In the early stage of information construction of government departments, due to lack of construction experience, there is a phenomenon of emphasizing construction, emphasizing application and neglecting security, resulting in the lack of necessary security protection measures for the information systems of some government departments. At the same time, problems such as imperfect network security system, inadequate implementation and weak network security awareness emerge one after another. With the rapid development of e-government "one stop", "two networks", "four libraries" and "ten gold" and the improvement of information level, the data center not only plays a basic supporting and ensuring role for the rapid development of public service business of government units, but also is of great significance to improve the internal management level of government institutions, and then improve the efficiency of resource allocation and information security, This also means that the dependence of government agencies on it information systems has reached an inseparable position for a moment. It is particularly important to protect important information systems and sensitive data. At present, government agencies and units mainly face the following security risks at the level of it operation and maintenance:

1. The identity is not clear and the authorization is not clear. At present, the IT affairs of government organs and units basically adopt the project system, and few units have their own it operation and maintenance team. Even for important units in first tier cities, their operation and maintenance is outsourced to third-party companies. As a third-party operation and maintenance company, there are often many problems in the identity and authorization of its personnel, such as what level of account the operation and maintenance personnel can use, what authority they have, and how long the authority is maintained. If it is not clearly specified in advance, it will lead to operation and maintenance security problems;

2. The operation is opaque and the behavior is uncontrollable. It can be found from the previous security incidents in major government departments that the service personnel of some third-party service companies log in to the core system and database without authorization for many times during the service period, resulting in the leakage of citizens' privacy information. After the occurrence of time, the problem was not exposed, which itself shows that the operation of the third-party company is opaque and the process is uncontrollable. Similar cases are not uncommon in the industry. In this case, the security of users' private information can only rely on the ethics and professional ethics of third-party operation and maintenance personnel. Obviously, this kind of it operation and maintenance operation without supervision carries great risks;

3. It is difficult to audit afterwards and the responsibility is not clear. Due to the fact that the operation and maintenance work is mostly handed over to a third party and the lack of effective identity authentication and authority control, there is a lot of and unregulated flexible operation room for it operation and maintenance, so that after the security incident, the relevant departments can not timely and effectively pursue the responsibility of dereliction of duty, and a lot of human and material resources need to be invested for investigation afterwards.

In response to these needs, the unified security management and comprehensive audit system developed by Palladium can comprehensively monitor any operation of operation and maintenance personnel, and can carry out fine-grained access authorization, operation record control, audit and playback, and monitoring blocking, so as to realize pre prevention, in-process control and post audit of operation and maintenance process, Improve the network operation and maintenance security and management level of government agencies and units.

Through the establishment of a unified security management and comprehensive audit platform and unified access entrance, all operation and maintenance operations must be connected to the operation and maintenance audit system in the operation and maintenance area of the Information Center for centralized authority control, so as to realize the centralized and standardized management of operation and maintenance operations, with special personnel. Unified management of access maintenance in different systems, account management, identity authentication and authorization. Based on the user's authority, the platform can carry out unified network layer and application layer access control to improve the system security.

Deployment mode

1. Meet the compliance audit requirements of relevant regulations of government network, basic requirements for classified protection of network security, network security law and other laws and regulations;

2. Provide the supervision department with the audit report of operation and maintenance management and the original and accurate operation and maintenance log;

3. Help to improve the organization's it internal control and security audit system, so that the information system can successfully pass the national information security level protection evaluation;

4. Avoid illegal terminals and insecure terminals directly connecting to core resources, reduce the impact of Trojans, spies and internal security threats on core resources, reduce the work pressure of administrators and improve work efficiency;

5. In case of safety accident, responsibility identification and safety event tracking can be carried out quickly and accurately through playback of operation records.