Summary of the invention
Technical problems to be solved in this application are to provide the method and system of a kind of LAN safety assessment, in order to feed back the safe condition of enterprise network comprehensively, truly.
In order to solve the problem, this application discloses the method for a kind of LAN safety assessment, the terminal in described local area network (LAN) comprises control terminal and user terminal, and described method comprises:
Trigger the safety detection of user terminal in local area network (LAN);
The safety detection data of its correspondence are reported to control terminal by described user terminal;
Described control terminal is according to the security assessment information of received safety detection data genaration current local area network.
Preferably, described method, also comprises:
Described control terminal issues security strategy according to described security assessment information to corresponding user terminal, performs described security strategy by corresponding user terminal.
Preferably, in described local area network (LAN), the safety detection of user terminal comprises:
Viral diagnosis, trojan horse detection, security breaches detect, and plug-in unit detects, and system rubbish detects, and system configuration detects, and software security detects, and/or network is shared and detected;
Described safety detection data comprise:
Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information.
Preferably, described safety detection data also comprise:
Described user terminal according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, the safe grading parameters generated according to preset scoring rule;
Described security assessment information comprises network-wide security grading parameters, and, network-wide security information summary sheet, described control terminal comprises according to the step of the security assessment information of received safety detection data genaration current local area network:
Described control terminal adds up the safe grading parameters of each user terminal to send up received, and generates the network-wide security grading parameters of current local area network;
The Virus Info of each user terminal that described control terminal tissue receives, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, generate the network-wide security information summary sheet of current local area network.
Preferably, described security assessment information comprises the safe grading parameters of each user terminal, network-wide security grading parameters, and, network-wide security information summary sheet, described control terminal comprises according to the step of the security assessment information of received safety detection data genaration current local area network:
Described control terminal according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, calculate the safe grading parameters of each user terminal according to preset scoring rule;
Described control terminal adds up the safe grading parameters of described user terminal, generates the network-wide security grading parameters of current local area network;
Described control terminal organizes the Virus Info of described user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, generate the network-wide security information summary sheet of current local area network.
Preferably, described security assessment information also comprises network-wide security rank, and described control terminal also comprises according to the step of the security assessment information of received safety detection data genaration current local area network:
Described control terminal according to the network-wide security grading parameters of current local area network, according to the network-wide security rank of level definition determination current local area network preset.
Preferably, described method, also comprises:
Control terminal shows described security assessment information.
Preferably, described method, also comprises:
Control terminal is by described security assessment information write daily record.
Preferably, described control terminal issues security strategy according to described security assessment information to corresponding user terminal, and the step being performed described security strategy by corresponding user terminal comprises:
Described control terminal generates security strategy according to described security assessment information, and described security strategy comprises the mark of relative users terminal, and, Java.policy;
Described control terminal sends security strategy to user terminal and extracts notice;
Described user terminal extracts notice according to described security strategy, downloads corresponding Java.policy according to user terminal identification from control terminal;
Described user terminal installs described Java.policy.
Preferably, when described security assessment information comprises Virus Info, described Java.policy comprises virus and reads, the information of virus deletion and/or virus isolation;
When described security assessment information comprises wooden horse information, described Java.policy comprises wooden horse and reads, the information that wooden horse is deleted and/or wooden horse is isolated;
When described security assessment information comprises safety loophole information, described Java.policy comprises the information that patch is downloaded and installed;
When described security assessment information comprises malicious plugins information, described Java.policy comprises the information that plug-in unit reads and deletes;
When described security assessment information comprises system rubbish information, described Java.policy comprises the information of system rubbish cleaning;
When described security assessment information comprises system configuration error message, described Java.policy comprises amendment or reset system configuration, and/or, the information of read/write registration table continuous item;
When described security assessment information comprises dangerous software information, described Java.policy comprises the reading of described software and the information of deletion;
Share information when described security assessment information comprises network, described Java.policy comprises the information of reading that described network shares and deletion.
