"One machine, two -purpose" security control control?Zero trust gives the answer
Author:Chinese science and technology Time:2022.08.02
Digitalization of government services is no longer a new thing. It is small to daily travel, nucleic acid collection, electronic certificates, and large to community services, medical health, personnel resources. More and more government officials need to access the government affairs network for office work, and the terminals that access the government of government affairs are increasing day by day. The attack behavior and incidents that attack from the Internet across the network to the government affairs network. How to take into account the user terminal use experience, do a good job of "one machine, two uses" of government affairs terminals? Many government network managers lamented: Difficulty!
A large number of government affairs network terminals have the phenomenon of "cross -network access"
According to the survey, a large number of government affairs network terminals can connect the government affairs network and the Internet at the same time, which means that users can also access the Internet when accessing government affairs networks. In this case, the user terminal is very easy to become a springboard for cyber attacks, and the Internet threats are introduced into the external network of government affairs, bringing heavy hidden dangers. The key to the existence of security risks in the process of solving the foreign network terminal access to the Internet is that the "one machine, two use" of the government affairs network terminal is strictly controlled to ensure that the terminal does not allow the internet and government affairs network (at the same time at the same time ( Time to access the Internet), or access the Internet and government affairs networks in a securely isolation manner. Existing traditional solutions include network access systems, illegal external detection equipment, VPN and unified deployment terminal anti -virus software. Due to the lack of construction standards and the basis of construction, different government affairs network terminal types, network access models and construction schemes of each unit are different In the end, it is impossible to achieve the balance between security and users' ease of use, and even seriously affects the problem of terminal use. Traditional solutions are difficult to quickly identify terminals, block, and traceability in NAT scenarios, and they cannot fundamentally ensure data security, so they are very passive.
For the hidden dangers of the government affairs network terminal, through zero trust, it can solve the problems of terminal environmental testing and authority management as a whole. As one of the first domestic enterprises to explore zero -trust applications, I am convinced that it is based on zero -trust technology. It can meet the security construction of multiple scenarios through a platform. , Comprehensively build security capabilities such as certification access, compliance inspections, cross -network visits, illegal external visits, NAT terminal traceability, and terminal data protection.
With these major core technical support, at the beginning of the design of the zero -trust plan, considering the deployment of zero -trust deployment, with the characteristics of lighter, easy landing, and super stability, the user's "heavy" of the zero -trust structure, landing on the ground, landing on the ground The doubts of "difficulty" use the concept of zero trust to build a security, stable, controllable government affairs network security environment, solve the problem of end data security on the whole. Build a more solid government network terminal security.
- END -
Play "Art" summer!Open the 24 ways of summer
"Summer Public Security Campaign Campaign Hundred Days of Action" went to the two places to capture two fugitives within 5 hours!
In the past few days, the province's public security organs in accordance with the...