CN104135483B - A kind of network security automatically configures management system - Google Patents
A kind of network security automatically configures management system Download PDFInfo
- Publication number
- CN104135483B CN104135483B CN201410387150.2A CN201410387150A CN104135483B CN 104135483 B CN104135483 B CN 104135483B CN 201410387150 A CN201410387150 A CN 201410387150A CN 104135483 B CN104135483 B CN 104135483B
- Authority
- CN
- China
- Prior art keywords
- configuration
- module
- security
- entry
- scanned
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The present invention provides a kind of network securitys to automatically configure management system, including:Link block is configured, for being attached with object to be scanned;Wherein, object to be scanned include following object in two kinds and more than combination:The network equipment, electronic equipment, system and database;Regular job module, for carrying out operation processing to the object to be scanned after connection;Wherein, the operation processing includes at least:It scans configuration file in the object to be scanned, the entry of the configuration defect in the positioning configuration file and the entry to configuring defect and carries out security configuration reparation;System provided by the invention can be scanned compound object, and it is properly positioned in compound object and configures improperly position, security configuration reparation is carried out to entry of the compound object there are safety defect (it is improper to configure) simultaneously, the compound object is made to meet the standard requirement of configuration, and substantially increases the security of the Profile Up of compound object.
Description
Technical field
The present invention relates to network safety fileds, and management system is automatically configured in particular to a kind of network security.
Background technology
With the development of network technology, information security events quantity rapid increase, security situation allows of no optimist.According to statistics,
2012 national Internet emergency center (CNCERT) receive altogether the report of 19124 network safety events (and do not include scanning and
Spam class event), increased by 24.5% compared with 2011;CNCER coprocessing disparate networks security incidents in 2012 are total to
18805, increased by 72.1% compared with 2011.All in all, network information security event number in China's is in quick in recent years
The gesture of rising directly affects netizen and equity of an enterprise, hinders industry healthy development, and Global Information form of security allows of no optimist.
Now, most domestic enterprise remains in the solution of information security issue on installation antivirus software, so
And it is highly developed instantly in internet, mobile Internet, this safety measure far can not meet enterprise network information
The demand of safety.The webmaster personnel safety consciousness of the network management personnel of most of unit particularly medium-sized and small enterprises is very thin,
And safety protection level is low, and no capacity of will completes most basic network security configuration, and unit is caused to face great peace
Full blast danger.
It is analyzed from substantial amounts of hacker's behavior, the conventional means for being not difficult to obtain hacker attack is as follows:
It is permeated using network and system vulnerability;
Utilize the configuration defect of equipment:Such as not enabled encryption does not open escape way, does not limit root authority, not opening
Effective access control etc.;
Safety is carried out using the logic flaw of business to bypass;
It is accessed using substantial amounts of flow and carries out DDoS (Distributed Denial of Service, distribution refusal clothes
Business) attack.
As long as so carrying out security configuration to equipment, system and software, just it is avoided that most security intrusion threatens.When
It is preceding mainly to have two classes for the correlation technique of security configuration in the market:The first kind is to carry out safety to equipment, system and software to match somebody with somebody
Scanning is put, finds out the place that configuration does not conform to rule;Second class is to carry out security configuration for individual system or equipment.
But above-mentioned two classes technology has the defects of obvious:First kind technology can only bond-allocating it is improperly local,
It cannot be repaired according to correct configuration;Second class technology can only be directed to individual equipment or system is repaired, it is impossible to contain
Cover different equipment (such as network equipment, safety equipment), different system (such as windows, linux) and different software
(such as oracle, mysql).
The content of the invention
It is an object of the invention to provide a kind of network securitys to automatically configure management system, to solve the problem above-mentioned.
A kind of network security is provided in an embodiment of the present invention automatically configures management system, including:
Link block is configured, for being attached with object to be scanned;Wherein, object to be scanned is included in following object
Two kinds and more than combination:The network equipment, electronic equipment, system and database;
Regular job module, for carrying out operation processing to the object to be scanned after connection;Wherein, operation processing is at least wrapped
It includes:The entry and the entry to configuring defect for scanning the configuration defect in object to be scanned in configuration file, bond-allocating file
Carry out security configuration reparation.
Further, which further includes login module;
Login module for verifying identity information input by user, and enters operation interface according to correct identity information,
So that regular job module operates object to be scanned.
