and maintenance on duty, intelligent terminal security assessment, security penetration testing, and professional security training. .