CN106559249A - Check the method and device of security baseline - Google Patents

Check the method and device of security baseline Download PDF

Info

Publication number
CN106559249A
CN106559249A CN201510642155.XA CN201510642155A CN106559249A CN 106559249 A CN106559249 A CN 106559249A CN 201510642155 A CN201510642155 A CN 201510642155A CN 106559249 A CN106559249 A CN 106559249A
Authority
CN
China
Prior art keywords
configuration
security baseline
network equipment
modules
selftest module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510642155.XA
Other languages
Chinese (zh)
Inventor
马铮
王光全
夏俊杰
唐磊
白晓媛
朱安南
高枫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN201510642155.XA priority Critical patent/CN106559249A/en
Publication of CN106559249A publication Critical patent/CN106559249A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a kind of method and device for checking security baseline, is related to areas of information technology, inspection safety and modern efficiency can be improved.Security baseline inspection system is applied to, the security baseline inspection system includes:Configuration security baseline selftest module, the configuration safety are located in the network equipment from wire module;Configuration security baseline selftest module gathers the configuration parameter of other modules in the network equipment first, then judge whether the configuration parameter of other modules in the network equipment for collecting is matched with the desired value of configuration parameter, if the configuration parameter of other modules is not matched that with the desired value of configuration parameter in the network equipment for finally collecting, warning information is sent.The present invention is applied to the security baseline for checking the network equipment.

