在日益严峻的网络安全形势下,为了改进高校网络安全管理工作,建立了统一的SOC和安全管理机制.调查了陕西省高校网络安全管理工作的新特点与存在的问题,借鉴企业SOC的机制和WPDRRC模型,以第四军医大学为研究个案,对其SOC机制进行重新设计实践.在WPDRRC模型的基础上提出了由预警、保护、检测、响应、恢复和改进六个环节,组织架构、技术体系和管理流程三个要素组成的WPDRRI模型.以第四军医大学校园网SOC为例,构建了决策、管理、运营和应用4个层次的SOC组织体系,按照划分安全域的思想设计了校园网整体的安全防护架构,探索了校园网安全态势感知平台的日常和异常网络安全运维流程.结果表明,WPDRRI模型符合高校网络安全管理实际,可以用于指导高校网络SOC建设.%Under the increasingly serious network security situation,we establish an unified SOC and security management mechanism in order to improve the network security management in higher schools. According to investigation about new characteristics and problems of safety management work in Shaanxi Province higher schools,taking the Fourth Military Medical University as a case,we redesign and practice the SOC management plan of the higher schools,which referred to enterprise SOC mechanism and WPDRRC model. Based on the WPDRRC,a new WPDRRI model,which is composed of the six links by warning,protection,detection,response,and three elements by organization structure,technology system and management process,is proposed. Taking campus network SOC from the Fourth Military Medical University as an example,we build four levels SOC system including decision-making,management,operation and application. In accordance with the partition of network security domain,the overall security architecture of the campus network is designed,and the daily and abnormal network security service process based on the security situation awareness platform of network platform is explored. The re-sults show that WPDRRI model is fit for actual condition of network safety management in higher schools,which can be used to guide the construction of university network SOC.
展开▼
