CN102957695A - Enterprise intranet terminal safety maintenance method and device - Google Patents
Enterprise intranet terminal safety maintenance method and device Download PDFInfo
- Publication number
- CN102957695A CN102957695A CN2012104149001A CN201210414900A CN102957695A CN 102957695 A CN102957695 A CN 102957695A CN 2012104149001 A CN2012104149001 A CN 2012104149001A CN 201210414900 A CN201210414900 A CN 201210414900A CN 102957695 A CN102957695 A CN 102957695A
- Authority
- CN
- China
- Prior art keywords
- corporate intranet
- project
- detection result
- strategy
- reparation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses an enterprise intranet terminal safety maintenance method and device. The method comprises the following steps: getting a safety detection result of an enterprise intranet terminal; matching the safety detection result of the enterprise intranet terminal with a preset safety strategy level, wherein the safety strategy level comprises a repair project and a repair strategy corresponding to the repair project, and the matching is used for judging whether the safety detection result of the enterprise intranet terminal has a corresponding repair project or not; and if the safety detection result of the enterprise intranet terminal has a corresponding repair project, carrying out repairing operation by adopting the repair strategy corresponding to the repair project. According to the method and the device, disclosed by the invention, enterprise network management efficiency can be improved and network management cost can be reduced.
Description
Technical field
The present invention relates to the computer security technique field, be specifically related to a kind of corporate intranet terminal security maintaining method and a kind of corporate intranet terminal security attending device.
Background technology
Along with the development of information age, increasing company information is placed in enterprise's inside and outside network environment, and network management becomes the problem that enterprise security can not be ignored.
Network management refers to plan, supervise, control the use of Internet resources and the comings and goings of network, so that the performance of network reaches optimum.In fact, network management technology is the development that is accompanied by computer, network and the communication technology, and the two complements each other.Classify from the network management category, can be divided into the management to net " road ": namely manage for backbone networks such as switch, routers; Management to access device: namely inner PC, server, switch etc. are managed; Management to behavior: i.e. use for the user manages; Management to assets: namely add up the information of IT software and hardware etc.Generally speaking, network management has five functional: failure management, configuration management, performance management, safety management and accounting management.
At present, the safety problem of all kinds that occurs in the enterprise network, need the network manager manually to repair network security problem, show the tradition leak reparation tabulation according to the present invention with reference to Fig. 1, the network manager need to understand first the description of patch, select uninstalled client computer, determine whether will repair these leaks again.To be the network manager may not know this reparation of which problem in the face of in numerous safety problems to the problem that may occur like this, repaired what risk that can occur other after which safety problem.In addition, in the many situations of safety problem, the network manager also needs to repair one by one each safety problem, and operation is comparatively complicated and waste time and energy.
Therefore, those skilled in the art's technical problem in the urgent need to address is: a kind of corporate intranet terminal security maintenance mechanism is provided, thereby improves enterprise network management efficient, save network administration cost.
Summary of the invention
In view of the above problems, the present invention has been proposed in order to a kind of overcome the problems referred to above or a kind of corporate intranet terminal security maintaining method that addresses the above problem at least in part and corresponding a kind of corporate intranet terminal security attending device are provided.
According to one aspect of the present invention, a kind of corporate intranet terminal security maintaining method is provided, comprising:
Obtain the safety detection result of corporate intranet terminal;
The safety detection result of described corporate intranet terminal is mated with the security policy grade of presetting; Wherein, described security policy grade comprises rehablitation project and repairs accordingly strategy with rehablitation project whether described coupling exists corresponding rehablitation project for the safety detection result of judging described corporate intranet terminal;
If rehablitation project corresponding to the safety detection result of described corporate intranet terminal existence then adopts described and rehablitation project is repaired strategy reparation accordingly.
Alternatively, described method also comprises:
The reparation result who shows described rehablitation project.
Alternatively, described reparation strategy comprises automatic reparation strategy, if there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, then adopts described and rehablitation project to repair accordingly the step that strategy repairs and comprises:
If there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, the reparation strategy of the rehablitation project that described safety detection result is corresponding is sent to the corporate intranet terminal;
Receive the reparation result that the corporate intranet terminal is returned, described reparation result is the result who is repaired the safety detection result corresponding with rehablitation project by the corporate intranet terminal according to described automatic reparation strategy.
Alternatively, described rehablitation project comprises the leak rehablitation project, wooden horse killing project, plug-in unit cleaning project, system safety project, security configuration project.
Alternatively, described security policy grade comprises advanced security strategy grade, intermediate security policy grade, rudimentary security policy grade and custom security strategy grade.
Alternatively, the step of the safety detection result of described acquisition corporate intranet terminal is finished by the WEB server, and described safety detection result with the corporate intranet terminal is finished by database server with the step that the security policy grade of presetting mates.
Alternatively, described safety detection result is the physical examination result to default project.