Further, which further includes configuration database management module and system management module;
Database management module is configured, for upgrading, importing and the export of the configuration entry in management configuration storehouse, so as to daily behaviour
Make module to be operated according to configuration entry;
System management module, for managing the identity information of user and access right, carrying out system maintenance and recording fortune
Row daily record.
Further, in the system, configuration link block includes:Network equipment link block, electronic equipment link block
With software link block;
Network equipment link block is attached with equipment to be scanned;
Electronic equipment link block is attached with system to be scanned;
Software link block, for carrying out data transmission with software to be scanned.
Further, in the system, object to be scanned includes configuration file;Regular job module includes:Configuration scanning
Module, backup module, configuration module and configuration recovery module;
Scan module is configured, for carrying out security configuration automatic scanning to configuration file, and exports scanning result;
Backup module backs up for Dui with configuration file;
Configuration module, for according to scanning result, security configuration reparation to be carried out to the security configuration defect in configuration file;
Recovery module being configured, during for identifying that configuration module is improperly-configured, configuration file being made to cover configuration module automatically
With the file postponed, repaired with completing configuration.
Further, in the system, configuration module includes:Automatically configure module and manual configuration module;
Module is automatically configured, for according to scanning result, automatic safe to be carried out to the security configuration defect in configuration file
Configuration is repaired;
Manual configuration module, for according to control instruction input by user, to the security configuration defect in configuration file into
Row security configuration reparation.
Further, in the system, regular job module further includes report generation module;
Report generation module, for after configuration scan module and/or configuration module, generating report;Wherein, report
Content can include following information in one or more:Configuration scanning result, security configuration defect are enumerated, configure defect pair
The security risk grade answered automatically configures entry, manual configuration item and configuration and completes front and rear comparative information.
Further, in the system, configuration file includes multiple configuration entries;Configuring database management module includes configuration qurush
Grade module, repository import modul and repository export module;
Repository upgraded module, for updating and expanding the configuration entry in repository;
Repository import modul, for being imported to configuration entry;
Repository export module, for being exported to configuration entry.
Further, in the system, configuration file includes security configuration baseline;Wherein, security configuration baseline includes more
A configuration entry;
Configure scan module for automatic identification and read configuration file in security configuration baseline, and with it is right in repository
The security configuration baseline that prestores answered is compared one by one;The configuration entry inconsistent with security configuration baseline is defined as matching somebody with somebody safely
Put defect, while output safety configuration scanning result.
Further, in the system, system management module includes authorization control module, user management module, system maintenance
Module, system log module and operation log module;
For the identity information according to first order user, permission is allocated management of for first order user for authorization control module;
User management module is subordinate subscriber distribution pipe for the identity information of the subordinate subscriber according to first order user
Permission is managed, and the identity information of subordinate subscriber is managed;
System maintaining module, for upgrading in time to whole system, to be safeguarded to system;
System log module, for carrying out log recording to the operation of system;
Operation log module, for carrying out log recording to the operation of all modules.
A kind of network security provided in an embodiment of the present invention automatically configures management system, with first kind skill of the prior art
Art can only bond-allocating it is improperly local, it is impossible to repaired according to correct configuration;Second class technology can only be directed to individual
Equipment or system are repaired, it is impossible to cover different equipment (such as network equipment, safety equipment), different systems (such as
Windows, linux etc.) it is compared with the scheme of different software (such as oracle, mysql), including:Configure link block,
For being attached with object to be scanned;Wherein, object to be scanned include following object in two kinds and more than combination:Network
Equipment, electronic equipment, system and database;Regular job module, for being operated to the object to be scanned after connection
Processing;Wherein, the operation processing includes at least:Scan configuration file in the object to be scanned, the positioning configuration file
In configuration defect entry and to configure defect entry carry out security configuration reparation;System provided by the invention can be to group
It closes object to be scanned, and is properly positioned in compound object and configures improperly position, while there are safety defects to compound object
The entry of (it is improper to configure) carries out security configuration reparation, and the compound object is made to meet the standard requirement of configuration, and is carried significantly
The high security of the Profile Up of compound object.
