CN205071043U - Network security system based on electronic commerce platform is used - Google Patents
Network security system based on electronic commerce platform is used Download PDFInfo
- Publication number
- CN205071043U CN205071043U CN201520894409.2U CN201520894409U CN205071043U CN 205071043 U CN205071043 U CN 205071043U CN 201520894409 U CN201520894409 U CN 201520894409U CN 205071043 U CN205071043 U CN 205071043U
- Authority
- CN
- China
- Prior art keywords
- server
- layer
- compartment wall
- link layer
- fire compartment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Computer And Data Communications (AREA)
Abstract
The utility model discloses a network security system based on electronic commerce platform is used, including preventing hot wall link layer and server link layer, prevent that the hot wall link layer is provided with 3 layers, the server link layer is provided with 2 layers, and prevents hot wall link layer and server link layer cross arrangement, the third layer of preventing the hot wall link layer later still is provided with the host computer center, the second floor of server link layer and prevent the third layer of hot wall link layer between still be provided with the server and keep watch on the layer, still include intranet intrusion detection system, intranet intrusion detection headtotail is on the layer is kept watch on to the server, prevent still being provided with on the first floor of hot wall link layer network intrusion detection engine, network intrusion detection engine adopts the venus infoTech sky to be full of NS100, the current electronic commerce platform of solution is when buildding, and network security sets up too simple weak point, adopts the multilayer to prevent the hot wall link layer and the mode of server link layer cross arrangement and carries out network security's the trouble of preventing.
Description
Technical field
The utility model relates to technical field of network security, specifically, is the network safety system based on e-commerce platform application.
Background technology
Ecommerce is means with information network technique, the commercial activity centered by the exchange of commodities; Also can be regarded as at the Internet (Internet), intranet (Intranet) and value-added network (VAN, ValueAddedNetwork) carrying out the activity of transaction and related service in electronic transaction mode, is the electronization of each link of traditional commerce activity, networking, informationization.
Ecommerce typically refers in the commerce and trade activity widely of all parts of the world, under the network environment that internet is open, based on browser/server application mode, both parties do not carry out various commercial activity with meeting, realize online transaction between the shopping online of consumer, trade company and online pay by mails and various commercial activity, transaction, finance activities and relevant integrated service activity a kind of novel commercial operation pattern.The difference of status residing for oneself of national governments, scholar, business people and the angle participated in ecommerce and degree, gives many different definition.Ecommerce is divided into: ABC, B2B, B2C, C2C, B2M, M2C, B2A(and B2G), C2A(and C2G), O2O etc.
Network marketing simultaneously is also a kind of product of ecommerce, and for network marketing, will first carry out network marketing scheme before doing, and like that just has the enforcement being convenient to plan.
Ecommerce is the commercial activity utilizing micro-computer technology and network communications technology to carry out.The difference of status residing for oneself of national governments, scholar, business people and the angle participated in ecommerce and degree, gives many different definition.But ecommerce is not equal to electronic business.
Even if ecommerce has different definition in various countries or different fields, but its key is still the business model of carrying out against electronic equipment and network technology, along with the high speed development of ecommerce, it not only comprises the main Connotation of its shopping, also should include the subsidiary services such as logistics distribution.Ecommerce comprises electronic money exchange, supply chain management, E-trading market, network marketing, in-system decryption, electronic data interchange (EDI), inventory management and automated data collection system.In the process, the information technology used comprises: the Internet, extranet, Email, database, electronic directory and mobile phone.
First ecommerce is divided into the ecommerce of broad sense and narrow sense.The ecommerce of broad sense is defined as, and uses various electronic tool to be engaged in commercial activity; Special electronic commerce is defined as, and mainly utilizes Internet to be engaged in commercial affairs or activity.Be no matter the concept of broad sense or the ecommerce of narrow sense, ecommerce all covers two aspects: one is this platform of too busy to get away the Internet, without network, just claims not Shang to be ecommerce; Two is that what to be completed by the Internet is a kind of commercial activity.