According to a further aspect in the invention, provide a kind of corporate intranet terminal security attending device, having comprised:
Corporate intranet end results acquisition module is suitable for obtaining the safety detection result of corporate intranet terminal;
Matching module is suitable for the safety detection result of described corporate intranet terminal is mated with the security policy grade of presetting; Wherein, described security policy grade comprises rehablitation project and repairs accordingly strategy with rehablitation project whether described coupling exists corresponding rehablitation project for the safety detection result of judging described corporate intranet terminal, if then call the reparation module;
The reparation module is suitable for adopting described and rehablitation project is repaired strategy reparation accordingly.
Alternatively, described device also comprises:
Display module is suitable for showing the reparation result of described rehablitation project.
Alternatively, described reparation strategy comprises automatic reparation strategy, and described reparation module further comprises:
Safety detection result sends submodule, is suitable for when there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, and the reparation strategy of the rehablitation project that described safety detection result is corresponding is sent to the corporate intranet terminal;
Repair the result and receive submodule, be suitable for receiving the reparation result that the corporate intranet terminal is returned, described reparation result is the result who is repaired the safety detection result corresponding with rehablitation project by the corporate intranet terminal according to described automatic reparation strategy.
According to a kind of corporate intranet terminal security maintaining method of the present invention and device the reparation strategy can be set once by the rehablitation project that is checked through for each corporate intranet terminal, solve thus the efficient that the each all problems of manual maintenance system of network manager have obtained the enterprise safety management, reduced the beneficial effect of enterprise IT management cost.
Above-mentioned explanation only is the general introduction of technical solution of the present invention, for can clearer understanding technological means of the present invention, and can be implemented according to the content of specification, and for above and other objects of the present invention, feature and advantage can be become apparent, below especially exemplified by the specific embodiment of the present invention.
Description of drawings
By reading hereinafter detailed description of the preferred embodiment, various other advantage and benefits will become cheer and bright for those of ordinary skills.Accompanying drawing only is used for the purpose of preferred implementation is shown, and does not think limitation of the present invention.And in whole accompanying drawing, represent identical parts with identical reference symbol.In the accompanying drawings:
Fig. 1 shows the tradition leak reparation tabulation according to the present invention;
Fig. 2 shows the flow chart of steps of a kind of according to an embodiment of the invention corporate intranet terminal security maintaining method embodiment 1;
Fig. 3 shows according to an embodiment of the invention security centre's Organization Chart of enterprise network;
Fig. 4 shows the according to an embodiment of the invention interaction figure at enterprise network security center;
Fig. 5 shows the flow chart of steps of a kind of according to an embodiment of the invention corporate intranet terminal security maintaining method embodiment 2;
Fig. 6 shows the structured flowchart of a kind of according to an embodiment of the invention corporate intranet terminal security attending device embodiment;
Fig. 7 shows the structured flowchart of a kind of according to an embodiment of the invention corporate intranet Control Server embodiment.
Embodiment
Exemplary embodiment of the present disclosure is described below with reference to accompanying drawings in more detail.Although shown exemplary embodiment of the present disclosure in the accompanying drawing, yet should be appreciated that and to realize the disclosure and the embodiment that should do not set forth limits here with various forms.On the contrary, it is in order to understand the disclosure more thoroughly that these embodiment are provided, and can with the scope of the present disclosure complete convey to those skilled in the art.
One of core idea of the embodiment of the invention is, with enterprise security manager software intelligent automation, the network manager is only with security policy grade once is set, arrange for the rehablitation project in the security policy grade in advance and repair strategy, server just can be repaired according to security policy grade when finding all kinds of dangerous automatically, and do not need the network manager manually to repair various safety problems, the network manager of side processes all kinds of safety problems in the enterprise network, simple efficient, intelligence makes network manager's supervising the network simpler automatically.
With reference to Fig. 2, show the flow chart of steps of a kind of according to an embodiment of the invention corporate intranet terminal security maintaining method embodiment 1, specifically can may further comprise the steps:
Step 201: the safety detection result that obtains the corporate intranet terminal;
In specific implementation, an enterprise network can comprise one or more corporate intranet terminals, each corporate intranet terminal relies on fail-safe software and regularly carries out safety detection, described safety detection is the health check-up to default project in the system, and safety detection result (physical examination result) is reported in the server.
As a kind of preferred exemplary of present embodiment, the safety detection result of corporate intranet terminal can comprise security breaches, dangerous of wooden horse, installation difference comment whether plug-in unit, real-time protection close, the dangerous contents such as (being tampered such as homepage) of system.