Description of the drawings
Fig. 1 shows that a kind of network security provided in an embodiment of the present invention automatically configures the structure diagram of management system;
Fig. 2 shows that a kind of network security provided in an embodiment of the present invention automatically configures regular job module in management system
Structure diagram;
Fig. 3 shows that a kind of network security provided in an embodiment of the present invention automatically configures and library management work is configured in management system
The structure diagram of module;
Fig. 4 shows that a kind of network security provided in an embodiment of the present invention automatically configures system management module in management system
Structure diagram;
Fig. 5 shows the flow chart provided in an embodiment of the present invention that management system is automatically configured using a kind of network security.
Specific embodiment
The present invention is described in further detail below through specific implementation examples and in conjunction with the accompanying drawings.
An embodiment of the present invention provides a kind of network securitys to automatically configure management system, as shown in Figure 1, including:
Link block 102 is configured, for being attached with object to be scanned;Wherein, object to be scanned includes following object
In two kinds and more than combination:The network equipment, electronic equipment, system and database;
Regular job module 103, for carrying out operation processing to the object to be scanned after connection;Wherein, operation processing is extremely
Include less:Scan the entry of the configuration defect in object to be scanned in configuration file, bond-allocating file and to configuration defect
Entry carries out security configuration reparation.
A kind of network security provided in an embodiment of the present invention automatically configures management system, with first kind skill of the prior art
Art can only bond-allocating it is improperly local, it is impossible to repaired according to correct configuration;Second class technology can only be directed to individual
Equipment or system are repaired, it is impossible to cover different equipment (such as network equipment, safety equipment), different systems (such as
Windows, linux etc.) it is compared with the scheme of different software (such as oracle, mysql), including:Configure link block
102, for being attached with object to be scanned;Wherein, object to be scanned include following object in two kinds and more than combination:
The network equipment, electronic equipment, system and database;Regular job module 103, for the object to be scanned after connection into
Row operation processing;Wherein, the operation processing includes at least:It scans configuration file in the object to be scanned, match somebody with somebody described in positioning
The entry and the entry to configuring defect for putting the configuration defect in file carry out security configuration reparation;System provided by the invention was both
Compound object can be scanned, and be properly positioned in compound object and configure improperly position, while existed to compound object and pacify
The entry of full defect (it is improper to configure) carries out security configuration reparation, and the compound object is made to meet the standard requirement of configuration, and
Substantially increase the security of the Profile Up of compound object.
It is connected specifically, configuration link block 102 can carry out configuration with the compound object with scanning.Wherein, combination pair
As that can be:The network equipment and electronic equipment, the network equipment and system, the network equipment and database, the network equipment, electronic equipment
With system, network equipment system and database and 24 kinds of network equipment, electronic equipment, system and database different groups
It closes, wherein, which has different configuration connection modes (example below tool for different compound objects
Body illustrates).
Further, as shown in Figure 1, the system further includes login module 101;
Login module 101 for verifying identity information input by user, and enters operation circle according to correct identity information
Face, so that regular job module 103 operates object to be scanned.
Specifically, each be required for identity information that can just enter operation interface using user, pass through regular job module
103 are operated.
Wherein, user is carried out classification setting by login module 101.Specifically, according to the demand of user and its friendship paid
Easy cost, for example, a company has purchased the system, then we can be arranged to the said firm and open according to the transaction cost of the said firm
The permission put;Then each company according to the grade of intra-company staff, can also be once again set up the right to work of each module
Limit.
Further, as shown in Figure 1, the system further includes configuration database management module 104 and system management module 105;
Database management module 104 is configured, for upgrading, importing and the export of the configuration entry in management configuration storehouse, so as to day
Normal operation module 103 is operated according to configuration entry.Specifically, there is repository in system, it is stored in the repository very much
Configuration file, configuration file are made of multiple configuration entries.The configuration database management module 104 is used to follow the hair of technology
Exhibition, the update and expansion of real-time management configuration entry etc., and the importing and export of control configuration entry as needed.
System management module 105, for managing the identity information of user and access right, carrying out system maintenance and record
Running log.
Specifically, each needs identity information and permission, system management module 105 using the user of the system
Then these information of real-time management.And it is responsible for the update of system, normal operation and log recording is carried out to system operation, to each
The operation of module carries out log recording etc..
Further, as shown in Figure 1, in the system, configuration link block 102 includes:Network equipment link block, electronics
Equipment link block and software link block;Network equipment link block and equipment to be scanned be attached (by Telnet or
Person SSH agreements are remotely connected or carry out locality connection by equipment Console port);Electronic equipment link block is with treating
Scanning system is attached (remotely to be connected, Huo Zhetong by modes such as Telnet, SSH, remote desktop RDP, file-sharing SMB
Cross USB port locality connection);Software (pass through TCP, udp port carry out remotely connect) link block, for software to be scanned into
Row data transmission.