The embodiment of the present application also discloses the system of a kind of LAN safety assessment, and the terminal in described local area network (LAN) comprises control terminal and user terminal, and described system comprises:
Trigger module, for triggering the safety detection of user terminal in local area network (LAN);
Be positioned at the data reporting module of user terminal, the safety detection data obtained for user terminal being performed described safety detection report to control terminal;
Be positioned at the security evaluation module of control terminal, for the security assessment information according to received safety detection data genaration current local area network.
Preferably, described system, also comprises:
Be positioned at the policy distribution module of control terminal, for issuing security strategy according to described security assessment information to corresponding user terminal;
Be positioned at the policy enforcement module of user terminal, for performing described security strategy in corresponding user terminal.
Preferably, in described local area network (LAN), the safety detection of user terminal comprises:
Viral diagnosis, trojan horse detection, security breaches detect, and plug-in unit detects, and system rubbish detects, and system configuration detects, and software security detects, and/or network is shared and detected;
Described safety detection data comprise:
Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information.
Preferably, described safety detection data also comprise:
Described user terminal according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, the safe grading parameters generated according to preset scoring rule;
Described security assessment information comprises network-wide security grading parameters, and, network-wide security information summary sheet, described in be positioned at control terminal security evaluation module comprise:
Point Data-Statistics submodule, for adding up the safe grading parameters of received each user terminal to send up, generates the network-wide security grading parameters of current local area network;
Organization of Data submodule, for organizing the Virus Info of received each user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, generates the network-wide security information summary sheet of current local area network.
Preferably, described security assessment information comprises the safe grading parameters of each user terminal, network-wide security grading parameters, and, network-wide security information summary sheet, described in be positioned at control terminal security evaluation module comprise:
Terminal score submodule, for according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, calculates the safe grading parameters of each user terminal according to preset scoring rule;
Dividing Data-Statistics submodule, for adding up the safe grading parameters of described user terminal, generating the network-wide security grading parameters of current local area network;
Organization of Data submodule, for organizing the Virus Info of described user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, generates the network-wide security information summary sheet of current local area network.
Preferably, described security assessment information also comprises network-wide security rank, described in be positioned at control terminal security evaluation module also comprise:
Safe class determination submodule, for the network-wide security grading parameters according to current local area network, according to the network-wide security rank of the level definition determination current local area network preset.
Preferably, the policy distribution module being positioned at control terminal described in comprises:
Strategy generating submodule, for generating security strategy according to described security assessment information, described security strategy comprises the mark of relative users terminal, and, Java.policy;
Strategy sends submodule, sends security strategy extract notice for described control terminal to user terminal;
The described policy enforcement module being positioned at user terminal comprises:
Strategy extracts submodule, extracts notice for described user terminal according to described security strategy, downloads corresponding Java.policy according to user terminal identification from control terminal;
Policy installation submodule, for installing described Java.policy at described user terminal.
Preferably, when described security assessment information comprises Virus Info, described Java.policy comprises virus and reads, the information of virus deletion and/or virus isolation;
When described security assessment information comprises wooden horse information, described Java.policy comprises wooden horse and reads, the information that wooden horse is deleted and/or wooden horse is isolated;
When described security assessment information comprises safety loophole information, described Java.policy comprises the information that patch is downloaded and installed;
When described security assessment information comprises malicious plugins information, described Java.policy comprises the information that plug-in unit reads and deletes;
When described security assessment information comprises system rubbish information, described Java.policy comprises the information of system rubbish cleaning;
When described security assessment information comprises system configuration error message, described Java.policy comprises amendment or reset system configuration, and/or, the information of read/write registration table continuous item;
When described security assessment information comprises dangerous software information, described Java.policy comprises the reading of described software and the information of deletion;
Share information when described security assessment information comprises network, described Java.policy comprises the information of reading that described network shares and deletion
Compared with prior art, the application comprises following advantage:
The application is no longer only using viral load and viral threat degree as the sole criterion of LAN security evaluation, for LAN achieves safe obviate, forbid in thing, the omnibearing protection of killing afterwards, and for the safety detection of LAN, contain many aspects, as the virus status in local area network (LAN); Wooden horse situation in local area network (LAN); Patch situation in local area network (LAN); Plug-in unit situation in local area network (LAN); System rubbish situation in local area network (LAN); Various system configuration situations in local area network (LAN); Various networks in local area network (LAN) share situation etc., thus can obtain security evaluation data accurately, can feed back the safe condition of enterprise network comprehensively, truly.