Say in the narrow sense, ecommerce (ElectronicCommerce is called for short EC) refers to: by the business transaction activity using the electronic tools (these instruments comprise telegram, phone, broadcast, TV, fax, computer, computer network, mobile communication etc.) such as the Internet to carry out in the world.Be the various commercial activitys carried out based on computer network, comprise the summation of the supplier of commodity and service, advertiser, consumer, the behavior of Shang Deng each side concerned of intermediary.The ecommerce that people generally understand refers to sense stricto ecommerce.
In a broad sense, ecommerce one word stems from ElectronicBusiness, exactly by business activity that electronically carries out.By using the electronic tools such as the Internet, make intra-company, supplier, between client and affiliate, e commerce transactions is utilized to share information, realize the electronization of operation flow between enterprise, coordinate the electronic production management system of enterprises, improve the efficiency of the links such as the production of enterprise, stock, circulation and fund.
The definition of international trade program simplification working group of the United Nations to ecommerce is: adopt electronic form to conduct business activities, it is included between supplier, client, government and other participants by any electronic tool.As shared destructuring commercial matters informations such as EDI, Web technology, Emails, and manage and complete the various transaction in commercial activity, management activity and consume activity.
Ecommerce utilizes computer technology, network technology and telecommunication technique, realizes electronization, digitlization and networking, the whole business procedure of commercial affairsization.
Ecommerce is based on commercial activity, based on computer network, in electronic mode for means, and the commercial activity process of exchange that within the limits permitted by law is carried out.
Digital information technology is used in ecommerce, the Activities of enterprise is carried out to the process of Continuous optimization.
The concept of Commerce (E-Commerce), by 1997, the said firm also been proposed the concept of ElectronicBusiness (E-Business).E-Commerce concentrates on electronic transaction, and emphasize enterprise and outside transaction and cooperation, E-Business then expands covering scope a lot.Commercial affairs or activity is engaged in referring broadly to the various electronic tool of use.Refer in the narrow sense utilize Internet to be engaged in the activity of commercial affairs.
Namely e-commerce platform is a platform providing online transaction to consult for enterprise or individual.Enterprise's Electronic Commercial platform is based upon the virtual network that Internet carries on business and the management environment ensureing the smooth operation of commercial affairs; Be coordination, integrate information stream, Commodity flow, cash flow in order, association, high efficiency flow important place.The shared resource such as network infrastructure, payment platform, security platform, management platform that enterprise, businessman can make full use of e-commerce platform to be provided carries out oneself business activity effectively, at low cost.
Network security refers to that the data in the hardware of network system, software and system thereof are protected, and be not subjected to because of reason that is accidental or malice to destroy, change, reveal, system can reliably normally be run continuously, and network service does not interrupt.Network security comprises network equipment safety, the network information security, network software safety.From in broad terms, the correlation technique of the every confidentiality, integrality, availability, authenticity and the controllability that relate to information on network and theory are all the research fields of network security.
Along with developing rapidly of computer technology, the business processed on computers is also by based on the mathematical operation of unit, file process, and interior business process, office automation etc. based on the simple internal network connected develop into based on the enterprise-class computers treatment system of the in-house network (Intranet) of complexity, extranet (Extranet), Global Internet (Internet) and worldwide information sharing and Business Processing.
While system processing power improves, the concatenation ability of system is also in continuous improve.But while information concatenation ability, negotiability improve, the safety problem of connection Network Based also becomes increasingly conspicuous, and overall network security is mainly manifested in the following aspects: the safety etc. of the physical security of network, network topology structure safety, network system security, application system security and network management.
Network topology structure and hardware that prior art is carrying out e-commerce platform are carried, arranging of safety management is too simple, initiatively can not realize intrusion behavior, to such an extent as to frequently suffer network attack, topological interior work unit will be made time serious to occur paralysis or information leakage, cause great loss to the user of topological network inside, make businessman, client all suffer huge loss.