Step 202: safety detection result and the security policy grade of presetting of described corporate intranet terminal are mated; Wherein, described security policy grade comprises rehablitation project and repairs accordingly strategy with rehablitation project whether described coupling exists corresponding rehablitation project for the safety detection result of judging described corporate intranet terminal;
Particularly, security strategy refers to network manager or CIO(Chief Information Officer, chief information officer) the action strategy formulated according to institutional risk and Security Target.In embodiments of the present invention, security policy grade can be divided into advanced security strategy grade, intermediate security policy grade, rudimentary security policy grade and custom security strategy grade, can comprise rehablitation project and repair accordingly strategy with rehablitation project for every kind of security policy grade, wherein, custom security strategy grade is that the keeper sets the reparation strategy for each rehablitation project in advance according to actual conditions.
As a kind of example, various rehablitation projects in advanced security strategy grade, intermediate security policy grade, the rudimentary security policy grade and repair accordingly strategy as shown in the following Table 1 with rehablitation project:
Table 1
As can be seen from Table 1, rehablitation project can comprise the leak rehablitation project, wooden horse killing project, and plug-in unit cleaning project, the system safety project, the security configuration project for every kind of rehablitation project, has concrete reparation item and reaches and a reparation corresponding reparation strategy;
Wherein, the leak reparation refers to the reparation to system vulnerability, system vulnerability refers to that operating system is in the mistake of the defective in the logical design or generation when writing, this defective or mistake can be utilized by illegal person or computer hacker, attack or control whole computer by implanting the modes such as wooden horse, virus, thereby steal capsule information and information in the computer, even destruction operating system, as a kind of preferred exemplary of present embodiment, system vulnerability can comprise detection Loopholes of OS, office leak, third party's security update etc.;
The wooden horse killing refers to the killing to trojan horse program, trojan horse program is present popular virus document, from general viral different, it can self-reproduction, do not remove to infect alternative document " deliberately " yet, it is by pretending self to attract the user to download execution, provide and open by kind of the door of person's computer to executing kind of a wooden horse person, make and execute kind of person and can damage arbitrarily, steal by kind of person's file, even remote control is by kind of person's computer, a kind of preferred exemplary as present embodiment, trojan horse program can comprise the detailed programs under the wooden horse killing project shown in the table 1, for example cloud security detection system key position risk, whether detect the browser shortcut is tampered, detect IE homepage relevant item risk, detect default value risk corresponding to " replacement web setting " etc.;
The plug-in unit cleaning, refer to the cleaning to plug-in unit, plug-in unit refers to the program that a kind of application programming interfaces of following certain standard are write out, some program needs the support of some plug-in units in the computer system, wherein these plug-in unit classifications are various, having some Malwares after computer is poisoned attacks computer, these malicious plugins can be downloaded Virus Info, computer system is destroyed, control etc., a kind of preferred exemplary as present embodiment, plug-in unit can comprise the plug-in unit cleaning project shown in the table 1, for example detects dynamic load item risk, detect the poor plug-in unit risk of commenting, detect ActiveX control risk etc.;
System safety, refer within systems life cycle, use system safety engineering and system security management method, dangerous matter sources in the identification system, and take effective control measure to make it dangerous minimum, thereby make system in performance, time and the cost scope of regulation, reach best safe coefficient, as a kind of preferred exemplary of present embodiment, system safety can comprise the system safety project shown in the table 1, such as detecting the remote desktop risk, detecting Windows self-starting item risk etc.;
Security configuration refers to affect the configuration of system safety, and as a kind of preferred exemplary of present embodiment, security configuration can comprise the security configuration project shown in the table 1, such as opening the wooden horse fire compartment wall, opening net purchase bodyguard etc.
In specific implementation, the network manager arranges security policy grade in advance in server, server receives the safety detection result of corporate intranet terminal, the safety detection result of described corporate intranet terminal can comprise a plurality of dangerous, each dangerous item and the rehablitation project in the security policy grade of presetting are mated, judge whether the safety detection result of corporate intranet terminal exists corresponding rehablitation project.
Step 203: if there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, then adopt rehablitation project to repair accordingly strategy reparation;
In a preferred embodiment of the present invention, described reparation strategy can comprise automatic reparation strategy, and step 203 can comprise following substep:
Substep S11: if there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, the reparation strategy of the rehablitation project that described safety detection result is corresponding is sent to the corporate intranet terminal;
Substep S12: receive the reparation result that the corporate intranet terminal is returned, described reparation result is the result who is repaired the safety detection result corresponding with rehablitation project by the corporate intranet terminal according to described automatic reparation strategy.
Wherein, described automatic reparation strategy can comprise automatic reparation and automatically open.
In specific implementation, described reparation strategy can also comprise ignores strategy, if there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, and the reparation strategy of described rehablitation project is when ignoring strategy, server with described ignore the operation be sent to the network manager, repair described safety detection result by the network manager.
For example: safety detection result is to be checked through a difference to comment plug-in unit, and id is the 000328:11 plug-in unit.If it is to ignore that the detection difference of the plug-in unit killing project that arranges in security strategy is commented the reparation strategy of plug-in unit risk, then can generate information, the informing network administrator hand is cleared up described difference and is commented plug-in unit.
