校园网“零信任”防护方案

"Zero Trust"Protection Schem for Campus Network

针对校园网管理繁琐、维护困难、资源利用率低、图书馆资源易被恶意下载等问题,定向打造SDP解决方案,助力大学教育能够实现统一管理、便捷访问。SDP零信任安界防护平台作为应用访问唯一入口,只允许内部IP段放行访问,通过加密业务,防止真实域名对外暴露;采用最小化权限原则,对师生权限进行统一、精细化管理,防止未授权访问等行为。

In order to solve the problems of complex management,difficult maintenance,low utilization of resources and easy to download library resources,the solution of SDP is designed to help realize unified management and convenient access of university education.The SDP zero-trust security platform serves as the unique entry point for applications to access.Only internal IP addresses are allowed to access,and encryption services are used to prevent real domain names from being exposed.The principle of minimizing permissions is adopted to manage the permissions of teachers and students in a unified and refined manner to prevent unauthorized access and other behaviors.