current location:SOLUTIONS
Solution Introduction
Network security situations have become increasingly complicated and important, and information security has been promoted to national level, despite the increasing attention has been paid to IT security, government's network is still vulnerable.

Official government websites play an increasingly important role in government affairs, like press release, propaganda, and E-Government services. If a government's offcial website has been attacked or its web page has been tampered, it will affect the government image. Government's official websites face security challenges in the following areas:

● Compliance
● Network architecture security
● Transmission security
● Network boundary security
● Detection and auditing
● Access control and identity authentication security
● System vulnerability

Solution Introduction

Venustech proposes an overall security solution for government organizations based on the requirements of relevant laws, regulations and the industry's best practices.

Architecture security

Dividing a network into subnets can ensure that primary network devices have redundant service processing capacity to meet peak demands, and also the bandwidth for each network part meets peak demands. A secure access path can be established by controlling the routing between a service terminal and service server.

Access control

Security devices (such as firewalls and UTM products) are applied to isolate security domains and perform access control. The network access is controlled depending on the user and information categories. Security devices implement network access control to prevent unauthorized access to core resources of the current security domain by users from another security domain.

Intrusion prevention

The data flowing into a system security domain and its subzones must pass through security boundaries, where access control, anti-virus control, and intrusion detection are performed. The intrusion prevention system (IPS) can constantly update its detection methods for new attacks. Using signatures, behaviors, sandboxes, algorithms, and other detection techniques, the IPS can not only keep its traditional advantages but also defend against advanced persistent attacks (such as unknown malicious files and unknown Trojan channels), 0-day attacks, and sensitive information leakage behaviors.

Security auditing

Full-path security audit can be conducted by using both database auditing and bastion hosts. A customized auditing plan can be applied to organizations to help them improve their internal IT control and auditing systems to meet compliance requirements, and enable them to successfully pass the IT auditing.

Vulnerability scanning

A vulnerability scanning system can be deployed to scan security vulnerabilities on the entire network. A security system is established following the steps of "discovering > scanning > defining > fixing > auditing". Using various latest international vulnerability scanning and detection technologies, the vulnerability scanning system can quickly discover network assets, accurately identify asset attributes, thoroughly scan security vulnerabilities, clearly define security risks, offer fix suggestions and preventive measures, and effectively audit risk control strategies. Therefore, it can help users implement a comprehensive assessment of vulnerabilities and achieve control over their system security.

Security supervision

A security management platform can be deployed to summarize and analyze all security events, audit logs, threat information and attack events, display the required information, and achieve overall monitoring of hosts, network devices, and security devices.

Product deployment

Related Products

Unified threat management (UTM), intrusion prevention system (IPS), intrusion detection system (IDS), security operations center (SOC), vulnerability scanning, and database auditing

Success Cases

1. Perimeter Security Solution for Government Network

The user is satisfied with the protection capabilities of Venusense Unified Security Gateway (USG) in anti-virus, P2P protection, and buffer overflow attack prevention. The unified security management platform and the one-click configuration function provide great convenience for their management.

2. Security management platform for Jiangxi information center

The user can promptly deal with security issues through centralized management and monitoring, and keep abreast of the operation conditions of each department's assets by displaying the topology.