摘要
电力是国民经济的重要命脉,目前针对电力信息网安全防护主要集中在终端本体的行为检测及防护上,对于融合终端行为检测、行为审计及网络准入的电力信息网安全风险监测与主动防御的方法较少。因此,基于Splunk技术为应对日益增加的电力信息网的安全风险,构建了一套集日志采集、分析及安全预警的信息网安全风险监测与主动式防御机制,提升信息网安全风险检测与防护能力。
Electric power is an important lifeline of the national economy.At present,the security protection of power information network is mainly focused on the behavior detection and protection of terminal ontology.For the safety behavior monitoring and active of power information network integrating terminal behavior detection,behavior audit and network access.There are fewer ways to defend.Based on Splunk technology,this paper constructs a set of information network security risk monitoring and active defense mechanism,which integrates log collection,security early warning to improve the security risk detection and protection of information network in order to deal with the increasing security risk of power information network.
作者
李明
马永
方圆
Li Ming;Ma Yong;Fang Yuan(State Grid Anhui Electric Power Company,Hefei Anhui230000)
出处
《现代工业经济和信息化》
2017年第20期23-24,共2页
Modern Industrial Economy and Informationization