Utility model content
The purpose of this utility model is to design the network safety system based on e-commerce platform application, solve existing e-commerce platform when building, network security arranges too simple weak point, multi-layer fireproofing wall link layer and server-link layer mode arranged in a crossed manner is adopted to carry out preventing of network security, and in conjunction with Intrusion Detection Technique, by to Wide Area Network, in LAN or e-commerce platform inside, the information of some key points carries out collecting and analyzing, therefrom find whether network or platform interior have the behavior of violating security strategy and by the sign attacked, what reach active in time realizes intrusion behavior, complete intrusion detection, and then provide support for the safe and stable operation of whole system.
The utility model is achieved through the following technical solutions: based on the network safety system of e-commerce platform application, comprise fire compartment wall link layer and server link layer, described fire compartment wall link layer arranges and haves three layers, described server-link layer is provided with 2 layers, and fire compartment wall link layer and server-link layer arranged in a crossed manner; Also host center is provided with after the third layer of described fire compartment wall link layer; Server monitors layer is also provided with between the second layer and the third layer of fire compartment wall link layer of described server-link layer; Also comprise Intranet intruding detection system, described Intranet intruding detection system is connected on server monitors layer; The first floor of described fire compartment wall link layer is also provided with network invasion monitoring engine, and described network invasion monitoring engine adopts Venus InfoTech sky to be full of NS100.
Further, in order to start to wide area network access, to host center, three layers of fire compartment wall can be utilized to protect the two-layer server-link layer of inside respectively, server-link layer is avoided to be attacked or invade, described fire compartment wall link layer is respectively ground floor fire compartment wall, second layer fire compartment wall, third layer fire compartment wall, described network invasion monitoring engine is arranged on ground floor fire compartment wall, described server monitors layer is arranged between the second layer of server-link layer and third layer fire compartment wall, the ground floor of server-link layer is set between described second layer fire compartment wall and ground floor fire compartment wall, after described host center is arranged on third layer fire compartment wall.
Further, in order to network hole detection can be carried out to the ground floor of server-link layer, and when user can be made to access, data-handling capacity between various server can balance, unbalance situation is avoided to occur and occur part server excess load, affect the stable operation of whole platform, network vulnerability scanning layer and load equalizer is also provided with between the ground floor and ground floor fire compartment wall of described server-link layer, after described ground floor fire compartment wall, network vulnerability scanning layer is set, after described network vulnerability scanning layer, load equalizer is set, the ground floor of server-link layer is set after described load equalizer.
Further, run anti-virus software to utilize equipment and be on the defensive to virus, also comprise Anti-Virus, described Anti-Virus interconnection network vulnerability scanning layer, described Anti-Virus carrying equipment adopts IBMSystemx3100M4 server.
Further, in order to operation server can be provided for the normal operation of website, and provide document for Web client such as browsers, can site file be placed simultaneously, allow the whole world browse, can data file be placed, allow the whole world download; And be convenient to when user registers, effectively to complete archives data operation, and complete registration, the ground floor of described server-link layer comprises web server group and RA server, and described web server group and RA Servers installed are between load equalizer and second layer fire compartment wall.
Further, in order to database platform and application platform can be built, the second layer of described server-link layer comprises database server and application server, and described database server and application server are arranged between second layer fire compartment wall and server monitors layer.
Further, in order to effectively virus defense can be carried out, and build stable server-link layer, described ground floor fire compartment wall adopts trend TWG-BRF114, described second layer fire compartment wall adopts NETGEARFVS318G, and described web server group, RA server, database server and application server all adopt IBMSystemx3850X5.
Further, described ground floor fire compartment wall adopts trend TWG-BRF114, and described second layer fire compartment wall adopts NETGEARFVS318G, and described database server and application server all adopt IBMSystemx3850X5.
