PDF下载分享

[1]方国强,刘一谦,张常亮.安全资源池在省级气象网络中的部署及优化[J].成都信息工程大学学报,2022,37(06):651-655.[doi:10.16836/j.cnki.jcuit.2022.06.006]
　FANG Guoqiang,LIU Yiqian,ZHANG Changliang.Deployment and Optimization of the Security Resources Pool in Provincial Meteorological Network[J].Journal of Chengdu University of Information Technology,2022,37(06):651-655.[doi:10.16836/j.cnki.jcuit.2022.06.006]

点击复制

安全资源池在省级气象网络中的部署及优化

成都信息工程大学学报[ISSN:1006-6977/CN:61-1281/TN] 卷: 37 期数: 2022年06期页码: 651-655 栏目: 电子信息科学与技术出版日期: 2022-12-30

Title:: Deployment and Optimization of the Security Resources Pool in Provincial Meteorological Network

文章编号:: 2096-1618(2022)06-0651-05

作者:: 方国强¹; 2; 刘一谦¹; 2; 张常亮¹; 2; (1.高原与盆地暴雨旱涝灾害四川省重点实验室,四川成都 610072; 2.四川省气象探测数据中心,四川成都 610072)

Author(s):: FANG Guoqiang¹; 2; LIU Yiqian¹; 2; ZHANG Changliang¹; 2; (1.Heavy Rain and Drought-Flood Disasters in Plateau and Basin Key Laboratory of Sichuan Province, Chengdu 610072, China; 2.Sichuan Meteorological Observation and Data Center, Chengdu 610072,China)

关键词:: 安全资源池; VAF; 策略路由; ACL

Keywords:: security resources pool; VAF; policy-based-route; ACL

分类号:: TP393

DOI:: 10.16836/j.cnki.jcuit.2022.06.006

文献标志码:: A

摘要:: 传统南北向网络安全防御已经无法满足新形势下网络安全需求,强化东西向网络安全是目前需要着力解决的一大问题。面对省级气象部门这种复杂网络环境,四川省气象部门采用安全资源池这一面向中小企业的安全服务系统,在省级气象业务网络上线部署方案,上线部署中遇到的交换机物理资源IFP ACL耗尽导致策略路由下发失败问题解决方法。系统部署上线后,有效提升了气象业务内网横向防护能力,完成了省级关键业务区域边界防护。为省级气象部门强化东西向网络安全提供了一种较廉价解决方案。

Abstract:: Traditional north-south-traffic network security defense has been unable to can’t meet the requirement for network security in the new era. Enhancing the east-west-traffic network security defense ability is an urgent issue for us to settle down at the moment. Facing a complex network environment, Sichuan Meteorological Administration used the security resources pool, a security service system oriented to the small and middle-sized enterprise, to enhance provincial key business area network border security defense capability. This article introduces deployment of the security resources pool in the Sichuan Meteorological Network System. After the failure of the first arrangement, we analyzed the reason and solved the fatal problem that the exhaustion of the physical switch IFP ACL resources caused the failure of policy distribution. After the operationalization of the system, the network border security defense capability of Sichuan Meteorological Bureau has raised effectively. Also the resolution is an economical plan for most provincial meteorological departments to improve the east-west-traffic network security defense ability.

参考文献/References:

[1] 王莹.计算机网络安全威胁分析及防护体系架构研究[J].数字技术与应用,2020,38(6):180-181.
[2] 张华,岳皓.基于SDN的港口安全资源池建设[J].网络空间安全,2020,11(3):39-43.
[3] 袁文韬.软件定义安全中安全资源池化技术研究及应用[D].北京:北京邮电大学,2018.
[4] 乔延臣,张结辉,陈晓帆.基于安全资源池的云安全解决方案[J].信息技术与标准化,2018(9):57-62.
[5] 刘鑫,宁学武,徐天成.PBR+ACL技术在取消高速公路省界收费站网络安全改造中的应用[J].工程技术研究,2020,5(24):24-26.
[6] 王献宏.浅析策略路由的实现[J].电脑知识与技术,2020,16(22):67-68+73.
[7] 饶险峰,孙丽.内部网关协议中精细路由调整方法简介[J].硅谷,2012(6):119+58.
[8] 孟金,陈澍.基于MSTP的省市气象宽带网的设计与实现[J].中国新通信,2020,22(10):38-40.
[9] 王扣武,张珺铭,王婧如.基于下一代防火墙的企业网络安全设计与实现[J].信息技术与信息化,2019(6):123-126.
[10] 郑传德.下一代防火墙在网络安全防护中的应用[J].网络安全技术与应用,2021(6):12-13.
[11] 陈博.基于下一代防火墙技术在医院网络安全中的应用[J].网络安全技术与应用,2022(1):118-119.
[12] 陈一峰,陈颖.一种访问控制列表ACL的检测方法及网络设备[P].中国:CN112565167A,2021-03-26.

备注/Memo

收稿日期:2021-12-23

更新日期/Last Update: 2022-12-30