Moreover, application the embodiment of the present application, the data that control terminal can unify all user terminal to send up of local area network carry out gathering and analyzing, and provide the security assessment information of the general safety situation of a reaction local area network (LAN), the security assessment information that network of relation administrative staff can be provided by described control terminal understands every platform user terminal safe condition in local area network (LAN) in real time, and, described control terminal can also adopt virus killing according to the situation of each user terminal safety, patch installing, the means such as health check-up ensure that each terminal is in best safety state; In addition, can also concentrate and issue unified security strategy, such as timing health check-up, timing patch installing, starting up's item etc. of unified management terminal computer, effectively alleviates the workload of network management personnel, improves Consumer's Experience.
Embodiment
For enabling above-mentioned purpose, the feature and advantage of the application more become apparent, below in conjunction with the drawings and specific embodiments, the application is described in further detail.
With reference to Fig. 1, show the flow chart of steps of the embodiment of the method for a kind of LAN safety assessment of the application, the terminal in described local area network (LAN) comprises control terminal and user terminal, and the present embodiment specifically can comprise the steps:
The safety detection of user terminal in step 101, triggering local area network (LAN);
It should be noted that, in application embodiment, described control terminal refers to the terminal of carrying out safety detection in local area network (LAN) for controlling other user terminal, and described user terminal refers to the instruction of response limiting terminal in local area network (LAN), carries out the terminal of data interaction with control terminal.In actual applications, can at control terminal deployment server proxy module, in user terminal deployment software client and communication module, with the framework of similar C/S (client/server), to realize in local area network (LAN) control terminal to the controlling functions of user terminal, and, the control response of user terminal and communication function.
In specific implementation, described local area network (LAN) can be Intranet, and in described local area network (LAN), the safety detection operation of user terminal can be triggered by following three kinds of modes:
The first, according to the setting of the start detection trigger of control terminal, user terminal is when starting shooting at every turn, and automatic triggering secure detects;
The second, performs the setting of end trigger detection according to the security strategy of control terminal, user terminal after executing security strategy at every turn, and triggering secure detects;
The third, the detection instruction that user terminal response limiting terminal issues, triggering secure detects.
Certainly, above-mentioned triggering mode is only used as example, and those skilled in the art adopt any one triggering mode to be feasible according to actual conditions, and the embodiment of the present application is not restricted this.
The safety detection data of its correspondence are reported to control terminal by step 102, described user terminal;
As the example of the embodiment of the present application embody rule, in described local area network (LAN), the safety detection of user terminal can comprise:
(1) Viral diagnosis, namely detects the virus status in active user's terminal.
Specifically, virus refers to establishment or the destruction computer function that inserts in computer program or destroys data, affect computer use and can one group of computer instruction of self-replacation or program code.Virus has the features such as parasitics, infectiousness, latency, disguise, destructiveness and ignitionability.
When existence virus in active user's terminal being detected, can obtain the safety detection data about Virus Info, described Virus Info specifically can comprise viral load, Virus Type, viral site, viral attribute etc.
(2) trojan horse detection, namely detects the wooden horse situation in active user's terminal.
Specifically, wooden horse is a kind of duplicity program through camouflage, and it by attracting user to download execution self camouflage, thus destroys or steal vital document and the data of user.Wooden horse is different from general virus, it can not self-reproduction, also " deliberately " does not go to infect alternative document, and its Main Function opens by kind of a door for person's computer to executing kind of a wooden horse person, make the other side can damage arbitrarily, steal your file, even the computer of remote control user.
When detect there is wooden horse in active user's terminal time, can obtain the safety detection data about wooden horse information, described wooden horse information specifically can comprise wooden horse quantity, wooden horse position etc.
(3) security breaches detect, and namely detect the security vulnerability state in hardware, system and the software in active user's terminal.