The utility model compared with prior art, has the following advantages and beneficial effect:
(1) the utility model solves existing e-commerce platform when building, network security arranges too simple weak point, multi-layer fireproofing wall link layer and server-link layer mode arranged in a crossed manner is adopted to carry out preventing of network security, and in conjunction with Intrusion Detection Technique, by to Wide Area Network, in LAN or e-commerce platform inside, the information of some key points carries out collecting and analyzing, therefrom find whether network or platform interior have the behavior of violating security strategy and by the sign attacked, what reach active in time realizes intrusion behavior, complete intrusion detection, and then provide support for the safe and stable operation of whole system.
(2) the utility model in use; not only through traditional firewall protection when network data on Internet accesses; also through intrusion detection; by the use of active defense technology; to internaling attack, external attack and misoperation real-time guard, interception and responding to intrusions before network system is endangered.
(3) the utility model adopts the safety measure of three layers of fire compartment wall, can effectively prevent whole platform from being attacked or invading, for the safe and stable operation of whole platform provides safeguard.
Accompanying drawing explanation
Fig. 1 is structural representation of the present utility model.
Embodiment
Below in conjunction with embodiment, the utility model is described in further detail, but execution mode of the present utility model is not limited thereto.
Intrusion detection (IntrusionDetection) is the detection to intrusion behavior.It is by the information of some key points in information that Collection and analysis network behavior, security log, Audit data, other network can obtain and computer system, checks in network or system the behavior that whether exists and violate security strategy and by the sign attacked.Intrusion detection, as one positive ground safety protection technique, provides internaling attack, the real-time guard of external attack and misoperation, interception and responding to intrusions before network system is endangered.Therefore the second safety gate after being considered to fire compartment wall, can monitor network when not affecting network performance.Intrusion detection is by performing following task to realize: monitor, analyze user and system activity; The audit of system construction and weakness; Identify the activity pattern of the known attack of reflection and report to the police to stakeholder; The statistical analysis of abnormal behaviour pattern; The integrality of assessment important system and data file; The audit trail management of operating system, and identify that user violates the behavior of security strategy.
Intrusion detection is the reasonable supplement of fire compartment wall, and help system tackles network attack, extends the safety management ability (comprising security audit, supervision, attack identification and response) of system manager, improves the integrality of information security foundation structure.It collects information from the some key points computer network system, and analyzes these information, looks at whether have the behavior of violating security strategy and the sign attacked in network.Intrusion detection be considered to fire compartment wall after second safety gate, can monitor network when not affecting network performance, thus provide internaling attack, the real-time guard of external attack and misoperation.
The utility model relates to software application, and agreement regulation etc. is all mature technology, directly will implant application, does not relate to software, the change of agreement and creation.
Embodiment 1:
The utility model proposes the network safety system based on e-commerce platform application, solve existing e-commerce platform when building, network security arranges too simple weak point, multi-layer fireproofing wall link layer and server-link layer mode arranged in a crossed manner is adopted to carry out preventing of network security, and in conjunction with Intrusion Detection Technique, by to Wide Area Network, in LAN or e-commerce platform inside, the information of some key points carries out collecting and analyzing, therefrom find whether network or platform interior have the behavior of violating security strategy and by the sign attacked, what reach active in time realizes intrusion behavior, complete intrusion detection, and then provide support for the safe and stable operation of whole system, as shown in Figure 1, comprise fire compartment wall link layer and server link layer, described fire compartment wall link layer arranges and haves three layers, described server-link layer is provided with 2 layers, and fire compartment wall link layer and server-link layer arranged in a crossed manner, also host center is provided with after the third layer of described fire compartment wall link layer, server monitors layer is also provided with between the second layer and the third layer of fire compartment wall link layer of described server-link layer, also comprise Intranet intruding detection system, described Intranet intruding detection system is connected on server monitors layer, the first floor of described fire compartment wall link layer is also provided with network invasion monitoring engine, and described network invasion monitoring engine adopts Venus InfoTech sky to be full of NS100.