In the present embodiment, the network equipment is referred specifically to as interchanger, hub, interchanger, bridge and router one kind
Equipment;The equipment that electronic equipment refers to computer, tablet computer and mobile terminal one kind;Software is computer application software.Specifically
, electronic equipment link block can be attached with electronic equipment to be scanned and system to be scanned.
Specifically, network equipment link block is by Telnet, either SSH agreements are remotely connected or are passed through equipment
Console port carries out locality connection with equipment to be scanned.Electronic equipment link block by Telnet, SSH, remote desktop RDP,
The modes such as file-sharing SMB remotely connect or carry out locality connection by USB port and system to be scanned;Software by TCP,
Udp port is remotely connected.
Further, as shown in Fig. 2, in the system, object to be scanned includes configuration file;Regular job module 103
Including:Configure scan module 201, backup module 204, configuration module 202 and configuration recovery module 203;Configure scan module
201, for carrying out security configuration automatic scanning to configuration file, and export scanning result;Backup module 204, for pair with
Configuration file is backed up;Configuration module 202, for according to scanning result, being carried out to the security configuration defect in configuration file
Security configuration reparation;Recovery module 203 being configured, during for identifying that configuration module 202 is improperly-configured, configuration file being made to cover automatically
Lid configuration module 202 matches somebody with somebody the file postponed, is repaired with completing configuration.
Specifically, configuration scan module 201 is used to be scanned the configuration file in compound object.Scanning result bag
It includes:Configuration file is errorless and configuration file is wrong.When configuration file is wrong, then configuring scan module 201 can specifically mark
Remember the configuration entry to make mistake.The purpose that backup module 204 backs up the configuration file in compound object is, when configuration mould
When block 202 does not repair the configuration entry of the mistake in configuration file correctly, the configuration of original mistake can be made
Entry covers the configuration entry after repairing again, to revert to reset condition, subsequent configuration module 202 is facilitated to match somebody with somebody the mistake
File is put correctly to be repaired.
Further, as shown in Fig. 2, in the system, configuration module 202 includes:Automatically configure module 206 and manual configuration
Module 207;Module 206 is automatically configured, for according to scanning result, being pacified automatically to the security configuration defect in configuration file
Full configuration is repaired;Manual configuration module 207, for according to control instruction input by user, to the security configuration in configuration file
Defect carries out security configuration reparation.
Specifically, module 206 is automatically configured, when it receives the vicious configuration item of the configuration transmission of scan module 201
After purpose output result, security configuration reparation is carried out to the configuration entry of mistake automatically.So as to avoid user's manual operation, section
The labour of user has been saved, while has also been brought great convenience to the user that will not be operated.
Specifically:The output of configuration scan module 201 is being matched somebody with somebody automatically as a result, can enumerate the configuration entry of mistake one by one
Interface is put, the entry chosen is automatically configured after being made choice by check box to each entry needed to configure,
Key configuration can also be selected to automatically configure all error configurations entries.
And manual configuration module 207, then when it receives the vicious configuration entry of the configuration transmission of scan module 201
It is without any processing after exporting result, until after it receives the control instruction of user, i.e., the configuration entry of mistake is pacified
Full configuration is repaired.
Further, as shown in Fig. 2, in the system, regular job module 103 further includes report generation module 205;Report
Generation module 205, for after configuration scan module 201 and/or configuration module 202, generating report;Wherein, report
Content can include the one or more in following information:Configuration scanning result, security configuration defect are enumerated, configure defect correspondence
Security risk grade, automatically configure entry, manual configuration item and configuration and complete front and rear comparative information.
Specifically, after configuration 201 end of scan of scan module, scanning result can be exported, at this point it is possible to pass through report generation
Module 205 generates report to the scanning result, is checked and carried to print for the convenience of the user.And report at this time
Corresponding result can include it is following in one or more:Configuration scanning result, security configuration defect are enumerated, configure defect
Corresponding security risk grade.