Description

Check the method and device of security baseline
Technical field
The present invention relates to areas of information technology, more particularly to a kind of method and device for checking security baseline.
Background technology
With the development of information technology, network size also with extension, however as the extension of network size, The parameter of network element device and strategy configuration are more complicated, therefore parameter mispairing or strategy very easily occur The problem of leak, causes the reliability of the network operation relatively low, therefore, check that security baseline becomes a gesture and exists The work that must be gone.
At present, a kind of work for checking security baseline, by the net of modules in the hand inspection network equipment Whether network parameter and strategy configuration there is exception, to realize checking the effect of network equipment security baseline.So And when by hand inspection security baseline, due to manually needing that the module in the network equipment is surveyed one by one Amount is compared, to realize the security baseline inspection of the network equipment, so as to cause to check the less efficient of security baseline.
The content of the invention
The present invention provides a kind of method and device for checking security baseline, can improve the effect for checking security baseline Rate.
The technical solution used in the present invention is:
In a first aspect, the present invention provides a kind of method for checking security baseline, security baseline inspection system is applied to System, the security baseline inspection system include:Configuration security baseline selftest module, the configuration safety is from line Module is located in the network equipment, other moulds in configuration security baseline selftest module and the network equipment Block carries out information exchange;Described method includes:
The configuration security baseline selftest module gathers the configuration parameter of other modules in the network equipment;
The configuration security baseline selftest module judges the configuration of other modules in the network equipment for collecting Whether parameter is matched with the desired value of configuration parameter;
If the configuration parameter of other modules is pre- with the configuration parameter in the network equipment for collecting Time value does not match that then the configuration security baseline selftest module sends warning information.
Second aspect, the invention provides a kind of device for checking security baseline, is applied to security baseline inspection System, the security baseline inspection system include:Configuration security baseline selftest module, the safe base of the configuration Line selftest module is located in the network equipment, in configuration security baseline selftest module and the network equipment Other modules carry out information exchange;Described device includes:
Collection submodule, in the configuration security baseline selftest module, for gathering the network equipment In other modules configuration parameter;
Judging submodule, positioned at it is described configuration security baseline selftest module in, for judge collect described in In the network equipment, whether the configuration parameter of other modules is matched with the desired value of configuration parameter;
Sending submodule, in the configuration security baseline selftest module, for the institute that described ought be collected When the desired value of the configuration parameter and the configuration parameter of stating other modules in the network equipment is not matched that, it is used for Send a warning message.
The method and device of the inspection security baseline that the present invention is provided, is applied to security baseline inspection system, institute Stating security baseline inspection system includes:Configuration security baseline selftest module, the configuration safety is from wire module position In the network equipment;Configuration security baseline selftest module gathers the configuration ginseng of other modules in the network equipment first Count, the configuration parameter and the desired value of configuration parameter for then judging other modules in the network equipment for collecting is No matching, if in the network equipment for finally collecting the configuration parameter of other modules and configuration parameter desired value Do not match that, then send warning information.With at present when by hand inspection security baseline when compared with, the present invention Detect by configuring security baseline selftest module whether the configuration parameter of the network equipment is joined with the configuration being pre-configured with Whether number matches, and whether safety problem occurs with other modules determined in the network equipment, without passing through Manually successively the configuration parameter of other modules in the network equipment is verified one by one, such that it is able to improve inspection The efficiency of security baseline.
Description of the drawings
In order to be illustrated more clearly that technical scheme of the invention or of the prior art, below will be to the present invention or existing Accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, it is attached in describing below Figure is only some embodiments of the present invention, for those of ordinary skill in the art, is not paying creation Property work on the premise of, can be obtaining other accompanying drawings according to these accompanying drawings.
Fig. 1 is the schematic diagram for configuring security baseline selftest module;
Fig. 2 is a kind of method flow diagram for checking security baseline in the embodiment of the present invention;
Fig. 3 is another kind of method flow diagram for checking security baseline in the embodiment of the present invention;
Fig. 4 is the method flow diagram of another inspection security baseline in the embodiment of the present invention;
Fig. 5 is the method flow diagram of another inspection security baseline in the embodiment of the present invention;
Fig. 6 is the method flow diagram of another inspection security baseline in the embodiment of the present invention;
Fig. 7 is a kind of schematic device for checking security baseline in the embodiment of the present invention;