In fact, step 101 can be finished at the WEB server end, and step 102 can be finished in database server side, and step 103 can be finished at the publisher server end; Show according to an embodiment of the invention security centre's Organization Chart of enterprise network with reference to Fig. 3, represented that WEB server, database server, publisher server are at the framework at enterprise network security center, can find out, the network manager is by the whole enterprise network of WEB server admin, each corporate intranet terminal in the enterprise network returns the corporate intranet end message to the WEB server by publisher server, then shows the network manager.
Show the according to an embodiment of the invention interaction figure at enterprise network security center with reference to figure 4, represented that the WEB server, database server, publisher server, corporate intranet terminal, network manager of Fig. 3 are in the reciprocal process at enterprise network security center.Can find out, the network manager comes the management enterprise network security by security policy grade is set, the WEB server safety detection result security strategy of Administrator is top and the corporate intranet terminal received is kept in the database server, database server is after the safety detection result that receives each corporate intranet terminal, inquire about the security policy grade of described storage, judge that whether described safety detection result is complementary with the rehablitation project of default security policy grade, and described matching result returned in the WEB server, described matching result can comprise and have occurrence and do not have occurrence; If there is occurrence, then obtains the reparation strategy of described safety detection result in default rehablitation project, and described reparation strategy is returned in the WEB server; If repairing tactful is automatically to repair strategy, the WEB server issues automatically repairs strategy to publisher server, by publisher server described issuing repaired tactful corporate intranet terminal corresponding to safety detection result that be sent to, the corporate intranet terminal is repaired in the rehablitation project dangerous automatically according to automatic reparation strategy, and the reparation result (result) of described automatic reparation strategy reported the WEB server, the WEB server is sent to database server with the result that receives and preserves; If there is not occurrence, then the WEB server returns described safety detection result to the network manager, is manually repaired by the network manager.
For example: safety detection result is to be checked through high-risk leak a: KB231243, id is 000003, the leak type is 1, if the reparation strategy of " the detection Loopholes of OS " of the leak rehablitation project of security strategy is automatic reparation, then automatically issue the operation of this leak of reparation to the corporate intranet terminal, the corporate intranet terminal is repaired described leak after receiving described reparation strategy automatically, and result is reported to server.
With reference to Fig. 5, show the flow chart of steps of a kind of according to an embodiment of the invention corporate intranet terminal security maintaining method embodiment 2, specifically can may further comprise the steps:
Step 501: the safety detection result that obtains the corporate intranet terminal;
In specific implementation, an enterprise network can comprise one or more corporate intranet terminals, each corporate intranet terminal relies on fail-safe software and regularly carries out safety detection, described safety detection is the health check-up to default project in the system, and safety detection result (physical examination result) is reported in the server.
As a kind of preferred exemplary of present embodiment, the safety detection result of corporate intranet terminal can comprise security breaches, dangerous of wooden horse, installation difference comment whether plug-in unit, real-time protection close, the dangerous contents such as (being tampered such as homepage) of system.
Step 502: safety detection result and the security policy grade of presetting of described corporate intranet terminal are mated; Wherein, described security policy grade comprises rehablitation project and repairs accordingly strategy with rehablitation project whether described coupling exists corresponding rehablitation project for the safety detection result of judging described corporate intranet terminal.
Particularly, security policy grade can be divided into advanced security strategy grade, intermediate security policy grade, rudimentary security policy grade and custom security strategy grade, can comprise rehablitation project and repair accordingly strategy with rehablitation project for every kind of security policy grade, wherein, rehablitation project can comprise the leak rehablitation project, wooden horse killing project, plug-in unit cleaning project, the system safety project, the security configuration project, for every kind of rehablitation project, have concrete reparation item and repair a corresponding strategy of repairing.
In specific implementation, the network manager arranges security policy grade in advance in server, server receives the safety detection result of corporate intranet terminal, the safety detection result of described corporate intranet terminal can comprise a plurality of dangerous, each dangerous item is mated with the rehablitation project in the security policy grade, judge whether the safety detection result of corporate intranet terminal exists corresponding rehablitation project.
Step 503: if there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, then adopt rehablitation project to repair accordingly strategy reparation;
In a preferred embodiment of the present invention, described reparation strategy can comprise automatic reparation strategy, and step 503 can comprise following substep:
Substep S21: if there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, the reparation strategy of the rehablitation project that described safety detection result is corresponding is sent to the corporate intranet terminal;
Substep S22: receive the reparation result that the corporate intranet terminal is returned, described reparation result is the result who is repaired the safety detection result corresponding with rehablitation project by the corporate intranet terminal according to described automatic reparation strategy.
Wherein, described automatic reparation strategy can comprise automatic reparation and automatically open.
In specific implementation, described reparation strategy can also comprise ignores strategy, if there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, and the reparation strategy of described rehablitation project for ignoring strategy is, server with described ignore the operation be sent to the network manager, repair described safety detection result by the network manager.