Similarly, after configuration module 202 carries out configuration reparation, reparation can equally be exported as a result, at this point, again may be by reporting
Table generation module 205 generates report to the reparation result, is checked and carried to print for the convenience of the user.And this
When report corresponding to result can include it is following in one or more:Automatically configure entry, manual configuration item and configuration
Complete front and rear comparative information.
Further, as shown in figure 3, in the system, configuration file includes multiple configuration entries;Configure database management module
104 include repository upgraded module 301, repository import modul 302 and repository export module 303;Repository upgraded module
301, for updating and expanding the configuration entry in repository;Repository import modul 302, for being led to configuration entry
Enter;Repository export module 303, for being exported to configuration entry.
Specifically, repository upgraded module 301 is used to that the configuration entry in repository to be upgraded, updated and expanded in time
It fills.Such as:Expired configuration entry is deleted, increases new configuration entry, adjusts the order etc. of original configuration entry.
Repository import modul 302 and repository export module 303, for being led when needed to configuration entry
Enter and export.For example, it then needs to pass through, it is necessary to export the entry when user needs to check or change a certain item configuration entry
Repository export module 303 exports corresponding configuration entry.For another example it needs to rise the configuration entry in the repository
Grade, that is, increase new configuration entry, then need to configure storehouse import modul 302 and import new configuration entry.For synthesis, repository
Import modul 302 and repository export module 303 play the role of safeguarding repository.
Further, in the system, configuration file includes security configuration baseline;Wherein, security configuration baseline includes more
A configuration entry;Configure scan module 201 for automatic identification and read configuration file in security configuration baseline, and with configuration
The corresponding security configuration baseline that prestores is compared one by one in storehouse;The configuration entry inconsistent with security configuration baseline is defined as
Security configuration defect, while output safety configuration scanning result.
Specifically, in compound object to be scanned, configuration file includes security configuration baseline, in the security configuration baseline
Including multiple configuration entries;Scan module 201 is configured by the security configuration baseline in compound object to be scanned (containing specific
Configure the order of entry) in repository security configuration baseline (the similary order containing specific configuration entry, and with comparison
The order of configuration entry in object is the same) it is compared, by module to be scanned, different configuration entry after comparison
Security configuration defect is defined as, and is marked, while defeated scanning result.
Further, as shown in figure 4, in the system, system management module 105 includes authorization control module 401, Yong Huguan
Manage module 402, system maintaining module 403, system log module 404 and operation log module 405;Authorization control module 401 is used
In the identity information according to first order user, permission is allocated management of for first order user;User management module 402, for basis
The identity information of the subordinate subscriber of first order user allocates management of permission for subordinate subscriber, and to the identity information of subordinate subscriber
It is managed;System maintaining module 403, for upgrading in time to whole system, to be safeguarded to system;System day
Will module 404, for carrying out log recording to the operation of system;Operation log module 405, for the operation to all modules into
Row log recording.
Specifically, first order user can be a company, a team or individual;If first order user is a public affairs
Department, then the subordinate subscriber of first order user can be the staff in company, specifically, can also be according to these staff
Work position carry out rank division.If first order user is a team, the subordinate subscriber of first order user can be
Personnel in team can also equally carry out the division of rank according to the work division of these personnel;If first order user is a
People, the then power that first order user does not have subordinate subscriber or its subordinate subscriber is its sign language user of service.
User management module 402 is additionally operable to be managed the identity information of user, for example, to the identity information of user into
Row update, deletion, addition and preservation etc..
System maintaining module 403 for upgrading in time to whole system, manages the start of system, shutdown and normal
Operation etc. when system operation is incorrect, in time repairs system and issues an alert indicate that (warning instruction can be sound
Prompting can also be text prompt);System log module 404, for the operation of the start, shutdown and the system failure to system etc.
State carries out log recording, so that user can check its operating status at any time;Operation log module 405, for all moulds
The operation of block carries out log recording, so that user can check its operating status at any time, and when module operation is gone wrong
It waits, user can also find the module to go wrong in time.
It is as follows that the flow of management system work is automatically configured the present invention is based on a kind of above-mentioned network security, as shown in Figure 5:
1001:It opens network address and automatically configures management system, the host where the system, which should have, uses permission, simultaneously
Host where the system should be able to be remotely reachable to configuration object;
1002:Login behaviour control is carried out by system login module, user uses corresponding use according to the role of itself
Name in an account book and password login system, the user of different role can use different function modules.Such as:Administrator may only grasp
Make system login module, configuration database management module and system management module;Operator may only operate regular job module and match somebody with somebody
Put link block.
