Solutions-Hangzhou pldsec Network Technology Co

Operator

Unified security management and opera一兒tion and maintenance audit solution北現 for operators

Demand reason Our programme Customer Benefits Classic cases

Industry pain points and needs

With the continuous expansion 舊廠of telecom operators' information答木 network scale, network internal們南 control security management has incre市舞asingly become the focus of telec城林om operators' information cons姐飛truction. It is the basic guarantee o關腦f the internal information appli廠遠cation management system of telecom o機謝perators. Only when the computer n民廠etwork is unblocked and network s都到ecurity is ensured, can telecom oper內頻ators use the advanced information ma懂來nagement system to improve internal man算民agement, so as to improve the ef城公ficiency, management level and comp物中etitiveness of film operators. Howev這北er, with the complexity of inte拿男rnal information systems and pe光技rsonnel operating these systems, how t金下o realize the safe access of oper喝坐ators' maintenance personnel to the南秒 maintenance network and internal會你 network, and how to better ens時服ure the maintenance personnel's 都農authority management, operation process報子 monitoring and behavior audit of影農 network internal servers have 費拍become the problems that major operator信是s have to face.

Industry demand
Combined with the current security si國動tuation faced by the informatiza身劇tion development of colleges and un木河iversities, there are mainly the f微我ollowing risks in operation and mai理路ntenance management:
1. Management status: at presen兵金t, the business support networ雪歌k and value-added service network ar路慢e important supports for the business行吃 operation of operators. The operat路算ion and maintenance management 車下personnel shall conduct daily inspect事秒ion on the comprehensive settlement多現 system, billing and accounting system能舞, business analysis system, custome知弟r relationship management system and pa冷為rtner relationship management system 分線in the business support network; The師算 systems of the value-added service net員她work include intelligent network sys科農tem, SMS system and MMS system for o場些peration and maintenance manage員討ment. There are many types of sys分校tems and complex business logic冷醫. The operation and maintenance pe也會rsonnel should be responsible for t雨拿he operation and maintenance managem短老ent of multiple business systems at 高和the same time. There are proble能裡ms of multi-point login, decentralized 短為management and inaccurate identi村現fication and authorization control;
2. Password management risk: in 們知the key core business of the whole廠理 information system, the password ma購照nagement and authority management o西在f the application system and dat習可abase are complex, and some compl愛風iance requirements require reg公店ular modification of the equipment mana厭拍gement password, which brings 開紅unimaginable workload to the opera筆城tion and maintenance personnel;
3. Permission allocation: the comple村間xity of core business system applicati信拿on determines that multiple roles (s媽遠ystem / database / security / au房空dit administrator / maintenance 民子agent, etc.) share accounts and 視體cross manage. How to control perso微日nnel permissions according to the princ頻刀iple of minimum permission alloc師來ation;
4. Business terminal risk: the MI讀校S configuration and misoperation of o音快peration and maintenance personnel 煙老may directly affect the business 器的continuity, which is not effectiv微從ely and reasonably avoided, and it 志是is difficult to prove and trace afterwa城子rds.

Our programme

How to effectively and standard民間ize the management of operators and還腦 operation behavior is the core of da樂費ta center operation and maintenance ma鐵線nagement. Palladium's unified se制子curity management and comprehensiv可唱e audit system solution adopts the man空子agement idea of "prevention in advance了城, control in process and post a吧到udit". From the perspective of how to 場器reduce operational risk, take people師大, operation and technology as the 雜跳management core.

Through the construction of Pa分家lladium unified safety management and 喝開comprehensive audit system, the followi制著ng effects are achieved:

one Provide users with 子店unified access and platform for o暗厭peration and maintenance;

two Realize the centr文從alized control and management of acco請購unt number, authentication, authori錯靜zation and audit of business supp務從ort system, DCN network operation公廠 management system, operating system,中裡 database, network equipment an些歌d other IT resources;

three Realize centra快刀lized and role-based master-sl他商ave account management, and realize fi月用ne-grained permission allocation and線員 management of role attribute l兒師evel;

four Realize centralized制員 identity authentication and access por又我tal;

five Realize centra好刀lized access authorization, access 鐵多control based on centralized control 懂兵security policy and role autho月子rization management;

six Realize centralized se樹年curity audit management, collec在輛t and record users' use of key a理畫nd important resources of busine件議ss support system;

seven Meet the requir草又ements of compliance audit and地學 operation and maintenance management.

Deployment mode

Program advantages

Mature and stable

More than ten years of market veri短林fication and technology accumula師費tion, and a large number of succ長鐘essful cases have been deployed in com著低plex application production envi離到ronment, especially many operators and綠吧 financial cases;

The equipment is easy to maintain 慢務and manage. It has obvious advanta從秒ges in the case of multi machine depl還弟oyment. It has participated in 錯制the deployment of large projects w著暗ith 30 equipment deployment, 1市妹4 equipment for cluster managemen刀國t, 2000 concurrent users and 10000要舊 asset authorization management;

There are many industry cases of 票技operators: China Mobile Group Zheji小著ang Co., Ltd., China United Communic愛火ations Co., Ltd. Zhejiang branch,分行 China Telecom Co., Ltd. Shanghai 劇河branch and China Telecom Co., Ltd. 這什Anhui Branch.

Safe and reliable

At the same time, two sets of unified來放 operation and maintenance platf門嗎orms with independent application務月s and complete functions are provi車少ded. The device HA can achieve real-員空time synchronization of config友物uration and audit log;

Strong adaptability to network跳志 environment, realize green deploymen家些t, do not change the original network 城到topology, support cluster deploymen睡黃t and cross network segment de物門ployment;

The system development and update sha看森ll follow the safety software 匠好development life cycle process to答通 realize version management, and e區裡ach iterative upgrade shall ensur子件e that the best practices are met.房話

modern techniques

Support local authentication, ad domai紅短n authentication, radius authen員近tication, fingerprint authenticatio人件n, wechat authentication, SMS authent化懂ication, etc., with the most co在慢mplete identity authentication methods拍畫 in the industry;

The system login strategy of u書但sers can be set, including limi腦我ting login IP, login time period, por她可t, account, etc., to ensure that new u大懂sers can access the background resourc上如es they have permissions and realize短弟 controllable operation and mainte她事nance;

Support the alarm and blocking of湖也 high-risk commands, and effectivel冷玩y control the risks caused by miso哥銀peration and high-risk operation國老 in operation and maintenance;

Unified management of in band and 從老out of band operation and mainten但水ance, the only mainstream KVM ove吧嗎r IP products in the industry that si答多multaneously support Avocent, Rari海身tan, aten, etc;

The original database operatio筆如n and maintenance audit platform cover場做s mainstream commercial databas白答e enterprise applications and operat拿分ion and maintenance operations.

Customer Benefits

1. Help customers meet the complianc員鐵e requirements of network security l錯工evel protection, network securit秒離y law, ISO27001, SOX act, etc;

2. Realize centralized identit在風y authentication and access portal, rea務河lize centralized access authori們影zation, access control and rol員我e authorization management based 花喝on centralized control security po和空licy, and ensure that various busi舞多ness delivery systems in the networ訊個k center provide 7x24 hours of飛綠 uninterrupted operation and maintena對來nce;

3. Realize core data assets, intran山請et core network equipment, host equipm弟校ent, database assets, virtualiza好信tion equipment, comprehensive settl白機ement system, billing and accounting 街拍system, business analysis system, cus理場tomer relationship management syst制就em, partnership management sys術要tem and value-added service networ錯子k, including network center assets suc去些h as intelligent network system a技們nd short message system, so as to re冷動alize cross platform Centralized contro東弟l and management of account numb門店er, authentication, authorizatio計都n and audit of various IT resources ac頻音ross operating systems, across opera在報tion and maintenance protocols and acr如亮oss equipment types;

4. Ensure the security and integri著通ty of business system data, and c草信ontrol the security status of net數吧work environment in real time.

Classic cases

China Telecom
China Mobile
China Unicom
Oriental Communication
Siemens Communications