MAKE NETWORK SIMPLE,INTELLIGENT AND SECURE
MAKE NETWORK SIMPLE,INTELLIGENT AND SECURE
Date:2018-05-25 Hits:
Luneng Group Co., Ltd., established in December 2002, is a wholly-owned subsidiary of State Grid Corporation of China with its headquarters in Beijing. To guarantee secure operation of the office network in the headquarters, Luneng Group plans to reinforce network security in Beijing.
The promulgation of the People's Republic of China Cyber Security Law has made real-name Internet access a pressing need for Luneng network construction project. The key policy requirement of this project lies in how to facilitate real-name access and auditing improving user behavior auditing and traceability.
Apart from meeting office networking needs of nearly 500 employees, the Luneng Group also deployed several service systems for finance and administrative department. The outbreak of ransomware in 2017 has raised public awareness of intranet security. Luneng Group hopes to improve security risk detection and management, strengthen monitoring of virus and abnormalities, and provide reinforced protection for service resources: circumvent intranet security risks and protect vital business resources.
Advantages enabled by DPtech for Luneng
▌ Real-name access and controllable permissions:
Intranet users shall go through iNAC real-name authentication before accessing Internet, and iNAC will assign permissions based on roles. For example, personnel from the finance department have access only to financial server resources, personnel from the administrative department to servers and the Internet in administrative department. Guests are not allowed to access internal server resources; instead, they can only access the Internet.
▌ Real-time monitoring of intranet abnormalities:
iNAC performs ongoing monitoring of the traffic of intranet users, provides timely alarms on abnormal behaviors and access, and blocks them if necessary. Abnormalities that can be monitored and blocked include dark traffic sent by users to external networks and data centers to consume network resources, spread viruses, or attempts to access business systems without permissions. iNAC is capable of timely detecting and blocking the above-mentioned abnormal behaviors, and displaying relevant information on involved user on the Self-Secure network management platform.
▌ Unified user auditing on a platform
By deploying an UAG board, it is possible to make analysis on intranet users. All user behavior logs on Web, Email, forum, and instant messaging are summarized and displayed on the Self-Secure management platform, enabling IT staff to easily perform user behavior audits and traceability.
▌ Deployment methods:
Nearly zero change to the original network: security gateways are deployed side by side to the original core, minimizing impacts on user network.
One-key bypass ensure reliable network: iNAC device can be bypassed in case of failure without affecting the network and enabling convenient troubleshooting.
▌ Conclusion
The Luneng Self-Secure network reinforcement project, which has completed acceptance, marks the first application of DPtech Self-Secure Campus network Solution in enterprise office network scenarios. The successful implementation of this project further strengthened Luneng Group's office network security management and control, building a secure and reliable office network for Luneng Group.
Leave a message
Leave a message