Step 504: the reparation result who shows described rehablitation project.
Particularly, described reparation result can comprise: the corporate intranet terminal number of enterprise network, project name, action name and the time etc. of carrying out each number of repairing the rehablitation project of strategy, described displaying, the corresponding reparation strategy of each corporate intranet terminal execution.
In specific implementation, described step 501,503,504 are arranged in the WEB server, described step 502 is arranged in database server, the keeper comes the management enterprise network security by security policy grade is set, the WEB server safety detection result security strategy of Administrator is top and the corporate intranet terminal received is kept in the database server, database server is after the safety detection result that receives each corporate intranet terminal, inquire about the security policy grade of described storage, judge that whether described safety detection result is complementary with the rehablitation project of default security policy grade, and described matching result returned in the WEB server, described matching result can comprise and have occurrence and do not have occurrence; If there is occurrence, then obtains the reparation strategy of described safety detection result in default rehablitation project, and described reparation strategy is returned in the WEB server; If repairing tactful is automatically to repair strategy, the WEB server issues automatically repairs strategy to publisher server, by publisher server described issuing repaired tactful corporate intranet terminal corresponding to safety detection result that be sent to, the corporate intranet terminal is repaired in the rehablitation project dangerous automatically according to automatic reparation strategy, and the reparation result (result) of described automatic reparation strategy reported the WEB server, the WEB server is sent to database server with the result that receives and preserves; If there is not occurrence, then the WEB server returns described safety detection result to the network manager, is manually repaired by the network manager, is showed by the WEB server at last and repairs the result.
Need to prove, for embodiment of the method, for simple description, so it all is expressed as a series of combination of actions, but those skilled in the art should know, the present invention is not subjected to the restriction of described sequence of movement, because according to the present invention, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, the embodiment described in the specification all belongs to preferred embodiment, and related action and module might not be that the present invention is necessary.
With reference to Fig. 6, show the structured flowchart of a kind of according to an embodiment of the invention corporate intranet terminal security attending device embodiment, specifically can comprise with lower module:
Corporate intranet end results acquisition module 601 is suitable for obtaining the safety detection result of corporate intranet terminal;
As a kind of preferred exemplary of present embodiment, the safety detection result of corporate intranet terminal can comprise security breaches, dangerous of wooden horse, installation difference comment whether plug-in unit, real-time protection close, the dangerous contents such as (being tampered such as homepage) of system.
Particularly, security policy grade can be divided into advanced security strategy grade, intermediate security policy grade, rudimentary security policy grade and custom security strategy grade, can comprise rehablitation project and repair accordingly strategy with rehablitation project for every kind of security policy grade.
Rehablitation project can comprise the leak rehablitation project, wooden horse killing project, and plug-in unit cleaning project, the system safety project, the security configuration project for every kind of rehablitation project, has concrete reparation item and repairs a corresponding strategy of repairing.
In a preferred embodiment of the present invention, described reparation strategy can comprise automatic reparation strategy, repairs module 603 and can comprise following submodule:
Safety detection result sends submodule, is suitable for when there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, and the reparation strategy of the rehablitation project that described safety detection result is corresponding is sent to the corporate intranet terminal;
Repair the result and receive submodule, be suitable for receiving the reparation result that the corporate intranet terminal is returned, described reparation result is the result who is repaired the safety detection result corresponding with rehablitation project by the corporate intranet terminal according to described automatic reparation strategy.
In specific implementation, described reparation strategy can also comprise ignores strategy, if there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, and the reparation strategy of described rehablitation project for ignoring strategy is, server with described ignore the operation be sent to the network manager, repair described safety detection result by the network manager.
In specific implementation, corporate intranet end results acquisition module 601, reparation module 603, display module 604 are arranged in the WEB server, and described matching module 602 is arranged in database server.The keeper comes the management enterprise network security by security policy grade is set, the WEB server safety detection result security strategy of Administrator is top and the corporate intranet terminal received is kept in the database server, database server is after the safety detection result that receives each corporate intranet terminal, inquire about the security policy grade of described storage, judge that whether described safety detection result is complementary with the rehablitation project of default security policy grade, and described matching result returned in the WEB server, described matching result can comprise and have occurrence and do not have occurrence; If there is occurrence, then obtains the reparation strategy of described safety detection result in default rehablitation project, and described reparation strategy is returned in the WEB server; If repairing tactful is automatically to repair strategy, the WEB server issues automatically repairs strategy to publisher server, by publisher server described issuing repaired tactful corporate intranet terminal corresponding to safety detection result that be sent to, the corporate intranet terminal is repaired in the rehablitation project dangerous automatically according to automatic reparation strategy, and the reparation result (result) of described automatic reparation strategy reported the WEB server, the WEB server is sent to database server with the result that receives and preserves; If there is not occurrence, then the WEB server returns described safety detection result to the network manager, is manually repaired by the network manager, is showed by the WEB server at last and repairs the result.
