|
|
 |
 |
| Home
- Solutions -SOC Solution |
|
|
Security Operation Center
With the development of informationalization of the country, the information security problem in the P.R. China thereafter has becoming more and more important. Users have improved significantly their security concepts. Numerous protection methods and network security software and appliances bring installed and used, such as Anti-virus software, firewall, IDS and encryption etc. However, the security infrastructure is still vulnerable in fact of the ever-changing attacks of new generation and has been attacked frequently. How to breakthrough the own technology limits of the existing security devices and integrate their excellent functionality to form a security prevention system, that can quickly respond and make less errors in any emergency case, has become an inevitable and everyday topic for enterprise’ information security managers.
Success roots in innovation, and even more in practices and experiences. With the understanding on the security needs of the end user and mastering the advanced network security technology, iS-One has been thinking of a brand-new security management solution, Security Operation Center (SOC). It is a comprehensive security operation platform functionalized in operation and technology. As the central hinge, it efficiently put the policy management, security organizational management, security operation management and security technology infrastructure together in high consistency. It helps the user to realize the transformation from the original dispersive security to a centralized and controllable security protection.
The core issue in SOC is ‘Efficiency of the Security’. As early as at the beginning of this new century, security problem was already a big concern. So far, each enterprise has well recognized the importance of security problem and adopted every applicable security product and measure. However, the problem is still here and cannot be solved or controlled effectively. The reasons are, on one hand, the rapid change of the development of security issues; and, on the other hand, the wide spreading of the security problems over the whole infrastructure cause the low efficiency of using one single security product as a solution. Under these circumstances, it becomes an inevitable choice to use SOC as a effective way to improve the efficiency of security management.
What is SOC and What is the position of SOC in the security framework?
SOC is the control center to realize the combination of security policy management, security organizational management, security operation management and security technical infrastructure and make all of them in high consistency. Its functions can be divided into two kinds: one for management while the other is for technical.
The position of SOC in the whole management framework as follow:
|
|
SOC is the core and hinge of the whole security infrastructure. As a technical system, it provides assistance about automation to security policy management, security organizational management and security operation management at upper level. Meanwhile, as the most important, SOC operates downwards to the whole technical layer. It collects all information from both security and non-security products and carries out the unified automatic risk evaluation to tell if they are complying with the policy and baseline of security management It will report to the designated decision maker and give any necessary respond. By linking the security management and security technology, SOC secures the right deployment of those security products according to the requirements of security management.
Main functions of SOC include:
1、 Formulator of security organization and policy: An enterprise should designate an expert CISO and form the Enterprise Security Commission. The Security organizational structure, cored at SOC, must be the central organizer and the executor of the whole enterprise security management. The Center will set up the complete security policy system and in charge of its promotion, execution and auditing.
2、Security Risk Control Center: wholly collecting the vulnerabilities and related events of information assets, alleviating all faults by correlative analysis, finding out useful information and grading them. The system can automatically complete the risk calculation which used to be the wok of professionals and send out schedules and give responses automatically so as to lower and control the risk.
3、Security maintenance center: provides every necessary automatic tool for daily maintenance. For example, alerts service can realize active alerts. Through the cooperation among SOC of the enterprise and all security service providers, a complete alerting-response chain will be formed. It can ensure that the alerts can send to each administrator and the necessary action is taken before the vulnerability causes any trouble.
4、Security Knowledge Center: The security management cannot be limited to few people in the organization. It needs large amount of knowledge transfer and promotion. The security knowledge center provides different kinds of knowledge to serve the system and enterprises. Different kinds of knowledge are transferred to different professionals according to their specified needs.
Functions of SOC are shown below:
|
|
Conclusion
While establishing the SOC, it is necessary to notice that it is not a simplex technology system but an operating method. It is the hinge conjunct the security policy management, security organizational management, security operation management and security technology framework. SOC has changed the abstract security risk management to be evaluative and controllable in our daily life.
SOC is another spectacular management system after NOC. It combines various international standards, security models and IT management technology. It is a totally new thing in security industry. Cored with SOC, iS-One developed a complete security solution which covering security management service, vulnerability assessment service, border separation solution, terminal management solution and auditing solution.
|
|
|