Specifically, leak is the defect existed in the specific implementation or System Security Policy of hardware, software, agreement, thus assailant can be enable to access or destruction system in undelegated situation.It is the not shielded entrance stayed unintentionally of restricted computer, assembly, application program or other online dictionary.Leak can have influence on a wide range of soft hardware equipment, comprises system itself and support programs thereof, network client and server software, network router and security firewall etc.
When detect there are security breaches in active user's terminal time, can obtain the safety detection data about safety loophole information, described safety loophole information specifically can comprise the type of security breaches, the attribute, the quantity of security breaches, the occurrence positions of security breaches etc. of security breaches.
(4) plug-in unit detects, and namely detects the plug-in security situation in active user's terminal.
Specifically, plug-in unit is the program that a kind of application programming interfaces following certain specification are write out.A lot of software has plug-in unit, and plug-in unit has countless versions.Such as in IE, after installing relevant plug-in unit, web browser directly can call plug-in card program, for the treatment of the file of particular type.Some plug-in card program can help the more convenient browsing internet of user or call online miscellaneous function, also subprogram is had to be it is called as ad ware (Adware) or spyware (Spyware), the internet behavior of this type of malicious plugins sequential monitoring user, and recorded data is reported to the founder of plug-in card program, to reach input advertisement, steal game or the illegal objective such as account No. password, namely namely the main purpose of the detection of plug-in security situation is found to the malicious plugins in user terminal.
When detect there is malicious plugins in active user's terminal time, can obtain the safety detection data about malicious plugins information, described malicious plugins information specifically can comprise the type of malicious plugins, the attribute, the quantity of malicious plugins, the position of malicious plugins etc. of malicious plugins.
(5) system rubbish detects, and namely detects the system rubbish situation in active user's terminal.
Specifically, system rubbish is exactly the general designation of the file that system no longer needs.Webpage as browsed in user, the program Stub File uninstalled again after installation and the key assignments of registration table.These are all the files like water off a duck's back to system, can only increase burden to system, so be referred to as system rubbish.
When detect there is system rubbish in active user's terminal time, can obtain the safety detection data about system rubbish information, described system rubbish information specifically can comprise the type of system rubbish, the position of system rubbish etc.
(6) system configuration detects, and namely detects the dangerous situation of the system configuration in active user's terminal.
When detecting that the system in active user's terminal exists dangerous configuration, when safe class as current operation system arranges too low, can obtain the safety detection data about system configuration error message, described system configuration error message specifically can comprise situation of the dangerous setting of system configuration etc.
(7) software security detects, and namely detects the software security situation of installing in active user's terminal.
When there is the software of the safety danger side of body in the system in active user's terminal that detects, as software etc. of going fishing, can obtain the safety detection data about dangerous software information, described dangerous software information specifically can comprise dbase, software danger side of body type, software positional information etc.
(8) network is shared and is detected, and namely detects the situation that in active user's terminal, network is shared.
Network shares the resource referred on network, comprises hardware and software, the feature that any network user of mandate can use.Network shareware is there is in active user's terminal when detecting, during network shared device etc., the safety detection data sharing information about network can be obtained, described network shares information specifically can comprise dbase that network shares, network is shared device name, software type that network is shared etc.
Certainly, the method of above-mentioned safety detection and the safety detection data obtained all only are used as example, those skilled in the art adopt other safety detection method according to actual conditions, and it is all feasible for obtaining other various required safety detection data, and the embodiment of the present application is not restricted this.
In specific implementation, the safety detection data of the correspondence obtained through safety detection are reported to control terminal by the communication module of its On-premise by user terminal.
Step 103, described control terminal are according to the security assessment information of received safety detection data genaration current local area network.
In a preferred embodiment of the present application, described user terminal can also according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, calculates the safe grading parameters of active user's terminal according to preset scoring rule; That is, in the present embodiment, described safety detection data also comprise the safe grading parameters of active user's terminal.
Such as, preset scoring rule is, arranging full marks is 100 points, and occur that above-mentioned arbitrary dangerous project information then detains 10 points, if current detection goes out two dangerous projects, then safe grading parameters is 80 points.