1003:The long-range connection of equipment, system and software is carried out by configuring link block, main connection mode has
The modes such as Telnet, SSH, remote desktop and teleengineering support are attached.Specifically connection procedure is:It is connected remotely to need to configure
Host and the network equipment → input administrator username and password carry out Telnet → further input corresponding software (in full
According to storehouse, middleware etc.) administrator username and password be attached → confirm and can carry out configuration operation.
1004:After successful connection is configured, safety is carried out to equipment, system and software by configuring scan module 201
Automatic scanning is configured, specific method is the key that automatic identification and reads entry in configuration file, and corresponding with repository
Security configuration baseline compared one by one, will be security configuration defect with the inconsistent configuration definition of baseline, and while export peace
Full configuration scanning result.
1005:Check security configuration scanning output as a result, being confirmed whether there is security configuration defect.
1006:For presence configuration defect as a result, can select to automatically configure module 206 or manual configuration module
207 carry out security configuration reparation.It is that can carry out a key to all configuration defects to automatically configure operation to automatically configure module 206;
And manual configuration module 207 be according to the demand of user itself for it is therein particular or several chosen, then
It can perform to automatically configure and operate or be manually entered relevant configuration order.
1007:After automatic/hand configuration has been performed, it need to confirm whether the configuration of equipment, system and software is correct, be
It is no that there are abnormal conditions.
1008:If identification is improperly-configured, configuration recovery module 203 can be used, which is carrying out automatic/hand
The configuration file of equipment under test or software has just been had backed up before configuration operation, improperly-configured situation has such as occurred, it is only necessary to
It clicks on configuration and recovers option, early period, the configuration file of backup will be covered automatically, completed configuration and resumed work.Then
In addition, after configuration scan operation and automatic/hand configuration operation has been performed, report generation module may be by
205 generate report, and the content of report can cover:Configure scanning result, security configuration defect is enumerated, it is corresponding to configure defect
The information such as front and rear comparison are completed in security risk grade, the entry of automatic/hand configuration, configuration.
All operations that network security automatically configures management system can be by system log module and operation log module
Log recording is carried out, and can be to the carry out query analysis of log recording.
1009:It after all operations have been carried out, can end task, task operating before can be recorded in task list
In, the later stage is facilitated to check and repetitive operation.
System provided by the invention can be scanned compound object, and be properly positioned in compound object and configure improperly
Position, while security configuration reparation is carried out to entry of the compound object there are safety defect (it is improper to configure), make the combination pair
As meeting configuration.
Obviously, those skilled in the art should be understood that each module of the above-mentioned present invention or each step can be with general
Computing device realize that they can concentrate on single computing device or be distributed in multiple computing devices and be formed
Network on, optionally, they can be realized with the program code that computing device can perform, it is thus possible to which they are stored
In the storage device by computing device come perform either they are fabricated to respectively each integrated circuit modules or by they
In multiple modules or step be fabricated to single integrated circuit module to realize.In this way, the present invention is not limited to any specific
Hardware and software combines.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the invention, for the skill of this field
For art personnel, the invention may be variously modified and varied.Within the spirit and principles of the invention, that is made any repaiies
Change, equivalent substitution, improvement etc., should all be included in the protection scope of the present invention.
Claims (9)
1. a kind of network security automatically configures management system, which is characterized in that including:
Link block is configured, for being attached with object to be scanned;Wherein, the object to be scanned is included in following object
Two kinds and more than combination:The network equipment, electronic equipment, operating system and database;
Regular job module, for carrying out operation processing to the object to be scanned after connection;Wherein, the operation processing is extremely
Include less:Scan configuration file in the object to be scanned, the entry of the configuration defect in the positioning configuration file and to institute
The entry for stating configuration defect carries out security configuration reparation;
The object to be scanned includes configuration file;
The regular job module includes:Configure scan module, backup module, configuration module and configuration recovery module;
The configuration scan module for carrying out security configuration automatic scanning to the configuration file, and exports scanning result;
The backup module, for being backed up to the configuration file;
The configuration module, for according to the scanning result, safety to be carried out to the security configuration defect in the configuration file
Configuration is repaired;
The configuration recovery module during for identifying that the configuration module is improperly-configured, makes the configuration file cover automatically
Configuration module matches somebody with somebody the file postponed, is repaired with completing configuration.
