yl23455永利(中国)有限公司

Intranet Security Solution Position:Home » Solutions » Intranet Security Solution
Network management system (ASM6000) is adopted to form a solution for video surveillance network ASM-VS. The solution, based on the ASM products, resolves the security threats in the video surveillance network.
 
1.  through the equipment characteristic fingerprint technology, prevents the front end equipment (network camera) illegal replacement access;
2.  through the network border management, to prevent illegal network devices (small routing, small HUB, WIFI) access;
3.  through the real-time security state discovery technology, we can find the system level and application level security vulnerability, configuration weakness, default password or weak password of NVR/ centralized management system in a timely manner;
4.  through the terminal security access, the network of various PC terminals configuration, strengthening, anti-virus software management, vulnerability repair;
5. through various personnel authentication methods, to prevent unauthorized personnel from using video surveillance network resources at will.
6.  through traffic legitimacy monitoring, timely detection of various devices in the network is illegal control;
7.  through the entire network perspective, the network camera, NVR/ centralized management system for asset inventory, rapid equipment positioning, account management.
 
 
 
 
Implementation functions include:
 
Device feature fingerprinting
Device feature fingerprinting is a device for identifying intellectual property rights. The technology achieves the calibration of the front-end device (network camera) through the four steps of "scanning discovery - Acquisition identification - forgery identification - illegal blocking".
When the webcam device is connected to the network, it can collect all kinds of inherent information of the device by means of network scanning, scanning and passive listening. The main information included: the type of equipment, equipment type, equipment manufacturers, equipment, the only calibration value. The integrated operation forms the only "fingerprint" information of the device". When the device is illegally replaced, the information will be displayed as a different value, so that it is possible to determine whether or not the forged device is illegally connected. Once found, alarms will be carried out and network blocked.
 
Network boundary management
The network boundary management function in the ASM-VS scheme can fully maintain the integrity of network boundaries. When there is illegal access to video surveillance network in NAT equipment, HUB equipment, WIFI equipment, ASM through the analysis of network data in the network, collecting the information of network equipment, can quickly show the network boundary device. For illegal border devices, network blocking can be carried out to prevent them from accessing the network, resulting in security risks.
The following figure is: the network management of private WIFI and its connected terminal devices.
 
Real time security state discovery
ASM-VS can real-time scan the security of NVR/ centralized management system equipment in the network. Scanning NVR/ centralized management system operating system vulnerabilities, operating system configuration weaknesses, operating systems and application systems such as weak passwords.
Unlike common vulnerability scanners, the ASM-VS's real-time security state discovery capability is a fully automated process.
 
Terminal security access
ASM-VS carries out a full range of security checks and fixes for PC terminals that access video surveillance networks. Mainly include: antivirus software use, operation system patch installation, system weak password repair, illegal software uninstall, illegal process blocking, etc., to ensure the security of the management terminal used in the network.
At the same time, the process safety of the terminal is also managed. Mainly include: USB storage device management, access, border control, etc..
 
Personnel certification
ASM-VS provides perfect and rich personnel authentication methods, authentication of people accessing video surveillance network access, and access control of network access for visitors. Realize the illegal personnel can not access, legitimate personnel access to security management objectives.
The supported authentication methods include: U-key authentication, local user name / password, Email, Radius, LDAP, AD domain, mobile phone text messages and so on. Moreover, it can also provide dynamic password and two factor authentication to further strengthen the security of personnel authentication
 
Traffic legitimacy monitoring
ASM-VS can monitor the flow of equipment in the network. Include: source port, destination port, source IP address, destination IP address, traffic value. Can real-time network traffic analysis, to observe whether there is abnormal traffic generation.
Threshold can also be established, when the network traffic port and source destination address violation, the system can automatically alarm, block. Prevent network cameras, NVR/ centralized management systems and other equipment is illegal control.
 
Whole network perspective

ASM-VS provides a full network security management and display platform that can demonstrate the entire network topology. In topology, we can fully display the network of various systems, equipment, network connections and other information. Can first grasp the overall network operation and security situation. The topology display can be further refined down to the location until each terminal device. You can also retrieve the connection through the device, find the connection of the switch, and the location, operation and security status of the switch in the network. Also provides a list of retrieval and display methods to achieve rapid account management.

Solutions

© 2000-2024 Suzhou HuaSu Info-Tech Co., Ltd.   |   Su ICP 16051456号-1

              Technical support:HUICHENG

Online
Baidu
sogou