Popularity of the Internet so that users can access anytime, anywhere Internet, networks have become an important way of information dissemination. But when people in the organization's Internet use within the export unit of resource access Internet, the ensuing intentional or not, online behavior risks to the organization can not be ignored.
Wangyuan work within the complex face of the various online behavior, how to effectively manage? traditional port-based firewalls and other equipment can only, IP, protocol type of the way across the board control is clearly unable to meet user requirements., it must act with the advanced management system for Internet access devices, to maintain a certain psychological deterrent. Currently many of these management systems, is more mainstream software Shenzhen Eau Internet behavior management. mainly following features.
1, outgoing Email filtering and delay the audit.
Email leak prevention needs in the before and after the two considerations. First, before outsourcing a variety of conditions on the Email-based intercept and filter, but it was blocked e-mail may not contain harmful content on the organization, how to avoid the limitations of the machine identified? deeply convinced that the message delay of the audit to provide technology blocks match the conditions specified on the outgoing Email, outgoing after manual review to ensure foolproof.
post audit can not be ignored. to all outgoing Email all records, including text and attachments. In addition, as generally used Webmail, outgoing Email on Webmail should be able to do filtering, recording and auditing.
2, URL database + key word recognition filter + SSL encrypted page.
pre-classification by static URL database to achieve explicit part of a page control is the basis, but must be able to enter keywords for search engines to filter, in order to achieve a static URL database update on the slow, capacity a small supplement. As for the SSL encrypted page identification and filtering, the industry there is SSL encrypted traffic through a proxy, a way to decrypt SSL encrypted traffic to achieve, but the Ministry of Finance for the organization, the general staff operations online bank account to decrypt the data also clearly exists significant security risks. SINFOR online behavior management device encrypted by SSL digital certificate for the site identification, detection and filtering, SSL encryption filter that meets the user requirements at the same time, it will not introduce new security risks. < br> 3, the network upload information filtering.
Forum irrigation network posting, uploading and downloading files need to be filtered based on multiple keywords, and should be able to upload the contents of all the success in order to post a detailed inspection records . But this is not enough, such as filth, one of the main places the overwhelming majority of Internet chat rooms WEB random dynamic port access, recognition, blocking ports at a moment of such dynamic behavior management problems of Internet , only some of the vendors to properly resolve the issue, this is the user in choosing the Internet gateway need to focus on behavior management issues to consider.
4, P2P identification and flexible management of precision.
P2P software on the Internet is endless, If you can only block P2P software itself precisely identify a variety of P2P, including encryption, not common, version of such flooding. With accurate identification, such a device on the effect of P2P flow control is particularly outstanding.
5, control of various non- network behavior not related to work.
industry leaders have been abandoned based on IP, port applications means of identification, and signature-based application protocol, deep content inspection technology, which only difference is the largest manufacturer of application recognition library, update the fastest . Based on the application of accurate identification, together with the different users assign different time network access policy, will improve employee productivity.
It is also worth users: Massive online behavior log records how to store, query, audit? mainstream industry practice is to online behavior log Autosave to the independent central gateway device in the log and stored in the database, with a graphical query and statistical tools to utilize them the log. More advanced logging operation is similar to Baidu's search engine through the implementation of the precision of the key search and locate the log.
If there is a demand, may wish to consult the European Shenzhen grams of software, they are professional engineers can give you some good advice.
No comments:
Post a Comment