Fig. 8 is another kind of schematic device for checking security baseline in the embodiment of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clearly Chu, it is fully described by, it is clear that described embodiment is only a part of embodiment of the invention, rather than Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creation Property work under the premise of all other embodiment for being obtained, belong to the scope of protection of the invention.
A kind of method for checking security baseline is embodiments provided, be applied to inspection security baseline is System, the system for checking security baseline include:Configuration security baseline selftest module, as shown in figure 1, should Configuration security baseline selftest module includes:Alarm submodule, note submodule, parameter compliance analysis Module, configuration submodule and daily record submodule.
The embodiment of the present invention provides a kind of method for checking security baseline, it is possible to increase check the effect of security baseline Rate, as shown in Fig. 2 methods described includes:
201st, configure the configuration parameter of other modules in the security baseline selftest module collection network equipment.
For the embodiment of the present invention, the configuration security baseline selftest module includes:Parameter compliance analysis Module.In embodiments of the present invention, other modules in the parameter compliance analysis submodule collection network equipment Configuration parameter information.
For the embodiment of the present invention, the network equipment can include:Router, notebook and switch etc.. In embodiments of the present invention, the configuration parameter includes:Temperature of account, password and module of router etc..
202nd, configure the configuration parameter that security baseline selftest module judges other modules in the network equipment for collecting Whether match with the desired value of configuration parameter.
For the embodiment of the present invention, in parameter compliance analysis submodule, other in the network equipment are provided with advance The configuration parameter information of module, in embodiments of the present invention, parameter compliance analysis submodule judges to collect The network equipment in the configuration parameter of other modules whether match with the desired value of configuration parameter.
For example, central processing unit (English full name is pre-set in parameter compliance analysis submodule:Central Processing Unit, english abbreviation:CPU temperature range) be less than 60 degree, and parameter compliance analysis Submodule now detects that the temperature of CPU is 75 degree, then characterize the expection of the configuration parameter with configuration parameter of CPU Value is not matched that.
If the desired value of the configuration parameter of other modules and configuration parameter not phase in the network equipment for the 203, collecting Matching, then configure security baseline selftest module and send a warning message.
For the embodiment of the present invention, the configuration security baseline selftest module also includes:Alarm submodule.At this In inventive embodiments, when parameter compliance analyzes the configuration ginseng of other modules in the network that submodule is collected Number does not match that with the desired value of configuration parameter then parameter compliance analyzes submodule in the alarm submodule Alarm solicited message is sent, to ask the alarm submodule to send highlighted alarm or ring sound alarm, to point out Baseline requirement do not met and there is parameter configuration in user.
The method for checking security baseline provided in an embodiment of the present invention, is applied to security baseline inspection system, institute Stating security baseline inspection system includes:Configuration security baseline selftest module, the configuration safety is from wire module position In the network equipment;Configuration security baseline selftest module gathers the configuration ginseng of other modules in the network equipment first Count, the configuration parameter and the desired value of configuration parameter for then judging other modules in the network equipment for collecting is No matching, if in the network equipment for finally collecting the configuration parameter of other modules and configuration parameter desired value Do not match that, then send warning information.With at present when by hand inspection security baseline when compared with, the present invention Embodiment by configure security baseline selftest module detect the configuration parameter of the network equipment whether be pre-configured with Whether configuration parameter matches, and whether safety problem occurs with other modules determined in the network equipment, without Will be by manually being verified to the configuration parameter of other modules in the network equipment one by one successively, such that it is able to carry The high efficiency for checking security baseline.
The alternatively possible implementation of the embodiment of the present invention, on the basis of as shown in Figure 2, step 201, In the configuration security baseline selftest module collection network equipment, the configuration parameter of other modules, specifically includes such as Fig. 3 institutes The step of showing 301.
301st, configure the configuration of security baseline selftest module other modules in preset time gathers the network equipment Parameter.
For the embodiment of the present invention, the configuration security baseline selftest module also includes:Configuration submodule, this is matched somebody with somebody Submodule is put in the desired value of configuration configuration parameter in parameter compliance submodule, the collection network equipment The execution cycle of the configuration parameter of other modules.
For the embodiment of the present invention, during cycle can for a hour, one day and one week.In the present invention Do not limit in embodiment.
For the embodiment of the present invention, every preset time, configuration security baseline selftest module is by detecting that network sets In standby other modules, whether configuration parameter is matched with the parameter being pre-configured with, and can not need user's triggering Under the premise of the automatic detection network equipment security baseline, such that it is able to improve detection security baseline automaticity.
The alternatively possible implementation of the embodiment of the present invention, on the basis of as shown in Figure 2, step 201, In the configuration security baseline selftest module collection network equipment, the configuration parameter of other modules, specifically includes such as Fig. 4 institutes The step of showing 401.
