Background

Government network is comprised of public network and confidential network. The Email server, website server and other application systems deployed in the public network are connected to the Internet, while the confidential databases are only allowed to access within the Intranet. Government network is always attacked by hackers. Therefore, network security is one of the most important issues for government. In order to prevent the sensitive data leakage, which may bring threats to the government, a comprehensive network security protection and surveillance measures are required.

Challenges and Solutions

Website Security

There is increasing number of websites attacked by hackers, especially the government websites. In order to monitor and prevent illegal modification of web page files, it is essential to do real-time detection or stop the tampering activity of web page. It can be achieved by deployed a Web Page Tamper-Resistant System in front of the website server.

Email Security

Email server always has vulnerabilities, which can be used by hackers and viruses resulting in data leakage. In order to better prevent the attacks from the Internet and discover and fix the vulnerabilities in time, it is highly recommended to deploy a Web Application Firewall and a Loophole Scanning System into the government network.

Network Security Protection

Government network is comprised of public network and confidential network. In order to prevent the threats and attacks from the Internet, it is suggested that a Firewall and an Intrusion Detection System are deployed into the government network. Besides, an Intranet Security System is also required to achieve the access control to confidential servers within the Intranet to prevent the sensitive data leakage. Moreover, to monitor the operation of the confidential databases within Intranet, it is recommended to apply the Database Audit System.

Bandwidth Control

In order to guarantee the network performance, it is recommended to deploy Audit System to monitor the network status and flexibly allocate the bandwidth to each application, user or group, which is effective to prevent the bandwidth abuse for Internet surfing and video streaming.