One, product introduction
With the informatization degree rise, information security events emerge in endlessly, impact on the understanding of the problems of information security is more and more deep, the use of safety products is also more and more. At the same time, revealed the following questions:
(1) safety equipment is more and more, such as UTM (FW/VPN), IDS/IPS, anti-virus, auditing, operation and maintenance, etc., each equipment have independent console, independent client agent, the management difficulty increase.
(2) security equipment every day produce mass security log interpretation, the user security incident difficulties, and can't or difficult to find potential security events.
According to the safety equipment widespread single point guard, each does things in his own way and unmanageable, wait for a phenomenon, my company developed "unified security platform", realize information security centralization, platform is changed, intelligent management, improve the efficiency of security management, improve the comprehensive protection ability.
Two, the product features
(1) centralized management
This product through the multi-source heterogeneous data collection, centralized security policy is changed, events such as standardization technical means to realize information security devices running monitoring, unified strategy management and security incident concentration collection and analysis.
(2) platform change management
1. The triad management platform, unified security platform set safety management, operation and maintenance management, audit management three functions in one, for three member (security administrator, system administrators, audit manager) to provide a unified management platform.

2. Unified process: based on the best practices of ITIL, to provide users with automation, standardized operation and maintenance management, security management and audit management process, effective organization and management IT management, improve the efficiency of the IT department.
(3) intelligent management
Unified security platform through correlation analysis technology, safety visualization technology, situation perception technology to realize intelligent management.
1. Security log correlation analysis: the original correlation analysis technology, from the magnitude of the security log discover hidden correlation, restore full attack steps, output a small amount of, is really worth it administrators attention security events, in order to eliminate the false alarm, identify high risk warning and dig deep and complicated aggressive behavior effect.
2. Security visualization: the leading Scatter Plots, Parallel Coordinates and visualization model, will be boring of security log into intuitive graphical display, the user from complex, mass data found potential threat.
3. Security situation awareness: using the unified collection of all kinds of threat and vulnerability data, through the risk calculation model calculation assets value at risk, evaluating network current situation, perception of network security situation, the potential, malicious network behavior become unable to control before recognition, defense, response and early warning.
(4) cloud protection mechanism
Platform support access "cloud security center", the use of center provides real-time monitoring, intelligent security, dynamic strategy of security mechanism, realize "cloud protection" security goals, improve safety equipment protection efficiency and protection ability.
Three, typical deployment
A company will network is divided into three security domain: the server domain, terminal domain, the security domain, the deployment of the boundary protective equipment, main protective equipment, terminal management system,... And comprehensive audit system and so on many kinds of safety equipment. Unified security platform centralized management safety equipment, security policy, security events, and the safety management, operation and maintenance management and audit management organically and realize the unified data collection, unified handling process, unified operation interface, which greatly improve the efficiency of IT management.

Unified security platform through correlation analysis, safety visualization, situation awareness and intelligence analysis technology, dig out the potential threat, grasp the overall network security situation, improve the overall defense ability. This illustration shows the firewall connection analysis chart, the user can be visualized from network traffic and abnormal connection.