How to build a safety plan for enterprises in the

  • Detail

In the era of ISO 2.0, how does Jesse security create a secure computing environment for enterprises

on December 1, 2019, the network security industry ushered in equal protection 2.0, and the network equal protection construction entered a new era of active defense. Isoprotection 2.0 brings cloud computing platforms, big data platforms, IOT systems, industrial control systems, key infrastructure, etc. into the new category of security protection, promoting the further expansion of security needs

from isoprotection 1.0 to isoprotection 2.0, the coverage is broader and more in line with the technological development trend of the new era. The 1+3 architecture of ISO 2.0, that is, one center (Security Management Center) + triple protection (secure communication network, secure area boundary, secure computing environment), also makes enterprises face great difficulties in comprehensively rectifying their own security risks and deficiencies and improving the security protection ability of information systems

in the face of more stringent security computing environment requirements, the Falcon host security response system under Jess security creates a solid host security computing environment for enterprises from multiple dimensions, such as intrusion prevention, malicious code prevention, identity authentication, and helps enterprises build network security compliance

identify host intrusion and prevent intrusion events

according to the requirements of intrusion prevention, the Jess Falcon deployed on the host side can carry out multidimensional security detection on the host's image hijacking, hardware driver, system service, browser hijacking, boot self-operation, login hijacking, network hijacking, print theft and other system risk items, as well as certificate consistency, file integrity and unsafe settings; Real time detection of port scanning, suspicious connections, malicious Ping, flooding attacks, TCP flooding attacks and other network attacks

at the same time, through behavior detection, horizontal comparative analysis, artificial intelligence analysis and other methods to identify, locate and track the host intrusion behavior, it can record and block the source and destination IP, attack type and attack time of the intrusion event, and provide email, SMS and page alarm for the event

host micro isolation, perfect support intrusion prevention

Jess Falcon micro isolation function, which can provide two-way network access control based on host and business perspectives. At the same time, it provides network access flow records, and displays the access flow between businesses in an intuitive view through analysis and statistics

micro isolation security data shows that the security protection strategy can also match the threat traceability ability, which can not only record the associated host, time, protocol, source/destination IP, port, inbound/outbound direction and protection action in detail, but also show the host process associated with this, as well as the security analysis of the detailed path of the process, and further process the process file to form a fast closed loop of the entire network security event

multiple protection strategies to block the spread of malicious code

for the prevention needs of malicious code, Jesse security supports the traceability function of threat events and the functions of multi-dimensional threat detection of the host, horizontal file analysis, real-time program analysis, active defense of malicious code and entry-level protection strategy of the operating system, which can timely detect the key programs or key files that have changed during the operation of the system

at the same time, it can detect the list of hosts attacked by malicious code, locate the source of malicious code propagation, lock the path of malicious files, and block and isolate the infection of malicious code. Cooperate with the micro isolation function to establish a security domain, isolate the infected host, and prevent horizontal diffusion inside the network

monitor the security baseline and easily realize identity authentication

Jess Falcon has the security baseline monitoring function, which can perform baseline detection on the complexity of the system password, automatic correction of length and energy loss, maximum lifetime and forced password history, as well as the status of the account locking threshold in the account locking strategy, and identify and authenticate the logged in user. In case of login failure, the corresponding measures are automatically matched, which fully meets the requirements of identity authentication in ISO 2.0

in recent years, China's network safety industry has developed rapidly, and active defense has become the main theme of the current development of precision ball screw transmission network safety industry. The launch of Waibao 2.0 puts forward higher requirements for enterprise network security from a macro perspective. Jess Falcon can help enterprises that cause thermal deformation of products to perceive new threats earlier before the attack, conduct three-dimensional defense faster when the attack occurs, and conduct all-round traceability and analysis more efficiently after the attack

Copyright © 2011 JIN SHI