2. system according to claim 1, which is characterized in that further include login module;
The login module for verifying identity information input by user, and enters operation according to the correct identity information
Interface, so that the regular job module operates the object to be scanned.
3. system according to claim 1, which is characterized in that further include configuration database management module and system management module;
The configuration database management module, for upgrading, importing and the export of the configuration entry in management configuration storehouse, so as to the day
Normal operation module is operated according to the configuration entry;
The system management module, for managing the identity information of user and access right, carrying out system maintenance and recording fortune
Row daily record.
4. system according to claim 3, which is characterized in that the configuration link block includes:The network equipment connects mould
Block, electronic equipment link block and software link block;
The network equipment link block is attached with equipment to be scanned;
The electronic equipment link block is attached with system to be scanned;
The software link block, for carrying out data transmission with software to be scanned.
5. system according to claim 4, which is characterized in that the configuration module includes:Automatically configure module and manually
Configuration module;
It is described to automatically configure module, for according to the scanning result, being carried out to the security configuration defect in the configuration file
Automatic safe configuration is repaired;
The manual configuration module, for according to control instruction input by user, being lacked to the security configuration in the configuration file
It is trapped into row security configuration reparation.
6. system according to claim 5, which is characterized in that the regular job module further includes report generation module;
The report generation module, for after the configuration scan module and/or the configuration module, generating report;
Wherein, the content of the report includes the one or more in following information:Configuration scanning result, security configuration defect enumerate,
The corresponding security risk grade of configuration defect, the comparison automatically configured before and after entry, manual configuration entry and configuration are completed are believed
Breath.
7. system according to claim 6, which is characterized in that the configuration file includes multiple configuration entries;It is described to match somebody with somebody
Putting database management module includes repository upgraded module, repository import modul and repository export module;
The repository upgraded module, for updating and expanding the configuration entry in repository;
The repository import modul, for being imported to the configuration entry;
The repository export module, for being exported to the configuration entry.
8. system according to claim 7, which is characterized in that the configuration file includes security configuration baseline;Wherein,
The security configuration baseline includes multiple configuration entries;
The configuration scan module is for automatic identification and reads the security configuration baseline in the configuration file, and and repository
In the corresponding security configuration baseline that prestores compared one by one;It will be defined with the inconsistent configuration entry of the security configuration baseline
For security configuration defect, while output safety configuration scanning result.
9. system according to claim 8, which is characterized in that the system management module includes authorization control module, uses
Family management module, system maintaining module, system log module and operation log module;
For the identity information according to first order user, power is allocated management of for the first order user for the authorization control module
Limit;
The user management module for the identity information of the subordinate subscriber according to the first order user, is used for the subordinate
Family allocates management of permission, and the identity information of the subordinate subscriber is managed;
The system maintaining module, for upgrading in time to whole system, to be safeguarded to system;
The system log module, for carrying out log recording to the operation of system;
The operation log module, for carrying out log recording to the operation of all modules.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410387150.2A CN104135483B (en) | 2014-06-13 | 2014-08-05 | A kind of network security automatically configures management system |
Applications Claiming Priority (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2014102605066 | 2014-06-13 | ||
| CN201410260506.6 | 2014-06-13 | ||
| CN201410260506 | 2014-06-13 | ||
| CN201410387150.2A CN104135483B (en) | 2014-06-13 | 2014-08-05 | A kind of network security automatically configures management system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104135483A CN104135483A (en) | 2014-11-05 |
| CN104135483B true CN104135483B (en) | 2018-05-18 |
