Real-name network management under cloud computing environment

In recent years, corporate network construction has developed rapidly, experienced financial crisis baptism, and the introduction of the 12th Five-Year Plan has brought cloud computing closer to companies in China's corporate informationization. From the perspective of informatization, a clear trend is the transformation of information technology services: the expectation of the enterprise not only stays at the level of technology and products, but also hopes to drive innovation through investment in IT-driven business growth. Power to help companies respond quickly to changes in the external environment. In particular, the “customer-centric” business philosophy continues to infiltrate more and more corporate culture. How to understand and meet customer needs in a timely manner has become an important guarantee for the development of the company. This reality also promotes the nature of IT services from the original passive background support to the front desk to promote business development and create business value.

Today, in the corporate market, network security construction has developed rapidly. A security boundary consisting of firewalls, IDS, or UTM security components has been established between a company-specific generalized local area network (hereinafter referred to as private network) and the Internet. The internal anti-virus system has also been implemented. The private network security system has begun to take shape and its security has far exceeded that of the Internet.

However, information security is not just basic network security, availability of information, and legal liability of the organization. These are not traditionally accepted by network security vendors. The development of technology, especially the advent of cloud computing, will reduce the control of enterprise information management at the basic level. Faced with the ever-changing network applications, the security situation faced by private networks is still very serious. P2P download is a dynamic network application that can make traditional firewalls a big screen.

The reason for this is, on the one hand, because the development speed of the existing security protection technology lags behind the development speed of application technology; on the other hand, at the present stage, there is a general problem that security technology and security management are out of phase in the enterprise, or it is good. Security technologies or products cannot be used well and play their due role. Or the information security management system lacks corresponding technical means to ensure its effective implementation.

The great flaws in information security management are concentrated on two separate objects in security management: each real employee in a company and a user in a private network. Because there is no definite correspondence between the two objects, the virus has an opportunity to indulge those employees who have malicious intentions to perform unauthorized access, and more seriously, because the identity in the network is not reliable, Even if a security responsibility accident occurs, it is impossible to find out what lies behind the information, and the information security management system and regulations are also useless.

The real-name network application management promoted by Netcom Technology is to use the latest network application identification technology and management ideas to establish information security and determine the corresponding relationship between two objects in the management, so as to ensure the realization of security technology and security management. Seam combination. By establishing the identity of the user in the enterprise network, a one-to-one correspondence between the network user and the natural person is established to ensure that the employee engages in their own work-related behavior in the network according to their true role in the enterprise. Even if someone still tries to do something that violates his or her role, the company can still find the person responsible for this matter through the one-to-one correspondence between the online users and the natural person.

Some enterprise users have adopted some technologies and products for terminal management access. However, as a management system, they should have a certain human nature and be deeply integrated with corporate culture. The forced installation of the client will cause employee's emotions to rebound, and the hard management of the network terminal will not completely solve the fine-grained control of applications and content in the Internet environment, and may affect the normal business work of some departments, resulting in unsuccessful expected results. achieve.

Netcom's real-name network application management philosophy is based on user identification, network identification and application identification, promote the establishment of network application management, detection and feedback mechanisms, effectively implement the closed-loop process of Deming Ring, improve the company's internal control and information Safeguards management techniques and systems.

Taking user identification as an example, the scheme can be used to authorize different groups of users according to their multi-dimensional roles. For example, the famous Zhao Ming is the manager of the operation and maintenance department. Then Zhao Ming can be located at the same time in the “Operation and Maintenance Department” and “Manager Group. ” to achieve an effective mapping of sociology and organizational logic. Based on user management, Netcom Technology can also make intelligent analysis and fine-grained policy control based on applications and content, as well as centralized management and auditing that meets enterprise requirements.