401st, the configured information of security baseline selftest module receiving user's input is configured, and in response to configured information, The configuration parameter of other modules in the collection network equipment.
Wherein, configured information is used to indicate other modules in the configuration security baseline selftest module collection network equipment Configuration parameter.
For the embodiment of the present invention, other moulds in the network equipment are checked when user needs to configure safe selftest module During the configuration parameter of block, user can send configured information to parameter compliance analysis submodule, to indicate ginseng The configuration parameter of other submodules in the number compliance analysis submodule collection network equipment.
Alternatively possible implementation provided in an embodiment of the present invention, on the basis of as shown in Figure 2, step If the desired value of the configuration parameter of other modules and configuration parameter not phase in the network equipment for the 203, collecting Match somebody with somebody, then configure security baseline selftest module and send warning information, also include step as shown in Figure 5 afterwards 501-504。
501st, configure security baseline selftest module to judge whether to need warning information to be sent to user terminal.
For the embodiment of the present invention, after alarm submodule sends warning information, alarm submodule is to configuration The information configured in submodule, judges whether to need to send short message alarm to user terminal, in present invention enforcement In example, be configured with configuration submodule whether need to user terminal send short message alarm and terminal-pair should in Number information.
502nd, if desired warning information is sent to user terminal, then configures security baseline selftest module and obtain use The corresponding number information of family terminal.
For the embodiment of the present invention, the warning information is used for the configuration for pointing out other modules in user network equipment Parameter is mismatched with the parameter being pre-configured with.
503rd, security baseline selftest module is configured according to the corresponding number information of user terminal, warning information is sent out Deliver to user terminal.
504th, configure security baseline selftest module recording operation information.
Wherein, operation information is when the configuration parameter and configuration parameter of other modules in the network equipment for collecting Desired value when not matching that, the mismatch information for being recorded and warning information.
For the embodiment of the present invention, operation information includes:The time of configuration security baseline selftest module self-inspection, Unmatched configuration parameter information and whether send short message alarm.
For the embodiment of the present invention, configure security baseline selftest module by note being sent to user terminal, with Occurs the unmatched situation of network parameter in informing user terminal network equipment, such that it is able to make the user ought not be When around the network equipment, in can obtaining the network equipment, whether module goes wrong, and then can improve network The safety of equipment.
The alternatively possible implementation of the embodiment of the present invention, on the basis of as shown in Figure 5, step 501, Configuration security baseline selftest module judges whether to need warning information to be sent to user terminal, also includes afterwards Step 601 as shown in Figure 6.
If the 601, warning information need not be sent to user terminal, configuration security baseline selftest module record Operation information.
Wherein, operation information is when the configuration parameter and configuration parameter of other modules in the network equipment for collecting Desired value when not matching that, the mismatch information for being recorded and warning information.
For the embodiment of the present invention, when warning information being sent to user terminal, then the operation is believed Breath only includes:The time of configuration security baseline selftest module self-inspection and unmatched configuration parameter information.
Further, another kind of method for checking security baseline is embodiments provided, safe base is configured Line selftest module is by detecting configuration parameter in the network equipment other modules every preset time and being pre-configured with Whether parameter matches, can not need user trigger on the premise of the automatic detection network equipment security baseline, Such that it is able to improve the automaticity of detection security baseline;Configuration security baseline selftest module is by user terminal Note is sent, occurs the unmatched situation of network parameter in user terminal network equipment to inform, such that it is able to User is made when not around the network equipment, whether module goes wrong in can obtaining the network equipment, and then The safety of the network equipment can be improved.
Used as the realization to method shown in Fig. 2, Fig. 3, Fig. 4, Fig. 5 and Fig. 6, the embodiment of the present invention is also carried A kind of device for checking security baseline has been supplied, the efficiency for checking security baseline has been improved, security baseline inspection has been applied to Look into system, it is characterised in that the security baseline inspection system includes:Configuration security baseline selftest module, The configuration security baseline selftest module is located in the network equipment, described to configure security baseline selftest module and institute Other modules stated in the network equipment carry out information exchange;As shown in fig. 7, described device includes:Collection Module 71, judging submodule 72, sending submodule 73.
Collection submodule 71, in configuration security baseline selftest module, for gathering other in the network equipment The configuration parameter of module.
Judging submodule 72, in configuration security baseline selftest module, for judging that the network for collecting sets In standby, whether the configuration parameter of other modules is matched with the desired value of configuration parameter.