Family
ID=51808005
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410387150.2A Active CN104135483B (en) | 2014-06-13 | 2014-08-05 | A kind of network security automatically configures management system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104135483B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP6363139B2 (en) * | 2016-03-18 | 2018-07-25 | エーオー カスペルスキー ラボAO Kaspersky Lab | Method and system for removing vulnerabilities in smart devices |
| RU2614559C1 (en) * | 2016-03-18 | 2017-03-28 | Акционерное общество "Лаборатория Касперского" | Remedial method for router vulnerabilities |
| CN105897489A (en) * | 2016-06-21 | 2016-08-24 | 浪潮(北京)电子信息产业有限公司 | Automatic compliance configuration method and device for cloud data centre server |
| CN107423345A (en) * | 2017-05-16 | 2017-12-01 | 郑州云海信息技术有限公司 | A kind of configuration file management method, equipment and system |
| CN107403100A (en) * | 2017-08-08 | 2017-11-28 | 四川长虹电器股份有限公司 | Baseline configuration automated detection system and method |
| CN108833358A (en) * | 2018-05-22 | 2018-11-16 | 郑州云海信息技术有限公司 | A kind of management method and system of security baseline |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1536485A (en) * | 2003-04-11 | 2004-10-13 | ������ͨ�Ƽ��������ι�˾ | Data maintenance, backup and recovery system and its method |
| CN101106480A (en) * | 2007-06-27 | 2008-01-16 | 杭州华三通信技术有限公司 | Configuration backup method, system and configuration file server and managed devices |
| CN103049343A (en) * | 2011-10-14 | 2013-04-17 | 腾讯科技(深圳)有限公司 | Method and device for restoring operating system blue screen |
| CN103632098A (en) * | 2012-08-21 | 2014-03-12 | 腾讯科技(深圳)有限公司 | Method and device for repairing bugs |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101605134B (en) * | 2009-06-30 | 2012-10-17 | 成都市华为赛门铁克科技有限公司 | Method, device and system for network security scanning |
| CN102541729A (en) * | 2010-12-31 | 2012-07-04 | 航空工业信息中心 | Detection device and method for security vulnerability of software |
| CN102436402B (en) * | 2011-03-29 | 2014-12-10 | 奇智软件(北京)有限公司 | Module repairing method in software and software equipment |
-
2014
- 2014-08-05 CN CN201410387150.2A patent/CN104135483B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1536485A (en) * | 2003-04-11 | 2004-10-13 | ������ͨ�Ƽ��������ι�˾ | Data maintenance, backup and recovery system and its method |
| CN101106480A (en) * | 2007-06-27 | 2008-01-16 | 杭州华三通信技术有限公司 | Configuration backup method, system and configuration file server and managed devices |
| CN103049343A (en) * | 2011-10-14 | 2013-04-17 | 腾讯科技(深圳)有限公司 | Method and device for restoring operating system blue screen |
| CN103632098A (en) * | 2012-08-21 | 2014-03-12 | 腾讯科技(深圳)有限公司 | Method and device for repairing bugs |
Non-Patent Citations (1)
| Title |
|---|
| 蓝盾漏洞扫描器技术白皮书;itianyuan;《百度文库》;20101111;第1-44页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104135483A (en) | 2014-11-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104135483B (en) | A kind of network security automatically configures management system | |
| US8726393B2 (en) | Cyber security analyzer | |
| US10356044B2 (en) | Security information and event management | |
| US8176158B2 (en) | Information technology governance and controls methods and apparatuses | |
| US20070136814A1 (en) | Critical function monitoring and compliance auditing system | |
| CN103632080B (en) | A kind of mobile data applications method for security protection based on USBKey | |
| CN101582883A (en) | System and method for managing security of general network | |
| CN116155531A (en) | Method and device for network equipment security management based on SOAR and electronic equipment | |
| CN114050937A (en) | Processing method and device for mailbox service unavailability, electronic equipment and storage medium | |
| US20130311385A1 (en) | Third Party Security Monitoring & Audit | |
| CN115941743A (en) | Method and system for identity authentication and data backup | |
| Kossakowski et al. | Responding to intrusions | |
| CN109933351A (en) | A kind of method and apparatus of reparation and upgrading linux system | |
| CN109257213B (en) | Method and device for judging computer terminal access verification failure | |
| KR102192232B1 (en) | System for providing verification and guide line of cyber security based on block chain | |
| US20210124842A1 (en) | Systems for sanitizing production data for use in testing and development environments | |
| CN111614620A (en) | Database access control method, system and storage medium | |
| Syambas et al. | Two-Step Injection Method for Collecting Digital Evidence in Digital Forensics. | |
| Schroader et al. | Alternate data storage forensics | |
| US20240089283A1 (en) | System and method for centralized cybersecurity configuration compliance management | |
| Brown | A Primen on Data Security | |
| KR102209774B1 (en) | Personal information processing log system for preventing abuse of aurthority of personal information | |
| Poonia | Audit tools for cyber crime investigation | |
| Liu | Cisco router and switch forensics: Investigating and analyzing malicious network activity | |
| McBride et al. | Data Integrity |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |