亳州市房产局信息安全解决方案

目录第一章项目背景介绍·········································································41.1信息安全严峻形势·································································41.2单位职能简介·······································································5第二章安全风险分析·········································································72.1风险分析方法·······································································72.2网络安全弱点分析·································································82.2.1网络结构脆弱性···························································82.2.2系统和应用脆弱性························································92.2.3网络访问脆弱性··························································102.2.4硬件平台脆弱性··························································112.2.5管理脆弱性································································112.3网络安全威胁分析································································122.3.1威胁来源···································································122.3.2非人为的安全威胁·······················································132.3.3人为的安全威胁··························································132.4网络安全风险分析································································152.4.1物理安全风险·····························································162.4.2终端安全风险·····························································162.4.3网络安全风险·····························································172.4.4系统安全风险·····························································172.4.5管理安全风险·····························································18第三章建设需求分析········································································193.1自身安全防护的需求·····························································193.1.1互联网出口单点故障····················································193.1.2对基础防护平台的需求·················································203.1.3对安全审计平台的需求·················································213.1.4对集中安全管理的需求·················································213.1.5管理安全的需求··························································22亳州市房产局的符合政策层面的需求········································22第四章整体方案设计········································································244.1方案设计原则······································································244.2信息安全规划图···································································254.3规划内容简介······································································27第五章方案详细设计········································································285.1详细设计概述······································································285.2计算环境防护······································································285.2.1终端安全管理·····························································285.2.2网站防护系统·······························································315.3安全边界防护······································································335.3.1防火墙部署································································335.3.2入侵防御系统·······························································355.3.3隔离与交换系统部署····················································375.4保护通信网络······································································395.4.1负载均衡系统·····························································395.4.2安全审计平台·····························································425.4.3防病毒网关··································································44第六章天融信公司简介·······························································46信息安全严峻形势近几年以来全球网络威胁持续增长，网络罪犯在恶意代码和服务的开发、传播和使用上愈发趋于专业化，目的愈发商业化，行为愈发组织化，手段愈发多样化。网络犯罪背后的黑色产业链获利能力大幅提高，互联网的无国界性使得全球各国用户都避之不及，造成的损失也随着范围的扩散而快速增多。二十年前，黑客攻击网络、窃取信息主要是为了好奇或者想炫耀自己的能力。而今，网络攻击更多的是获取经济利益的目的，已经形成了黑色产业链。这意味着，网络安全形势已日趋严峻。此外，近年来随着全球网络通讯技术高度发展，带宽的不断增加，互联网兼容人数迅速增长。与此同时，公民的隐私及安全问题很突出，特别是涉及公众个人的隐私泄露，如银行卡及手机支付等个人账号密码信息的窃取，给公众带来很多损害，引起群众的强烈反响。新兴IT技术的应用，物联网、云计算、移动互联、社交网络以及三网融合等等技术正成为IT领域发展的新动向，引起了企业的关注、用户的关注。但是它们的发展正在成为病毒泛滥和黑客攻击的新的温床。而且一旦出现问题，其破坏力将会越来越大。近年来，利用信息网络的安全漏洞或后门窃取、倒卖涉密信息获取利益，或在互联网上恶意公开个人私密信息的事件频繁发生；而传统网络IP化、设备实现软件化、3G业务等新技术、新形式的出现，电信网、互联网和重要信息系统面临的安全形势越来越严峻。尤其是公共电话网络，已逐渐变成继互联网、短信网络之后一个新的骚扰平台，仅在2008年有记录可查的骚扰电话数量就超过9000万次，而未被投诉和发现的骚扰电话数量则至少超过2亿次。信息安全问题随着国家信息化战略的推广凸显其重要地位。信息安全不仅给国家信息化进程带来现实的挑战，而且基于信息网络的渗透、攻防、电子战等概念，也影响到国防安全，给国家与国家之间带来新的竞争关系，直接影响到国家安全和社会稳定。亳州市房产局各层领导对安全工作非常重视，从逐年加大在安全建设方面的投资，进行了一系列的安全组织、制度、管理和技术方面的安全建设工作，在近期要求的安全工作包括加强基础安全管理，包括落实组织保障和安全责任；逐步开展安全建设。要从网络、主机、应用系统不同层面建设多层次、立体化安全防护体系；要集中统一建设必备的网络安全防护手段；在划分安全区域，统一边界的基础上，实现重点防护和隔离。1.2单位职能简介（一）贯彻执行国家、省、市有关房地产管理和房改的政策和法规，研究制定全市房地产业和房改的发展战略、中长期规划、年度计划，并指导组织实施。（二）负责全市城镇房屋产权产籍管理，城镇私有房屋管理。办理城镇房屋所有权登记、测绘、确权、发证，管理房屋产权产籍档案并提供利用。（三）负责全市城镇房屋拆迁管理和城镇异产比连房屋管理；审定拆迁协议，发布拆迁公告，裁决拆迁纠纷以及申请实施强制拆迁。（四）负责全市房地产市场管理、土地使用权转让、出租、抵押的管理工作；办理各类房地产交易的过户手续；实施商品房预售登记和房地产抵押租赁管理；负责房地产市场评估管理和中介服务管理。（五）负责全市城镇房屋安全的监督检查，实施房屋安全鉴定和房屋安全鉴定单位的管理，督促有关责任人对危险房屋进行治理。危险房屋管理工作。（六）负责全市房地产开