Sending submodule 73, in configuration security baseline selftest module, for when the network equipment for collecting In the configuration parameter of other modules and the desired value of configuration parameter when not matching that, for sending a warning message.
Collection submodule 71, in configuration security baseline selftest module, specifically for adopting every preset time The configuration parameter of other modules in the collection network equipment.
Collection submodule 71, in configuration security baseline selftest module, specifically for receiving user's input Configured information.
Collection submodule 71, in configuration security baseline selftest module, specifically in response to configured information.
Collection submodule 71, in configuration security baseline selftest module, specifically for gathering in the network equipment The configuration parameter of other modules.
Wherein, configured information is used to indicate other modules in the configuration security baseline selftest module collection network equipment Configuration parameter.
Judging submodule 72, in configuration security baseline selftest module, specifically for judge whether to need by Warning information is sent to user terminal.
Further, as shown in figure 8, described device also includes:Acquisition submodule 81, record sub module 82.
Acquisition submodule 81, in configuration security baseline selftest module, needs to send out warning information for working as When delivering to user terminal, the corresponding number information of user terminal is obtained.
Sending submodule 73, in configuration security baseline selftest module, is additionally operable to according to user terminal correspondence Number information, warning information is sent to user terminal.
Record sub module 82, in configuration security baseline selftest module, for recording operation information.
Wherein, operation information is when the configuration parameter and configuration parameter of other modules in the network equipment for collecting Desired value when not matching that, the mismatch information for being recorded and warning information.
Record sub module 82, positioned at configuring safe selftest module, for when need not by warning information send to During user terminal, recording operation information.
Wherein, operation information is when the configuration parameter and configuration parameter of other modules in the network equipment for collecting Desired value when not matching that, the mismatch information for being recorded and warning information.
The device for checking security baseline provided in an embodiment of the present invention, is applied to security baseline inspection system, institute Stating security baseline inspection system includes:Configuration security baseline selftest module, the configuration safety is from wire module position In the network equipment;Configuration security baseline selftest module gathers the configuration ginseng of other modules in the network equipment first Count, the configuration parameter and the desired value of configuration parameter for then judging other modules in the network equipment for collecting is No matching, if in the network equipment for finally collecting the configuration parameter of other modules and configuration parameter desired value Do not match that, then send warning information.With at present when by hand inspection security baseline when compared with, the present invention Embodiment by configure security baseline selftest module detect the configuration parameter of the network equipment whether be pre-configured with Whether configuration parameter matches, and whether safety problem occurs with other modules determined in the network equipment, without Will be by manually being verified to the configuration parameter of other modules in the network equipment one by one successively, such that it is able to carry The high efficiency for checking security baseline.
Further, another kind of device for checking security baseline is embodiments provided, safe base is configured Line selftest module is by detecting configuration parameter in the network equipment other modules every preset time and being pre-configured with Whether parameter matches, can not need user trigger on the premise of the automatic detection network equipment security baseline, Such that it is able to improve the automaticity of detection security baseline;Configuration security baseline selftest module is by user terminal Note is sent, occurs the unmatched situation of network parameter in user terminal network equipment to inform, such that it is able to User is made when not around the network equipment, whether module goes wrong in can obtaining the network equipment, and then The safety of the network equipment can be improved.
It should be noted that each unit institute is right in the device of the inspection security baseline provided in the embodiment of the present invention Other the corresponding descriptions answered, may be referred to the correspondence description in Fig. 2, Fig. 3, Fig. 4, Fig. 5 and Fig. 6, and here is not Repeat again.
The device for checking security baseline provided in an embodiment of the present invention can realize that the method for above-mentioned offer is implemented Example, concrete function are realized referring to the explanation in embodiment of the method, will not be described here.The embodiment of the present invention The method and device of the inspection security baseline of offer do not go for checking the security baseline of the network equipment, but not It is only limitted to this.
One of ordinary skill in the art will appreciate that all or part of flow process in realizing above-described embodiment method, Computer program be can be by instruct the hardware of correlation to complete, described program can be stored in a calculating In machine read/write memory medium, the program is upon execution, it may include such as the flow process of the embodiment of above-mentioned each method. Wherein, described storage medium can for magnetic disc, CD, read-only memory (Read-Only Memory, ) or random access memory (Random Access Memory, RAM) etc. ROM.
The above, the only specific embodiment of the present invention, but protection scope of the present invention is not limited to This, any those familiar with the art the invention discloses technical scope in, can readily occur in Change or replacement, should all be included within the scope of the present invention.Therefore, protection scope of the present invention Should be defined by scope of the claims.

Claims (10)

1. a kind of method for checking security baseline, is applied to security baseline inspection system, it is characterised in that institute Stating security baseline inspection system includes:Configuration security baseline selftest module, the configuration security baseline self-inspection mould Block is located in the network equipment, other modules in configuration security baseline selftest module and the network equipment Carry out information exchange;Methods described includes:
The configuration security baseline selftest module gathers the configuration parameter of other modules in the network equipment;
The configuration security baseline selftest module judges the configuration of other modules in the network equipment for collecting Whether parameter is matched with the desired value of configuration parameter;
If the configuration parameter of other modules is pre- with the configuration parameter in the network equipment for collecting Time value does not match that then the configuration security baseline selftest module sends a warning message.
2. the method for checking security baseline according to claim 1, it is characterised in that configuration peace The step of full baseline selftest module gathers the configuration parameter of other modules in the network equipment, specifically includes:
The configuration security baseline selftest module other modules in preset time gathers the network equipment Configuration parameter.
3. the method for checking security baseline according to claim 1, it is characterised in that configuration peace The step of full baseline selftest module gathers the configuration parameter of other modules in the network equipment, specifically includes:
The configured information of the configuration security baseline selftest module receiving user's input, and in response to the instruction Information, gathers the configuration parameter of other modules in the network equipment, and the configured information is described for indicating Configuration security baseline selftest module gathers the configuration parameter of other modules in the network equipment.
4. it is according to claim 1 check security baseline method, it is characterised in that if described The desired value of the configuration parameter of other modules and the configuration parameter not phase in the network equipment for collecting Match somebody with somebody, then, after the configuration security baseline selftest module is the step of send warning information, also include:
The configuration security baseline selftest module judges whether to need warning information to be sent to user terminal;
If desired the warning information is sent to the user terminal, then it is described to configure security baseline self-inspection mould Block obtains the corresponding number information of the user terminal;
It is described configuration security baseline selftest module according to the corresponding number information of the user terminal, by the announcement Alarming information is sent to the user terminal;
The configuration security baseline selftest module recording operation information, the operation information is described to collect The network equipment in the configuration parameter of other modules when not matching that with the desired value of the configuration parameter, The mismatch information for being recorded and warning information.
5. the method for checking security baseline according to claim 4, it is characterised in that configuration peace Full baseline selftest module judges whether to need warning information to be sent to after the step of user terminal, also includes:
If the warning information need not be sent to the user terminal, the configuration security baseline self-inspection Module recording operation information, the operation information are other modules in the network equipment that described ought be collected The desired value of configuration parameter and configuration parameter when not matching that, the mismatch information for being recorded and announcement Alarming information.
6. a kind of device for checking security baseline, is applied to security baseline inspection system, it is characterised in that institute Stating security baseline inspection system includes:Configuration security baseline selftest module, the configuration security baseline self-inspection mould Block is located in the network equipment, other modules in configuration security baseline selftest module and the network equipment Carry out information exchange;Described device includes:
Collection submodule, in the configuration security baseline selftest module, for gathering the network equipment In other modules configuration parameter;
Judging submodule, positioned at it is described configuration security baseline selftest module in, for judge collect described in In the network equipment, whether the configuration parameter of other modules is matched with the desired value of configuration parameter;
Sending submodule, in the configuration security baseline selftest module, for the institute that described ought be collected When the desired value of the configuration parameter and the configuration parameter of stating other modules in the network equipment is not matched that, it is used for Send a warning message.
7. it is according to claim 6 check security baseline device, it is characterised in that
The collection submodule, in the configuration security baseline selftest module, specifically for every preset Time gathers the configuration parameter of other modules in the network equipment.
8. it is according to claim 6 check security baseline device, it is characterised in that
The collection submodule, in the configuration security baseline selftest module, specifically for receive user The configured information of input;
The collection submodule, in the configuration security baseline selftest module, specifically in response to institute State configured information;
The collection submodule, it is in the configuration security baseline selftest module, described specifically for collection The configuration parameter of other modules in the network equipment, the configured information are used to indicate the configuration security baseline certainly Inspection module gathers the configuration parameter of other modules in the network equipment.
9. it is according to claim 6 check security baseline device, it is characterised in that
The judging submodule, in the configuration security baseline selftest module, specifically for judging whether Need warning information to be sent to user terminal;
Described device also includes:Acquisition submodule, record sub module;
The acquisition submodule, in the configuration security baseline selftest module, for when need will be described When warning information is sent to the user terminal, the corresponding number information of the user terminal is obtained;
The sending submodule, in the configuration security baseline selftest module, is additionally operable to according to the use The corresponding number information of family terminal, the warning information is sent to the user terminal;
The record sub module, in the configuration security baseline selftest module, for recording operation information, The operation information is that the configuration parameter of other modules in the network equipment that described ought be collected is matched somebody with somebody with described When putting the desired value of parameter and not matching that, the mismatch information for being recorded and warning information.
10. it is according to claim 9 check security baseline device, it is characterised in that
The record sub module, positioned at the safe selftest module of the configuration, need not be by the alarm for working as When information is sent to the user terminal, recording operation information, the operation information described ought be collected When in the network equipment, the desired value of the configuration parameter of other modules and the configuration parameter is not matched that, institute The mismatch information of record and warning information.
CN201510642155.XA 2015-09-30 2015-09-30 Check the method and device of security baseline Pending CN106559249A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510642155.XA CN106559249A (en) 2015-09-30 2015-09-30 Check the method and device of security baseline

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510642155.XA CN106559249A (en) 2015-09-30 2015-09-30 Check the method and device of security baseline

Publications (1)

Publication Number Publication Date
CN106559249A true CN106559249A (en) 2017-04-05

Family

ID=58417975

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510642155.XA Pending CN106559249A (en) 2015-09-30 2015-09-30 Check the method and device of security baseline

Country Status (1)

Country Link
CN (1) CN106559249A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108337124A (en) * 2018-03-21 2018-07-27 北京天融信网络安全技术有限公司 Configuration information management method, device, equipment and readable storage medium storing program for executing
CN110855652A (en) * 2019-11-05 2020-02-28 南方电网数字电网研究院有限公司 Safety baseline configuration compliance detection method and device, computer equipment and medium
CN111767549A (en) * 2020-07-09 2020-10-13 中国工商银行股份有限公司 Detection method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120265865A1 (en) * 2011-04-14 2012-10-18 Ricoh Company, Ltd. Device management system
CN103518359A (en) * 2013-02-08 2014-01-15 华为技术有限公司 Method, device and network for achieving attack resistance of cloud computing
CN103746988A (en) * 2013-12-31 2014-04-23 曙光云计算技术有限公司 Security management method and system of cloud host machine
CN104363107A (en) * 2014-10-21 2015-02-18 中国联合网络通信集团有限公司 Inspection method and equipment for security baseline

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120265865A1 (en) * 2011-04-14 2012-10-18 Ricoh Company, Ltd. Device management system
CN103518359A (en) * 2013-02-08 2014-01-15 华为技术有限公司 Method, device and network for achieving attack resistance of cloud computing
CN103746988A (en) * 2013-12-31 2014-04-23 曙光云计算技术有限公司 Security management method and system of cloud host machine
CN104363107A (en) * 2014-10-21 2015-02-18 中国联合网络通信集团有限公司 Inspection method and equipment for security baseline

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108337124A (en) * 2018-03-21 2018-07-27 北京天融信网络安全技术有限公司 Configuration information management method, device, equipment and readable storage medium storing program for executing
CN110855652A (en) * 2019-11-05 2020-02-28 南方电网数字电网研究院有限公司 Safety baseline configuration compliance detection method and device, computer equipment and medium
CN111767549A (en) * 2020-07-09 2020-10-13 中国工商银行股份有限公司 Detection method and device
CN111767549B (en) * 2020-07-09 2023-09-05 中国工商银行股份有限公司 Detection method and device

Similar Documents

Publication Publication Date Title
US8601536B2 (en) Bus monitor for enhancing SOC system security and realization method thereof
CN107566388B (en) Industrial control vulnerability detection method, device and system
CN106324385A (en) Testing system and method for battery management system
CN106559249A (en) Check the method and device of security baseline
CN105956669A (en) Vehicle maintenance strategy pushing method and device
EP3623781A1 (en) Battery pack temperature detection system
CN105812200A (en) Abnormal behavior detection method and device
CN107579861A (en) Website Usability alarm method, device and electronic equipment based on multi-line monitoring
CN105676693A (en) Method and system for data synchronization of vehicle sensor in automatic driving
CN112651029B (en) System and method for detecting application system loopholes, storage medium and electronic equipment
CN110245077A (en) A kind of response method and equipment of program exception
CN102609350A (en) Server memory failure alarm method
CN105761167A (en) Method for evaluating health status of transformer station secondary equipment
CN105606958A (en) Processing method, system, and apparatus for fault information of power system
CN110209529A (en) The guard method of radio frequency parameter and electronic equipment
CN104794013B (en) Alignment system running status, the method and device for establishing system running state model
CN107943661A (en) A kind of data storage management system
CN107977467A (en) Database monitoring device
CN107317708A (en) The monitoring method and device of a kind of Court business application system
CN111654405B (en) Method, device, equipment and storage medium for fault node of communication link
JP2020525944A (en) Bus monitoring system, method and apparatus
CN110940874A (en) Calibration method, server and medium for nuclear power station transformer protection device
TW200924428A (en) An inside tracing method of the network attacking detection
CN107395387A (en) The methods, devices and systems of two-shipper business recovery
CN112836192B (en) Portrait characteristic data issuing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170405

RJ01 Rejection of invention patent application after publication