Analysis And Design Of Network Security Value-Added Service Platform

This paper takes the development that network security value-added service platform of CHINATELECOM as the background, Starting from the practical demand of market and analyzing the cunent demand for network security and protection of minor enterprises of Guangdong province, as well as guided by the demand of clients, integrate different products of security firms (applied provider, AP). By means of the technology-supported after-sale service provided by the security firms, we draw a general outline for network security value-added service platform so that the whole process of implementation can have structured steps, and experience to be shared, in the mean time, stick to the principles of implementation.Firstly, this paper is to introduce the analysis of minor enterprise’s current situation of network management and China Telecom operator’s positioning of business transition, as well as the purpose of developing value-added service platform. With the premise of sorting out definite system positioning and construction principles, we list systematically the network security value-added services platform-constructing requirements analysis and general design and focus on the six core technologies research, including network traffic analyzing in the metropolitan network, calculation model of network security threats, security event correlation analyzing, security risk evaluation, security management base on assets and domain, security event paradigm .Moreover, this paper is to do researches in finding out how to integrate intensively dispersed network security products, so as to form perfect and single-stop-typed enterprise network security solution, which can be used by China Telecom minor enterprises.Because the whole process of implementation is involved in quite a large number of inner departments and insiders, this paper sorts out and sums up basic principles of labor division aiming at situations in which multiple roles are played by different people, and details responsibility division for different roles according to these basic principles.Lastly, this paper makes objective comments on network security value-added service platform and points out the practical significance and shortcomings, as well as the transformational direction of the system.