Embodiment 2:
The present embodiment is at the enterprising one-step optimization in the basis of above-described embodiment, further for realize the utility model better, can start to wide area network access, to host center, three layers of fire compartment wall can be utilized to protect the two-layer server-link layer of inside respectively, server-link layer is avoided to be attacked or invade, as shown in Figure 1, be arranged to following structure especially: described fire compartment wall link layer is respectively ground floor fire compartment wall, second layer fire compartment wall, third layer fire compartment wall, described network invasion monitoring engine is arranged on ground floor fire compartment wall, described server monitors layer is arranged between the second layer of server-link layer and third layer fire compartment wall, the ground floor of server-link layer is set between described second layer fire compartment wall and ground floor fire compartment wall, after described host center is arranged on third layer fire compartment wall.
Embodiment 3:
The present embodiment is at the enterprising one-step optimization in the basis of above-described embodiment, further for realize the utility model better, network hole detection can be carried out to the ground floor of server-link layer, and when user can be made to access, data-handling capacity between various server can balance, unbalance situation is avoided to occur and occur part server excess load, affect the stable operation of whole platform, as shown in Figure 1, be provided with following structure especially: between the ground floor and ground floor fire compartment wall of described server-link layer, be also provided with network vulnerability scanning layer and load equalizer, after described ground floor fire compartment wall, network vulnerability scanning layer is set, after described network vulnerability scanning layer, load equalizer is set, the ground floor of server-link layer is set after described load equalizer.
Embodiment 4:
The present embodiment is at the enterprising one-step optimization in the basis of above-described embodiment, further, for better realizing the utility model, equipment can be utilized to run anti-virus software be on the defensive to virus, as shown in Figure 1, arrange following structure especially: also comprise Anti-Virus, described Anti-Virus interconnection network vulnerability scanning layer, described Anti-Virus carrying equipment adopts IBMSystemx3100M4 server.
Embodiment 5:
The present embodiment is the enterprising one-step optimization in basis in embodiment 3 or 4, further for realize the utility model better, operation server can be provided for the normal operation of website, and provide document for Web client such as browsers, site file can be placed simultaneously, allow the whole world browse, can data file be placed, allow the whole world download; And be convenient to when user registers, effectively to complete archives data operation, and complete registration, as shown in Figure 1, be provided with following structure especially: the ground floor of described server-link layer comprises web server group and RA server, and described web server group and RA Servers installed are between load equalizer and second layer fire compartment wall.
Embodiment 6:
The present embodiment is the enterprising one-step optimization in basis in embodiment 2 or 3 or 4 or 5, further for realize the utility model better, database platform and application platform can be built, as shown in Figure 1, be provided with following structure especially: the second layer of described server-link layer comprises database server and application server, and described database server and application server are arranged between second layer fire compartment wall and server monitors layer.
Embodiment 7:
The present embodiment is the enterprising one-step optimization in basis in embodiment 5 or 6, further for realize the utility model better, effectively can carry out virus defense, and build stable server-link layer, the following set-up mode of special employing: described ground floor fire compartment wall adopts trend TWG-BRF114, described second layer fire compartment wall adopts NETGEARFVS318G, and described web server group, RA server, database server and application server all adopt IBMSystemx3850X5.
Embodiment 8:
The present embodiment is at the enterprising one-step optimization in the basis of embodiment 2-7 any embodiment, further for realize the utility model better, be provided with following structure especially: described ground floor fire compartment wall adopts trend TWG-BRF114, described second layer fire compartment wall adopts NETGEARFVS318G, and described database server and application server all adopt IBMSystemx3850X5.
Described network invasion monitoring engine is connected with wide area network, adopts Venus InfoTech sky to be full of the network invasion monitoring engine of NS100 to complete transmission and the intrusion detection of Internet network data.
