Palladium unified security management and comprehensive audit system is a new generation of security audit monitoring system. It adopts the integrated design of software and hardware and is managed by B / s or C / s. its main function is to realize the whole process monitoring of personnel operating power information equipment and information system processes such as server, network equipment and database, and to monitor and audit the whole process, And real-time blocking of illegal operations.
The system has powerful input and output audit function, which can not only record each instruction of user operation in detail, but also record the whole process of user operation, and has the function of audit playback to realize "online and offline" double-layer monitoring, which greatly enriches the function of equipment safety monitoring and ensures that the leadership, management and patrol auditors are well documented.
The deployment of Palladium's unified security management and comprehensive audit system can improve the overall security protection level of the power industry from the following three aspects:
1. Improve the authority control ability of Enterprises -- the basis for reducing costs and information security risks.
Authority control (authentication, authentication and audit): conduct one-to-one real name account and password verification for each operation and maintenance personnel. The specific operator can be found through the login account, and set the use authority for each operator. The operator can only access the allowed equipment within the allowed range, so as to avoid wrong operations caused by human reasons, Track and record the access, operation and equipment operation of each operator. Any equipment access and change are controllable, recordable and traceable.
2. Strengthen the equipment inspection mechanism of the enterprise - strengthen the equipment patrol inspection system of "two tickets and three systems", find problems in time and eliminate relevant faults in time.
Equipment patrol inspection is the patrol inspection and regular work of information equipment to ensure that the patrol inspection personnel regularly follow up the task to patrol the equipment operation status and ensure the stable operation of the system.
3. Realize the work process monitoring of the enterprise - realize the work process monitoring and accurately judge the cause and responsibility of the accident.
Work process monitoring: handle the whole process monitoring for all operation processes of information equipment, ensure that staff have complete records of each work of information equipment, and realize "online and offline dual monitoring".