An electric motor enterprise information security construction project
Release date:
2019-08-28

Viewed:

0

1. Introduction of customer company

The national high-tech enterprise has more than 20 years of experience in the professional development and production of micro-motors. It has strong technical development capability and manufacturing capability. It has two production bases in Shenzhen and Hefei and has obtained more than 40 national patents. Products are widely used in drones, service robots, automotive systems, audio-visual audio, office equipment, communication equipment, digital cameras, household appliances, office furniture, power tools, medical equipment, smart homes (smart door locks / smart curtains), Security monitoring, intelligent motor relays, personal care, banking equipment, aircraft models, sanitary appliances, balance vehicles, electric vehicles, automatic control equipment (Auto-control equipment), instrumentation (instrument) and many other industries.


2, business pain points

1). The egress gateway adopts a traditional network layer firewall and cannot identify application layer traffic;

2). The core application goes out through the gateway NAT;

3). The core key applications use manual backup;

4). The desktop cloud virtual machine cannot install the 360 anti-virus personal version, and cannot be backed up based on the cloud platform; and there has been a security incident;


3, the solution

1) Summary: Deeply convinced firewall + deep convinced EDR + Baike data

2) IT architecture diagram after rectification:

 An electric motor enterprise information security construction project


4, the program value

1. The old original gateway device and firewall (IPS+WAF transparent deployment) protect the original investment and not change the original architecture;

2. The firewall cleans the north-south network traffic and identifies the internal zombie host;

3. Resist the intranet/external network to the application server area web attack

4. Apply flow control technology at the application layer to limit the speed of non-office applications and prohibit non-office applications, ensuring smooth flow of daily office applications;

5. Deploy the EDR terminal detection response platform to uniformly update the virus database and system patches;

6. Protect critical applications and desktop cloud platform virtual machine data through the disaster recovery system;