Venus InfoTech is full of in sky NS100 and has following characteristic:
Maximum verification and measurement ratio: 80Mbps;
Maximum concurrent connection number: 200,000;
Newly-built linking number per second: 40,000;
Disposal ability (rate of failing to report is zero): 80M;
Agreement self-identifying: the HTTP supporting unconventional port, FTP, POP3, SMTP, TELNET protocol identification;
Interface: standard configuration 1 10M/100M electricity mouth, maximum 2 10M/100M electricity mouth;
Power supply: 100-240V;
Input current: 4-2A;
Power: 180W.
Server monitors layer is provided with Intranet intruding detection system, so that the data on local area network (LAN) can carry out intrusion detection when transmitting, simultaneously to wide area network, local area network (LAN) and the system platform inside virus prevention that may occur in possible trouble, also be provided with the Anti-Virus carrying out carrying bogusware by IBMSystemx3100M4 server, Anti-Virus carries out virus defense by network vulnerability scanning layer.
Three layers of fire compartment wall link layer and 2 stratum server link layers are carried out arranged in a crossed manner; the defence just carrying out fire compartment wall is started to internet access; then realize the input of each stratum server link layer and export the defence all being carried out poisoning intrusion and attack by fire compartment wall, thus reaching the optimized network security protection carrying out e-commerce platform.
In order to carry the network safety system based on e-commerce platform application that preferably has intrusion detection feature, on the choice for use of each parts, Intranet intruding detection system adopts Venus InfoTech sky to be full of NS100, ground floor fire compartment wall adopts trend TWG-BRF114, second layer fire compartment wall adopts NETGEARFVS318G, and web server group, RA server, database server and application server all adopt IBMSystemx3850X5.
Wherein, trend TWG-BRF114 has following characteristic:
For a enterprise route fire compartment wall;
The network port: 4*RJ4510/100/1000MbpsGigabitEthernetAuto-MDI/MIDX, 1*ShieldedRJ4510/100/1000MbpsGigabitEthernetAuto-MDI/MID X;
Management mode: based on the mode of WEB page, SNMP;
Safety standard: AccessControl;
Operating system is supported: Windows95/98/ME/NT/2000/XP, Unix and Mac;
Other performances, standard: IEEE802.3,802.3u, 802.3ab, agreement: NAT, PPPoE, HTTP, DHCP, TCP/IP, UDP, PAP, CHAP, RIP1, DDNS.
NETGEARFVS318G has following characteristic:
For a VPN fire compartment wall;
Concurrent connection number: 6000;
Lan port: 8 10/100/1000Mbps self adaptations;
WAN port: 1 10/100/1000Mbps self adaptation;
Management mode: support SNMP (2c); Web graph shape user interface; Username and password is protected; Support the safety long-distance management and the password that automatically identify IP address (or IP address field); Configuration modification/upgraded by Web graph shape interface; Support the two-factor authentication of administrator interfaces;
Processor: 250MHz; Internal memory: 8MBflash, 32MBDRAM;
Other performances: VPN intelligence guide easy configuration IPsecVPN; Automatic detection ISP address style (static, dynamically, PPPoE); Port range forwards; Port triggers; Opening/closing WANping; DNS proxy; MAC Address clone/deception; Network enabled time protocol NTP; Diagnostic tool (ping, DNSlookup, traceroute, other); Port/service; Support that port lines sequence is known to answer; L3 service quality (QoS) LAN to WAN and WAN to LAN (ToS); SIPALG.