For device embodiment shown in Figure 6, because itself and preceding method embodiment basic simlarity, so describe fairly simplely, relevant part gets final product referring to the part explanation of embodiment of the method.
With reference to Fig. 7, show the structured flowchart of a kind of according to an embodiment of the invention corporate intranet Control Server embodiment, specifically can comprise WEB server 701, database server 702, wherein,
Described WEB server 701 is suitable for obtaining the safety detection result of corporate intranet terminal and the security policy grade of acceptance presupposition, and wherein, described security policy grade comprises rehablitation project and repairs accordingly strategy with rehablitation project; Acceptance is from the matching result of database server; Adopt according to described matching result and describedly to repair accordingly strategy with rehablitation project and repair safety detection result;
As a kind of preferred exemplary of present embodiment, described safety detection result is that described rehablitation project can comprise the leak rehablitation project to the physical examination result of default project, wooden horse killing project, plug-in unit cleaning project, system safety project, security configuration project; Described security policy grade can comprise advanced security strategy grade, intermediate security policy grade, rudimentary security policy grade and custom security strategy grade.
In a preferred embodiment of the present invention, described WEB server 701 can also be suitable for showing the reparation result of described rehablitation project.
Described database server 702 is suitable for preserving the safety detection result of described corporate intranet terminal and default security policy grade, and the safety detection result of described corporate intranet terminal is mated with the security policy grade of presetting; Wherein, whether described coupling exists corresponding rehablitation project for the safety detection result of judging described corporate intranet terminal.
In a preferred embodiment of the present invention, described corporate intranet Control Server can also comprise publisher server 703, described publisher server is connected with described corporate intranet terminal, and what be suitable for the WEB server is issued repairs accordingly strategy with rehablitation project and be sent to the corporate intranet terminal.
Particularly, the keeper comes the management enterprise network security by security policy grade is set, the WEB server safety detection result security strategy of Administrator is top and the corporate intranet terminal received is kept in the database server, database server is after the safety detection result that receives each corporate intranet terminal, inquire about the security policy grade of described storage, judge that whether described safety detection result is complementary with the rehablitation project of default security policy grade, and described matching result returned in the WEB server, described matching result can comprise and have occurrence and do not have occurrence; If there is occurrence, then obtains the reparation strategy of described safety detection result in default rehablitation project, and described reparation strategy is returned in the WEB server; If repairing tactful is automatically to repair strategy, the WEB server issues automatically repairs strategy to publisher server, by publisher server described issuing repaired tactful corporate intranet terminal corresponding to safety detection result that be sent to, the corporate intranet terminal is repaired in the rehablitation project dangerous automatically according to automatic reparation strategy, and the reparation result (result) of described automatic reparation strategy reported the WEB server, the WEB server is sent to database server with the result that receives and preserves; If there is not occurrence, then the WEB server returns described safety detection result to the network manager, is manually repaired by the network manager, is showed by the WEB server at last and repairs the result.
For embodiment illustrated in fig. 7, because itself and preceding method embodiment basic simlarity, so describe fairly simplely, relevant part gets final product referring to the part explanation of embodiment of the method.Each embodiment in this specification all adopts the mode of going forward one by one to describe, and what each embodiment stressed is and the difference of other embodiment that identical similar part is mutually referring to getting final product between each embodiment.
Intrinsic not relevant with any certain computer, virtual system or miscellaneous equipment with demonstration at this algorithm that provides.Various general-purpose systems also can be with using based on the teaching at this.According to top description, it is apparent constructing the desired structure of this type systematic.In addition, the present invention is not also for any certain programmed language.Should be understood that and to utilize various programming languages to realize content of the present invention described here, and the top description that language-specific is done is in order to disclose preferred forms of the present invention.
In the specification that provides herein, a large amount of details have been described.Yet, can understand, embodiments of the invention can be put into practice in the situation of these details not having.In some instances, be not shown specifically known method, structure and technology, so that not fuzzy understanding of this description.
Similarly, be to be understood that, in order to simplify the disclosure and to help to understand one or more in each inventive aspect, in the description to exemplary embodiment of the present invention, each feature of the present invention is grouped together in single embodiment, figure or the description to it sometimes in the above.Yet the method for the disclosure should be construed to the following intention of reflection: namely the present invention for required protection requires the more feature of feature clearly put down in writing than institute in each claim.Or rather, as following claims reflected, inventive aspect was to be less than all features of the disclosed single embodiment in front.Therefore, follow claims of embodiment and incorporate clearly thus this embodiment into, wherein each claim itself is as independent embodiment of the present invention.