In this case, described step 103 specifically can comprise following sub-step:
Sub-step S11, described control terminal add up the safe grading parameters of each user terminal to send up received, and generate the network-wide security grading parameters of current local area network;
Such as, then the safe grading parameters of described control terminal to received each user terminal to send up average after suing for peace, using the network-wide security grading parameters of this mean value as current local area network.
The Virus Info of each user terminal that sub-step S12, described control terminal tissue receive, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, generate the network-wide security information summary sheet of current local area network.
In the present embodiment, control terminal adopts network-wide security grading parameters, and network-wide security information summary sheet is as the sign of current local area network security assessment information.
In another preferred embodiment of the present application, the safe grading parameters of described each user terminal also can be unifiedly calculated by control terminal, and namely described step 103 can comprise following sub-step:
Sub-step S21, described control terminal are according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, calculate the safe grading parameters of each user terminal according to preset scoring rule;
Sub-step S22, described control terminal add up the safe grading parameters of described user terminal, generate the network-wide security grading parameters of current local area network;
Sub-step S23, described control terminal organize the Virus Info of described user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, generate the network-wide security information summary sheet of current local area network.
In the present embodiment, control terminal adopts the safe grading parameters of each user terminal, network-wide security grading parameters, and network-wide security information summary sheet is as the sign of current local area network security assessment information.
Those skilled in the art also can adopt the security assessment information of other form, such as, press fixed form according to safety detection data and generate network-wide security assessment report, the safe grading parameters describing current local area network in described network-wide security assessment report in detail is how many, which potential safety hazard there is in each user terminal, and provide corresponding suggestion for operation.
In specific implementation, level of security can also be divided to the safe condition of current local area network.Namely more preferably, described security assessment information can also comprise network-wide security rank, and in this case, described step 103 can also comprise following sub-step:
Sub-step 30, described control terminal according to the network-wide security grading parameters of current local area network, according to the network-wide security rank of level definition determination current local area network preset.
Such as, the level definition preset is:
More than 90 points: healthy network;
60 to 90 points: inferior health network;
Less than 60 points: unhealthy network.
If calculating the network-wide security grading parameters obtaining current local area network is 95 points, then determine that its network-wide security rank is healthy network; If calculating the network-wide security grading parameters obtaining current local area network is 80 points, then determine that its network-wide security rank is inferior health network; If calculating the network-wide security grading parameters obtaining current local area network is 55 points, then determine that its network-wide security rank is unhealthy network.
In the preferred embodiment of the application, described control terminal can also adopt shows described security assessment information, and, by the mode in described security assessment information write daily record, described security assessment information is informed to network of relation administrative staff, the problem sooner, better, more fully finding in local area network (LAN) to help network management personnel, and address these problems in time.
In a particular application, network of relation administrative staff can according to described security assessment information determination security strategy, also automatically security strategy can be generated by control terminal according to described security assessment information, then corresponding user terminal is issued to, corresponding security strategy is performed, to remove security risk by each user terminal.
In a preferred embodiment of the present application, can also comprise the steps:
Step 104, described control terminal issue security strategy according to described security assessment information to corresponding user terminal, perform described security strategy by corresponding user terminal.
Security strategy refers in certain safety zone (safety zone typically refers to a series of process and the communication resource that belong to certain tissue), for the set of rule of all security-related activities.
As a kind of example of the present embodiment embody rule, described step 104 specifically can comprise following sub-step:
Sub-step S41, described control terminal generate security strategy according to described security assessment information, and described security strategy comprises the mark of relative users terminal, and, Java.policy;
Sub-step S42, described control terminal send security strategy to user terminal and extract notice;
Sub-step S43, described user terminal extract notice according to described security strategy, download corresponding Java.policy according to user terminal identification from control terminal;
Sub-step S44, described user terminal install described Java.policy.
Such as, current safety appreciation information comprises the Virus Info of the 2nd user terminal, the wooden horse information of the 5th user terminal, and, the safety loophole information of the 8th user terminal, comprises so control terminal generates corresponding security strategy: for the Java.policy of the checking and killing virus of the 2nd user terminal, for the Java.policy of the wooden horse killing of the 5th user terminal, and, the Java.policy that the patch for the 8th user terminal is installed.The communication module of each user terminal goes to control terminal, the user terminal identification recorded in contrast security strategy, download corresponding Java.policy, namely the 2nd user terminal downloads is to the Java.policy of checking and killing virus, 5th user terminal downloads is to the Java.policy of wooden horse killing, 8th Java.policy that user terminal downloads is installed to patch, then above-mentioned each user terminal performs corresponding Java.policy respectively, to remove dangerous project.
More specifically, when described security assessment information comprises Virus Info, described Java.policy can comprise virus and read, the information of virus deletion and/or virus isolation;
When described security assessment information comprises wooden horse information, described Java.policy can comprise wooden horse and read, the information that wooden horse is deleted and/or wooden horse is isolated;
When described security assessment information comprises safety loophole information, described Java.policy can comprise the information that patch is downloaded and installed;
When described security assessment information comprises malicious plugins information, described Java.policy can comprise the information that plug-in unit reads and deletes;
When described security assessment information comprises system rubbish information, described Java.policy can comprise the information of system rubbish cleaning;
When described security assessment information comprises system configuration error message, described Java.policy can comprise amendment or reset system configuration, and/or, the information of read/write registration table continuous item;
When described security assessment information comprises dangerous software information, described Java.policy can comprise the reading of described software and the information of deletion;
Share information when described security assessment information comprises network, described Java.policy can comprise the information of reading that described network shares and deletion.
In specific implementation, described control terminal can also be concentrated to each user terminal in local area network (LAN) and issue unified security strategy, such as timing health check-up, timing patch installing, starting up's item etc. of unified management terminal computer, effectively to alleviate the workload of network management personnel, improve Consumer's Experience.
It should be noted that, for aforesaid embodiment of the method, in order to simple description, therefore it is all expressed as a series of combination of actions, but those skilled in the art should know, the application is not by the restriction of described sequence of movement, because according to the application, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, the embodiment described in specification all belongs to preferred embodiment, and involved action and module might not be that the application is necessary.
With reference to Fig. 2, show the structured flowchart of the system embodiment of a kind of LAN safety assessment of the application, the terminal in described local area network (LAN) comprises control terminal and user terminal, and the present embodiment specifically can comprise with lower module:
Trigger module 201, for triggering the safety detection of user terminal in local area network (LAN);
Be positioned at the data reporting module 202 of user terminal, the safety detection data obtained for user terminal being performed described safety detection report to control terminal;
Be positioned at the security evaluation module 203 of control terminal, for the security assessment information according to received safety detection data genaration current local area network.
In specific implementation, in described local area network (LAN), the safety detection of user terminal can comprise: Viral diagnosis, trojan horse detection, and security breaches detect, and plug-in unit detects, and system rubbish detects, and system configuration detects, and software security detects, and/or network is shared and detected; In this case, described safety detection data can comprise: Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information etc.
In a preferred embodiment of the present application, described safety detection data can also comprise:
Described user terminal according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or network shares information, the safe grading parameters generated according to preset scoring rule;
Described security assessment information comprises network-wide security grading parameters, and, network-wide security information summary sheet, in the present embodiment, described in be positioned at control terminal security evaluation module 203 can comprise following submodule:
Point Data-Statistics submodule, for adding up the safe grading parameters of received each user terminal to send up, generates the network-wide security grading parameters of current local area network;
Organization of Data submodule, for organizing the Virus Info of received each user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, generates the network-wide security information summary sheet of current local area network.
In a preferred embodiment of the present application, described security assessment information can comprise the safe grading parameters of each user terminal, network-wide security grading parameters, and, network-wide security information summary sheet, in this case, the security evaluation module 203 being positioned at control terminal described in can comprise following submodule:
Terminal score submodule, for according to described Virus Info, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, calculates the safe grading parameters of each user terminal according to preset scoring rule;
Dividing Data-Statistics submodule, for adding up the safe grading parameters of described user terminal, generating the network-wide security grading parameters of current local area network;
Organization of Data submodule, for organizing the Virus Info of described user terminal, wooden horse information, safety loophole information, malicious plugins information, system rubbish information, system configuration error message, dangerous software information, and/or, network shares information, generates the network-wide security information summary sheet of current local area network.
More preferably, described security assessment information can also comprise network-wide security rank, described in be positioned at control terminal security evaluation module can also comprise following submodule:
Safe class determination submodule, for the network-wide security grading parameters according to current local area network, according to the network-wide security rank of the level definition determination current local area network preset.
In specific implementation, the embodiment of the present application can also comprise as lower module:
Be positioned at the display module of control terminal, for showing described security assessment information at control terminal;
And/or,
Be positioned at the logger module of control terminal, for described security assessment information being write in the daily record of control terminal.
In a preferred embodiment of the present application, described system can also comprise as lower module:
Be positioned at the policy distribution module 204 of control terminal, for issuing security strategy according to described security assessment information to corresponding user terminal;
Be positioned at the policy enforcement module 205 of user terminal, for performing described security strategy in corresponding user terminal.
As a kind of example of the embodiment of the present application embody rule, described in be positioned at control terminal policy distribution module 204 can comprise following submodule:
Strategy generating submodule, for generating security strategy according to described security assessment information, described security strategy comprises the mark of relative users terminal, and, Java.policy;
Strategy sends submodule, sends security strategy extract notice for described control terminal to user terminal;
The described policy enforcement module 205 being positioned at user terminal can comprise following submodule:
Strategy extracts submodule, extracts notice for described user terminal according to described security strategy, downloads corresponding Java.policy according to user terminal identification from control terminal;
Policy installation submodule, for installing described Java.policy at described user terminal.
In specific implementation, when described security assessment information comprises Virus Info, described Java.policy can comprise virus and read, the information of virus deletion and/or virus isolation;
When described security assessment information comprises wooden horse information, described Java.policy can comprise wooden horse and read, the information that wooden horse is deleted and/or wooden horse is isolated;
When described security assessment information comprises safety loophole information, described Java.policy can comprise the information that patch is downloaded and installed;
When described security assessment information comprises malicious plugins information, described Java.policy can comprise the information that plug-in unit reads and deletes;
When described security assessment information comprises system rubbish information, described Java.policy can comprise the information of system rubbish cleaning;
When described security assessment information comprises system configuration error message, described Java.policy can comprise amendment or reset system configuration, and/or, the information of read/write registration table continuous item;
When described security assessment information comprises dangerous software information, described Java.policy can comprise the reading of described software and the information of deletion;
Share information when described security assessment information comprises network, described Java.policy can comprise the information of reading that described network shares and deletion.
For system embodiment, due to itself and embodiment of the method basic simlarity, so description is fairly simple, relevant part illustrates see the part of embodiment of the method.
The application can be used in numerous general or special purpose computing system environment or configuration.Such as: personal computer, server computer, handheld device or portable set, laptop device, multicomputer system, system, set top box, programmable consumer-elcetronics devices, network PC, minicom, mainframe computer, the distributed computing environment (DCE) comprising above any system or equipment etc. based on microprocessor.
The application can describe in the general context of computer executable instructions, such as program module.Usually, program module comprises the routine, program, object, assembly, data structure etc. that perform particular task or realize particular abstract data type.Also can put into practice the application in a distributed computing environment, in these distributed computing environment (DCE), be executed the task by the remote processing devices be connected by communication network.In a distributed computing environment, program module can be arranged in the local and remote computer-readable storage medium comprising memory device.
Above to the system that method and a kind of LAN safety of a kind of LAN safety assessment that the application provides are assessed, be described in detail, apply specific case herein to set forth the principle of the application and execution mode, the explanation of above embodiment is just for helping method and the core concept thereof of understanding the application; Meanwhile, for one of ordinary skill in the art, according to the thought of the application, all will change in specific embodiments and applications, in sum, this description should not be construed as the restriction to the application.