IBMSystemx3850X5 has following characteristic:
Adopt rack 4U cabinet;
Processor performance: cpu type: Intel is to strong by 7500, CPU model: XeonE7520, cpu frequency: 1.866GHz, intelligence accelerates dominant frequency: 1.866GHz, standard configuration CPU quantity: 2, maximum CPU quantity: 4, making technology: 45nm, three grades of buffer memory: 18MB, bus specification: QPI4.8GT/s, core cpu: four cores, CPU Thread Count: eight threads;
Mainboard: expansion slot: 7 × half long PCI-E;
Memory behavior: type of memory: DDR3, memory size: 16GB, descriptor memory: 4 × 4GBPC3-8500, maximum memory capacity: 1TB;
Maximum hard-disk capacity: 4TB, internal hard drive frame number: maximum support 8 pieces of Serial Attached SCSI (SAS) or 16 pieces of SASSSD hard disks, hot plug dish position: support hot plug, RAID mode: RAID0,1,5;
Network controller: two PCI-Express;
Cooling system: hot-plug fan;
System management: AlertonLAN2, server autoboot, IBMSystemsDirector, IBMServerGuide, Integrated Management Module (IMM), light path diagnosis (powering separately), be applicable to the PredictiveFailureAnalysis of hard disk drive/processor/VRM/ fan/internal memory, WakeonLAN, dynamic system analysis, QPIFaildown, Single Point of Faliure shifts;
System is supported: WindowsServer2008(Standard, Enterprise and DataCenterEdition, 32 and 64), 32 and 64 RedHatEnterpriseLinux, SUSEEnterpriseLinux(Server and AdvancedServer), VMwareESXServer/ESXi4.0;
Power supply type: hot plug power supply, number of power sources: 2, supply voltage: 220V, power 1975W.
The above; it is only preferred embodiment of the present utility model; not do any pro forma restriction to the utility model, every any simple modification, equivalent variations done above embodiment according to technical spirit of the present utility model, all falls within protection range of the present utility model.
Claims (9)
1. based on the network safety system of e-commerce platform application, it is characterized in that: comprise fire compartment wall link layer and server link layer, described fire compartment wall link layer arranges and haves three layers, and described server-link layer is provided with 2 layers, and fire compartment wall link layer and server-link layer arranged in a crossed manner; Also host center is provided with after the third layer of described fire compartment wall link layer; Server monitors layer is also provided with between the second layer and the third layer of fire compartment wall link layer of described server-link layer; Also comprise Intranet intruding detection system, described Intranet intruding detection system is connected on server monitors layer; The first floor of described fire compartment wall link layer is also provided with network invasion monitoring engine, and described network invasion monitoring engine adopts Venus InfoTech sky to be full of NS100.
2. the network safety system based on e-commerce platform application according to claim 1, it is characterized in that: described fire compartment wall link layer is respectively ground floor fire compartment wall, second layer fire compartment wall, third layer fire compartment wall, described network invasion monitoring engine is arranged on ground floor fire compartment wall, described server monitors layer is arranged between the second layer of server-link layer and third layer fire compartment wall, the ground floor of server-link layer is set between described second layer fire compartment wall and ground floor fire compartment wall, after described host center is arranged on third layer fire compartment wall.
3. the network safety system based on e-commerce platform application according to claim 2, it is characterized in that: between the ground floor and ground floor fire compartment wall of described server-link layer, be also provided with network vulnerability scanning layer and load equalizer, after described ground floor fire compartment wall, network vulnerability scanning layer is set, after described network vulnerability scanning layer, load equalizer is set, the ground floor of server-link layer is set after described load equalizer.
4. the network safety system based on e-commerce platform application according to claim 3, it is characterized in that: also comprise Anti-Virus, described Anti-Virus interconnection network vulnerability scanning layer, described Anti-Virus carrying equipment adopts IBMSystemx3100M4 server.
5. the network safety system based on e-commerce platform application according to claim 3 or 4, it is characterized in that: the ground floor of described server-link layer comprises web server group and RA server, and described web server group and RA Servers installed are between load equalizer and second layer fire compartment wall.
6. the network safety system based on e-commerce platform application according to claim 5, it is characterized in that: the second layer of described server-link layer comprises database server and application server, and described database server and application server are arranged between second layer fire compartment wall and server monitors layer.