Those skilled in the art are appreciated that and can adaptively change and they are arranged in one or more equipment different from this embodiment the module in the equipment among the embodiment.Can be combined into a module or unit or assembly to the module among the embodiment or unit or assembly, and can be divided into a plurality of submodules or subelement or sub-component to them in addition.In such feature and/or process or unit at least some are mutually repelling, and can adopt any combination to disclosed all features in this specification (comprising claim, summary and the accompanying drawing followed) and so all processes or the unit of disclosed any method or equipment make up.Unless in addition clearly statement, disclosed each feature can be by providing identical, being equal to or the alternative features of similar purpose replaces in this specification (comprising claim, summary and the accompanying drawing followed).
In addition, those skilled in the art can understand, although embodiment more described herein comprise some feature rather than further feature included among other embodiment, the combination of the feature of different embodiment means and is within the scope of the present invention and forms different embodiment.For example, in the following claims, the one of any of embodiment required for protection can be used with compound mode arbitrarily.
All parts embodiment of the present invention can realize with hardware, perhaps realizes with the software module of moving at one or more processor, and perhaps the combination with them realizes.It will be understood by those of skill in the art that and to use in practice microprocessor or digital signal processor (DSP) to realize according to some or all some or repertoire of parts in the corporate intranet terminal security service equipment of the embodiment of the invention.The present invention can also be embodied as be used to part or all equipment or the device program (for example, computer program and computer program) of carrying out method as described herein.Such realization program of the present invention can be stored on the computer-readable medium, perhaps can have the form of one or more signal.Such signal can be downloaded from internet website and obtain, and perhaps provides at carrier signal, perhaps provides with any other form.
It should be noted above-described embodiment the present invention will be described rather than limit the invention, and those skilled in the art can design alternative embodiment in the situation of the scope that does not break away from claims.In the claims, any reference symbol between bracket should be configured to limitations on claims.Word " comprises " not to be got rid of existence and is not listed in element or step in the claim.Being positioned at word " " before the element or " one " does not get rid of and has a plurality of such elements.The present invention can realize by means of the hardware that includes some different elements and by means of the computer of suitably programming.In having enumerated the unit claim of some devices, several in these devices can be to come imbody by same hardware branch.The use of word first, second and C grade does not represent any order.Can be title with these word explanations.
Claims (10)
1. corporate intranet terminal security maintaining method comprises:
Obtain the safety detection result of corporate intranet terminal;
The safety detection result of described corporate intranet terminal is mated with the security policy grade of presetting; Wherein, described security policy grade comprises rehablitation project and repairs accordingly strategy with rehablitation project whether described coupling exists corresponding rehablitation project for the safety detection result of judging described corporate intranet terminal;
If rehablitation project corresponding to the safety detection result of described corporate intranet terminal existence then adopts described and rehablitation project is repaired strategy reparation accordingly.
2. the method for claim 1 also comprises:
The reparation result who shows described rehablitation project.
3. the method for claim 1, described reparation strategy comprises automatic reparation strategy, if there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, then adopts described and rehablitation project to repair accordingly the step that strategy repairs and comprises:
If there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, the reparation strategy of the rehablitation project that described safety detection result is corresponding is sent to the corporate intranet terminal;
Receive the reparation result that the corporate intranet terminal is returned, described reparation result is the result who is repaired the safety detection result corresponding with rehablitation project by the corporate intranet terminal according to described automatic reparation strategy.
4. such as claim 1 or 2 or 3 described methods, described rehablitation project comprises the leak rehablitation project, wooden horse killing project, plug-in unit cleaning project, system safety project, security configuration project.
5. the method for claim 1, described security policy grade comprises advanced security strategy grade, intermediate security policy grade, rudimentary security policy grade and custom security strategy grade.
6. the method for claim 1, the step of the safety detection result of described acquisition corporate intranet terminal is finished by the WEB server, and described safety detection result with the corporate intranet terminal is finished by database server with the step that the security policy grade of presetting mates.
7. the method for claim 1, described safety detection result are the physical examination result to default project.
8. corporate intranet terminal security attending device comprises:
Corporate intranet end results acquisition module is suitable for obtaining the safety detection result of corporate intranet terminal;
Matching module is suitable for the safety detection result of described corporate intranet terminal is mated with the security policy grade of presetting; Wherein, described security policy grade comprises rehablitation project and repairs accordingly strategy with rehablitation project whether described coupling exists corresponding rehablitation project for the safety detection result of judging described corporate intranet terminal, if then call the reparation module;
The reparation module is suitable for adopting described and rehablitation project is repaired strategy reparation accordingly.
9. device as claimed in claim 8 also comprises:
Display module is suitable for showing the reparation result of described rehablitation project.
10. device as claimed in claim 8, described reparation strategy comprises automatic reparation strategy, described reparation module further comprises:
Safety detection result sends submodule, is suitable for when there is corresponding rehablitation project in the safety detection result of described corporate intranet terminal, and the reparation strategy of the rehablitation project that described safety detection result is corresponding is sent to the corporate intranet terminal;
Repair the result and receive submodule, be suitable for receiving the reparation result that the corporate intranet terminal is returned, described reparation result is the result who is repaired the safety detection result corresponding with rehablitation project by the corporate intranet terminal according to described automatic reparation strategy.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012104149001A CN102957695A (en) | 2012-10-25 | 2012-10-25 | Enterprise intranet terminal safety maintenance method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012104149001A CN102957695A (en) | 2012-10-25 | 2012-10-25 | Enterprise intranet terminal safety maintenance method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102957695A true CN102957695A (en) | 2013-03-06 |
Family
ID=47765920
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012104149001A Pending CN102957695A (en) | 2012-10-25 | 2012-10-25 | Enterprise intranet terminal safety maintenance method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102957695A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103368965A (en) * | 2013-07-18 | 2013-10-23 | 北京随方信息技术有限公司 | Working method for mapping network safety norms to attribution requirements corresponding to network |
| CN107528860A (en) * | 2017-10-12 | 2017-12-29 | 中国科学院计算机网络信息中心 | Network security method of testing, system and storage medium |
| CN113672923A (en) * | 2021-08-20 | 2021-11-19 | 北京安天网络安全技术有限公司 | Security detection method and device, electronic equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101526984A (en) * | 2009-03-16 | 2009-09-09 | 腾讯科技(北京)有限公司 | Method for patching bugs and device thereof |
| CN101719836A (en) * | 2008-10-09 | 2010-06-02 | 联想(北京)有限公司 | Method and device for fault detection |
| CN102023881A (en) * | 2010-12-14 | 2011-04-20 | 福建星网锐捷网络有限公司 | Method and device for upgrading software as well as embedded device |
-
2012
- 2012-10-25 CN CN2012104149001A patent/CN102957695A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101719836A (en) * | 2008-10-09 | 2010-06-02 | 联想(北京)有限公司 | Method and device for fault detection |
| CN101526984A (en) * | 2009-03-16 | 2009-09-09 | 腾讯科技(北京)有限公司 | Method for patching bugs and device thereof |
| CN102023881A (en) * | 2010-12-14 | 2011-04-20 | 福建星网锐捷网络有限公司 | Method and device for upgrading software as well as embedded device |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103368965A (en) * | 2013-07-18 | 2013-10-23 | 北京随方信息技术有限公司 | Working method for mapping network safety norms to attribution requirements corresponding to network |
| CN107528860A (en) * | 2017-10-12 | 2017-12-29 | 中国科学院计算机网络信息中心 | Network security method of testing, system and storage medium |
| CN113672923A (en) * | 2021-08-20 | 2021-11-19 | 北京安天网络安全技术有限公司 | Security detection method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113661693B (en) | Detecting sensitive data exposure via log | |
| US10216938B2 (en) | Recombinant threat modeling | |
| EP3100192B1 (en) | Automated penetration testing device, method and system | |
| US11086983B2 (en) | System and method for authenticating safe software | |
| US8959624B2 (en) | Executable download tracking system | |
| CN102902919A (en) | Method, device and system for identifying and processing suspicious practices | |
| CN103023905B (en) | A kind of equipment, method and system for detection of malicious link | |
| CN102932329A (en) | Method and device for intercepting behaviors of program, and client equipment | |
| CN103077353A (en) | Method and device for actively defending rogue program | |
| CN103020524A (en) | Computer virus monitoring system | |
| CN102868694A (en) | Method, device and system for detecting whether to control client to visit network | |
| Serhane et al. | PLC code-level vulnerabilities | |
| CN104050417A (en) | Method and device for detecting software states at mobile terminal | |
| CN104468563A (en) | Website bug protection method, device and system | |
| CN103049695A (en) | Computer virus monitoring method and device | |
| Miyachi et al. | Myth and reality on control system security revealed by Stuxnet | |
| Livingston et al. | Managing cyber risk in the electric power sector | |
| CN102882875A (en) | Active defense method and device | |
| CN112202704A (en) | Block chain intelligent contract safety protection system | |
| CN102957695A (en) | Enterprise intranet terminal safety maintenance method and device | |
| CN103036896A (en) | Method and system for testing malicious links | |
| Kim et al. | STRIDE‐based threat modeling and DREAD evaluation for the distributed control system in the oil refinery | |
| CN110298179B (en) | Open source framework security vulnerability detection method and device | |
| CN116155531A (en) | Method and device for network equipment security management based on SOAR and electronic equipment | |
| CN102857519B (en) | Active defensive system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20161228 Address after: 100015 Chaoyang District Road, Jiuxianqiao, No. 10, building No. 3, floor 15, floor 17, 1701-26, Applicant after: BEIJING QI'ANXIN SCIENCE & TECHNOLOGY CO., LTD. Address before: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park) Applicant before: Beijing Qihoo Technology Co., Ltd. Applicant before: Qizhi Software (Beijing) Co., Ltd. |