7. the network safety system based on e-commerce platform application according to claim 6, it is characterized in that: described ground floor fire compartment wall adopts trend TWG-BRF114, described second layer fire compartment wall adopts NETGEARFVS318G, and described web server group, RA server, database server and application server all adopt IBMSystemx3850X5.
8. the network safety system based on e-commerce platform application according to Claims 2 or 3 or 4, it is characterized in that: the second layer of described server-link layer comprises database server and application server, and described database server and application server are arranged between second layer fire compartment wall and server monitors layer.
9. the network safety system based on e-commerce platform application according to claim 8, it is characterized in that: described ground floor fire compartment wall adopts trend TWG-BRF114, described second layer fire compartment wall adopts NETGEARFVS318G, and described database server and application server all adopt IBMSystemx3850X5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201520894409.2U CN205071043U (en) | 2015-11-11 | 2015-11-11 | Network security system based on electronic commerce platform is used |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201520894409.2U CN205071043U (en) | 2015-11-11 | 2015-11-11 | Network security system based on electronic commerce platform is used |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN205071043U true CN205071043U (en) | 2016-03-02 |
Family
ID=55397542
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201520894409.2U Expired - Fee Related CN205071043U (en) | 2015-11-11 | 2015-11-11 | Network security system based on electronic commerce platform is used |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN205071043U (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107819856A (en) * | 2017-11-14 | 2018-03-20 | 广西巨玖文化产业有限公司 | Cultural and Creative Industries service platform based on SOA framework |
-
2015
- 2015-11-11 CN CN201520894409.2U patent/CN205071043U/en not_active Expired - Fee Related
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107819856A (en) * | 2017-11-14 | 2018-03-20 | 广西巨玖文化产业有限公司 | Cultural and Creative Industries service platform based on SOA framework |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10033766B2 (en) | Policy-driven compliance | |
| Wang et al. | Fog computing: Issues and challenges in security and forensics | |
| US10708285B2 (en) | Supplementing network flow analysis with endpoint information | |
| Šarac et al. | Increasing privacy and security by integrating a blockchain secure interface into an IoT device security gateway architecture | |
| CN114342319A (en) | Honeypot for infrastructure as a service security | |
| WO2014094151A1 (en) | System and method for monitoring data in a client environment | |
| US20220060509A1 (en) | Privilege assurance of enterprise computer network environments using lateral movement detection and prevention | |
| CN109462599A (en) | A kind of honey jar management system | |
| Irfan et al. | A framework for cloud forensics evidence collection and analysis using security information and event management | |
| CN105516189A (en) | Network security enforcement system and method based on big data platform | |
| CN114915476A (en) | Attack deduction graph generation method and system based on network security evaluation process | |
| CN103326883A (en) | Uniform safety management and comprehensive audit system | |
| Söderström et al. | Secure audit log management | |
| CN109803030A (en) | A kind of anonymity intermediate proxy server and its communication means | |
| CN205071043U (en) | Network security system based on electronic commerce platform is used | |
| Ahmed et al. | A proactive approach to protect cloud computing environment against a distributed denial of service (DDoS) attack | |
| CN204791244U (en) | Lottery ticket system | |
| Wang et al. | Research on Secure Cloud Networking Plan Based on Industry-Specific Cloud Platform | |
| CN203911973U (en) | Expansible network system suitably used for large-scale local area network security | |
| Jiang et al. | Performance research on industrial demilitarized zone in defense-in-depth architecture | |
| Jain et al. | The role of decision tree technique for automating intrusion detection system | |
| CN201403097Y (en) | Network fixation compound type safety gateway system | |
| CN202334564U (en) | Network access control system under Cisco environment | |
| Alblushi et al. | Internet of Things: Layers, possible attacks, secure communications, challenges. | |
| Zunnurhain et al. | FAPA: flooding attack protection architecture in a cloud system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160302 Termination date: 20171111 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |