CN106559249A - Check the method and device of security baseline - Google Patents
Check the method and device of security baseline Download PDFInfo
- Publication number
- CN106559249A CN106559249A CN201510642155.XA CN201510642155A CN106559249A CN 106559249 A CN106559249 A CN 106559249A CN 201510642155 A CN201510642155 A CN 201510642155A CN 106559249 A CN106559249 A CN 106559249A
- Authority
- CN
- China
- Prior art keywords
- configuration
- security baseline
- network equipment
- modules
- selftest module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of method and device for checking security baseline, is related to areas of information technology, inspection safety and modern efficiency can be improved.Security baseline inspection system is applied to, the security baseline inspection system includes:Configuration security baseline selftest module, the configuration safety are located in the network equipment from wire module;Configuration security baseline selftest module gathers the configuration parameter of other modules in the network equipment first, then judge whether the configuration parameter of other modules in the network equipment for collecting is matched with the desired value of configuration parameter, if the configuration parameter of other modules is not matched that with the desired value of configuration parameter in the network equipment for finally collecting, warning information is sent.The present invention is applied to the security baseline for checking the network equipment.
Description
Technical field
The present invention relates to areas of information technology, more particularly to a kind of method and device for checking security baseline.
Background technology
With the development of information technology, network size also with extension, however as the extension of network size,
The parameter of network element device and strategy configuration are more complicated, therefore parameter mispairing or strategy very easily occur
The problem of leak, causes the reliability of the network operation relatively low, therefore, check that security baseline becomes a gesture and exists
The work that must be gone.
At present, a kind of work for checking security baseline, by the net of modules in the hand inspection network equipment
Whether network parameter and strategy configuration there is exception, to realize checking the effect of network equipment security baseline.So
And when by hand inspection security baseline, due to manually needing that the module in the network equipment is surveyed one by one
Amount is compared, to realize the security baseline inspection of the network equipment, so as to cause to check the less efficient of security baseline.
The content of the invention
The present invention provides a kind of method and device for checking security baseline, can improve the effect for checking security baseline
Rate.
The technical solution used in the present invention is:
In a first aspect, the present invention provides a kind of method for checking security baseline, security baseline inspection system is applied to
System, the security baseline inspection system include:Configuration security baseline selftest module, the configuration safety is from line
Module is located in the network equipment, other moulds in configuration security baseline selftest module and the network equipment
Block carries out information exchange;Described method includes:
The configuration security baseline selftest module gathers the configuration parameter of other modules in the network equipment;
The configuration security baseline selftest module judges the configuration of other modules in the network equipment for collecting
Whether parameter is matched with the desired value of configuration parameter;
If the configuration parameter of other modules is pre- with the configuration parameter in the network equipment for collecting
Time value does not match that then the configuration security baseline selftest module sends warning information.
Second aspect, the invention provides a kind of device for checking security baseline, is applied to security baseline inspection
System, the security baseline inspection system include:Configuration security baseline selftest module, the safe base of the configuration
Line selftest module is located in the network equipment, in configuration security baseline selftest module and the network equipment
Other modules carry out information exchange;Described device includes:
Collection submodule, in the configuration security baseline selftest module, for gathering the network equipment
In other modules configuration parameter;
Judging submodule, positioned at it is described configuration security baseline selftest module in, for judge collect described in
In the network equipment, whether the configuration parameter of other modules is matched with the desired value of configuration parameter;
Sending submodule, in the configuration security baseline selftest module, for the institute that described ought be collected
When the desired value of the configuration parameter and the configuration parameter of stating other modules in the network equipment is not matched that, it is used for
Send a warning message.
The method and device of the inspection security baseline that the present invention is provided, is applied to security baseline inspection system, institute
Stating security baseline inspection system includes:Configuration security baseline selftest module, the configuration safety is from wire module position
In the network equipment;Configuration security baseline selftest module gathers the configuration ginseng of other modules in the network equipment first
Count, the configuration parameter and the desired value of configuration parameter for then judging other modules in the network equipment for collecting is
No matching, if in the network equipment for finally collecting the configuration parameter of other modules and configuration parameter desired value
Do not match that, then send warning information.With at present when by hand inspection security baseline when compared with, the present invention
Detect by configuring security baseline selftest module whether the configuration parameter of the network equipment is joined with the configuration being pre-configured with
Whether number matches, and whether safety problem occurs with other modules determined in the network equipment, without passing through
Manually successively the configuration parameter of other modules in the network equipment is verified one by one, such that it is able to improve inspection
The efficiency of security baseline.
Description of the drawings
In order to be illustrated more clearly that technical scheme of the invention or of the prior art, below will be to the present invention or existing
Accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, it is attached in describing below
Figure is only some embodiments of the present invention, for those of ordinary skill in the art, is not paying creation
Property work on the premise of, can be obtaining other accompanying drawings according to these accompanying drawings.
Fig. 1 is the schematic diagram for configuring security baseline selftest module;
Fig. 2 is a kind of method flow diagram for checking security baseline in the embodiment of the present invention;
Fig. 3 is another kind of method flow diagram for checking security baseline in the embodiment of the present invention;
Fig. 4 is the method flow diagram of another inspection security baseline in the embodiment of the present invention;
Fig. 5 is the method flow diagram of another inspection security baseline in the embodiment of the present invention;
Fig. 6 is the method flow diagram of another inspection security baseline in the embodiment of the present invention;
Fig. 7 is a kind of schematic device for checking security baseline in the embodiment of the present invention;
Fig. 8 is another kind of schematic device for checking security baseline in the embodiment of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clearly
Chu, it is fully described by, it is clear that described embodiment is only a part of embodiment of the invention, rather than
Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creation
Property work under the premise of all other embodiment for being obtained, belong to the scope of protection of the invention.
A kind of method for checking security baseline is embodiments provided, be applied to inspection security baseline is
System, the system for checking security baseline include:Configuration security baseline selftest module, as shown in figure 1, should
Configuration security baseline selftest module includes:Alarm submodule, note submodule, parameter compliance analysis
Module, configuration submodule and daily record submodule.
The embodiment of the present invention provides a kind of method for checking security baseline, it is possible to increase check the effect of security baseline
Rate, as shown in Fig. 2 methods described includes:
201st, configure the configuration parameter of other modules in the security baseline selftest module collection network equipment.
For the embodiment of the present invention, the configuration security baseline selftest module includes:Parameter compliance analysis
Module.In embodiments of the present invention, other modules in the parameter compliance analysis submodule collection network equipment
Configuration parameter information.
For the embodiment of the present invention, the network equipment can include:Router, notebook and switch etc..
In embodiments of the present invention, the configuration parameter includes:Temperature of account, password and module of router etc..
202nd, configure the configuration parameter that security baseline selftest module judges other modules in the network equipment for collecting
Whether match with the desired value of configuration parameter.
For the embodiment of the present invention, in parameter compliance analysis submodule, other in the network equipment are provided with advance
The configuration parameter information of module, in embodiments of the present invention, parameter compliance analysis submodule judges to collect
The network equipment in the configuration parameter of other modules whether match with the desired value of configuration parameter.
For example, central processing unit (English full name is pre-set in parameter compliance analysis submodule:Central
Processing Unit, english abbreviation:CPU temperature range) be less than 60 degree, and parameter compliance analysis
Submodule now detects that the temperature of CPU is 75 degree, then characterize the expection of the configuration parameter with configuration parameter of CPU
Value is not matched that.
If the desired value of the configuration parameter of other modules and configuration parameter not phase in the network equipment for the 203, collecting
Matching, then configure security baseline selftest module and send a warning message.
For the embodiment of the present invention, the configuration security baseline selftest module also includes:Alarm submodule.At this
In inventive embodiments, when parameter compliance analyzes the configuration ginseng of other modules in the network that submodule is collected
Number does not match that with the desired value of configuration parameter then parameter compliance analyzes submodule in the alarm submodule
Alarm solicited message is sent, to ask the alarm submodule to send highlighted alarm or ring sound alarm, to point out
Baseline requirement do not met and there is parameter configuration in user.
The method for checking security baseline provided in an embodiment of the present invention, is applied to security baseline inspection system, institute
Stating security baseline inspection system includes:Configuration security baseline selftest module, the configuration safety is from wire module position
In the network equipment;Configuration security baseline selftest module gathers the configuration ginseng of other modules in the network equipment first
Count, the configuration parameter and the desired value of configuration parameter for then judging other modules in the network equipment for collecting is
No matching, if in the network equipment for finally collecting the configuration parameter of other modules and configuration parameter desired value
Do not match that, then send warning information.With at present when by hand inspection security baseline when compared with, the present invention
Embodiment by configure security baseline selftest module detect the configuration parameter of the network equipment whether be pre-configured with
Whether configuration parameter matches, and whether safety problem occurs with other modules determined in the network equipment, without
Will be by manually being verified to the configuration parameter of other modules in the network equipment one by one successively, such that it is able to carry
The high efficiency for checking security baseline.
The alternatively possible implementation of the embodiment of the present invention, on the basis of as shown in Figure 2, step 201,
In the configuration security baseline selftest module collection network equipment, the configuration parameter of other modules, specifically includes such as Fig. 3 institutes
The step of showing 301.
301st, configure the configuration of security baseline selftest module other modules in preset time gathers the network equipment
Parameter.
For the embodiment of the present invention, the configuration security baseline selftest module also includes:Configuration submodule, this is matched somebody with somebody
Submodule is put in the desired value of configuration configuration parameter in parameter compliance submodule, the collection network equipment
The execution cycle of the configuration parameter of other modules.
For the embodiment of the present invention, during cycle can for a hour, one day and one week.In the present invention
Do not limit in embodiment.
For the embodiment of the present invention, every preset time, configuration security baseline selftest module is by detecting that network sets
In standby other modules, whether configuration parameter is matched with the parameter being pre-configured with, and can not need user's triggering
Under the premise of the automatic detection network equipment security baseline, such that it is able to improve detection security baseline automaticity.
The alternatively possible implementation of the embodiment of the present invention, on the basis of as shown in Figure 2, step 201,
In the configuration security baseline selftest module collection network equipment, the configuration parameter of other modules, specifically includes such as Fig. 4 institutes
The step of showing 401.
401st, the configured information of security baseline selftest module receiving user's input is configured, and in response to configured information,
The configuration parameter of other modules in the collection network equipment.
Wherein, configured information is used to indicate other modules in the configuration security baseline selftest module collection network equipment
Configuration parameter.
For the embodiment of the present invention, other moulds in the network equipment are checked when user needs to configure safe selftest module
During the configuration parameter of block, user can send configured information to parameter compliance analysis submodule, to indicate ginseng
The configuration parameter of other submodules in the number compliance analysis submodule collection network equipment.
Alternatively possible implementation provided in an embodiment of the present invention, on the basis of as shown in Figure 2, step
If the desired value of the configuration parameter of other modules and configuration parameter not phase in the network equipment for the 203, collecting
Match somebody with somebody, then configure security baseline selftest module and send warning information, also include step as shown in Figure 5 afterwards
501-504。
501st, configure security baseline selftest module to judge whether to need warning information to be sent to user terminal.
For the embodiment of the present invention, after alarm submodule sends warning information, alarm submodule is to configuration
The information configured in submodule, judges whether to need to send short message alarm to user terminal, in present invention enforcement
In example, be configured with configuration submodule whether need to user terminal send short message alarm and terminal-pair should in
Number information.
502nd, if desired warning information is sent to user terminal, then configures security baseline selftest module and obtain use
The corresponding number information of family terminal.
For the embodiment of the present invention, the warning information is used for the configuration for pointing out other modules in user network equipment
Parameter is mismatched with the parameter being pre-configured with.
503rd, security baseline selftest module is configured according to the corresponding number information of user terminal, warning information is sent out
Deliver to user terminal.
504th, configure security baseline selftest module recording operation information.
Wherein, operation information is when the configuration parameter and configuration parameter of other modules in the network equipment for collecting
Desired value when not matching that, the mismatch information for being recorded and warning information.
For the embodiment of the present invention, operation information includes:The time of configuration security baseline selftest module self-inspection,
Unmatched configuration parameter information and whether send short message alarm.
For the embodiment of the present invention, configure security baseline selftest module by note being sent to user terminal, with
Occurs the unmatched situation of network parameter in informing user terminal network equipment, such that it is able to make the user ought not be
When around the network equipment, in can obtaining the network equipment, whether module goes wrong, and then can improve network
The safety of equipment.
The alternatively possible implementation of the embodiment of the present invention, on the basis of as shown in Figure 5, step 501,
Configuration security baseline selftest module judges whether to need warning information to be sent to user terminal, also includes afterwards
Step 601 as shown in Figure 6.
If the 601, warning information need not be sent to user terminal, configuration security baseline selftest module record
Operation information.
Wherein, operation information is when the configuration parameter and configuration parameter of other modules in the network equipment for collecting
Desired value when not matching that, the mismatch information for being recorded and warning information.
For the embodiment of the present invention, when warning information being sent to user terminal, then the operation is believed
Breath only includes:The time of configuration security baseline selftest module self-inspection and unmatched configuration parameter information.
Further, another kind of method for checking security baseline is embodiments provided, safe base is configured
Line selftest module is by detecting configuration parameter in the network equipment other modules every preset time and being pre-configured with
Whether parameter matches, can not need user trigger on the premise of the automatic detection network equipment security baseline,
Such that it is able to improve the automaticity of detection security baseline;Configuration security baseline selftest module is by user terminal
Note is sent, occurs the unmatched situation of network parameter in user terminal network equipment to inform, such that it is able to
User is made when not around the network equipment, whether module goes wrong in can obtaining the network equipment, and then
The safety of the network equipment can be improved.
Used as the realization to method shown in Fig. 2, Fig. 3, Fig. 4, Fig. 5 and Fig. 6, the embodiment of the present invention is also carried
A kind of device for checking security baseline has been supplied, the efficiency for checking security baseline has been improved, security baseline inspection has been applied to
Look into system, it is characterised in that the security baseline inspection system includes:Configuration security baseline selftest module,
The configuration security baseline selftest module is located in the network equipment, described to configure security baseline selftest module and institute
Other modules stated in the network equipment carry out information exchange;As shown in fig. 7, described device includes:Collection
Module 71, judging submodule 72, sending submodule 73.
Collection submodule 71, in configuration security baseline selftest module, for gathering other in the network equipment
The configuration parameter of module.
Judging submodule 72, in configuration security baseline selftest module, for judging that the network for collecting sets
In standby, whether the configuration parameter of other modules is matched with the desired value of configuration parameter.
Sending submodule 73, in configuration security baseline selftest module, for when the network equipment for collecting
In the configuration parameter of other modules and the desired value of configuration parameter when not matching that, for sending a warning message.
Collection submodule 71, in configuration security baseline selftest module, specifically for adopting every preset time
The configuration parameter of other modules in the collection network equipment.
Collection submodule 71, in configuration security baseline selftest module, specifically for receiving user's input
Configured information.
Collection submodule 71, in configuration security baseline selftest module, specifically in response to configured information.
Collection submodule 71, in configuration security baseline selftest module, specifically for gathering in the network equipment
The configuration parameter of other modules.
Wherein, configured information is used to indicate other modules in the configuration security baseline selftest module collection network equipment
Configuration parameter.
Judging submodule 72, in configuration security baseline selftest module, specifically for judge whether to need by
Warning information is sent to user terminal.
Further, as shown in figure 8, described device also includes:Acquisition submodule 81, record sub module 82.
Acquisition submodule 81, in configuration security baseline selftest module, needs to send out warning information for working as
When delivering to user terminal, the corresponding number information of user terminal is obtained.
Sending submodule 73, in configuration security baseline selftest module, is additionally operable to according to user terminal correspondence
Number information, warning information is sent to user terminal.
Record sub module 82, in configuration security baseline selftest module, for recording operation information.
Wherein, operation information is when the configuration parameter and configuration parameter of other modules in the network equipment for collecting
Desired value when not matching that, the mismatch information for being recorded and warning information.
Record sub module 82, positioned at configuring safe selftest module, for when need not by warning information send to
During user terminal, recording operation information.
Wherein, operation information is when the configuration parameter and configuration parameter of other modules in the network equipment for collecting
Desired value when not matching that, the mismatch information for being recorded and warning information.
The device for checking security baseline provided in an embodiment of the present invention, is applied to security baseline inspection system, institute
Stating security baseline inspection system includes:Configuration security baseline selftest module, the configuration safety is from wire module position
In the network equipment;Configuration security baseline selftest module gathers the configuration ginseng of other modules in the network equipment first
Count, the configuration parameter and the desired value of configuration parameter for then judging other modules in the network equipment for collecting is
No matching, if in the network equipment for finally collecting the configuration parameter of other modules and configuration parameter desired value
Do not match that, then send warning information.With at present when by hand inspection security baseline when compared with, the present invention
Embodiment by configure security baseline selftest module detect the configuration parameter of the network equipment whether be pre-configured with
Whether configuration parameter matches, and whether safety problem occurs with other modules determined in the network equipment, without
Will be by manually being verified to the configuration parameter of other modules in the network equipment one by one successively, such that it is able to carry
The high efficiency for checking security baseline.
Further, another kind of device for checking security baseline is embodiments provided, safe base is configured
Line selftest module is by detecting configuration parameter in the network equipment other modules every preset time and being pre-configured with
Whether parameter matches, can not need user trigger on the premise of the automatic detection network equipment security baseline,
Such that it is able to improve the automaticity of detection security baseline;Configuration security baseline selftest module is by user terminal
Note is sent, occurs the unmatched situation of network parameter in user terminal network equipment to inform, such that it is able to
User is made when not around the network equipment, whether module goes wrong in can obtaining the network equipment, and then
The safety of the network equipment can be improved.
It should be noted that each unit institute is right in the device of the inspection security baseline provided in the embodiment of the present invention
Other the corresponding descriptions answered, may be referred to the correspondence description in Fig. 2, Fig. 3, Fig. 4, Fig. 5 and Fig. 6, and here is not
Repeat again.
The device for checking security baseline provided in an embodiment of the present invention can realize that the method for above-mentioned offer is implemented
Example, concrete function are realized referring to the explanation in embodiment of the method, will not be described here.The embodiment of the present invention
The method and device of the inspection security baseline of offer do not go for checking the security baseline of the network equipment, but not
It is only limitted to this.
One of ordinary skill in the art will appreciate that all or part of flow process in realizing above-described embodiment method,
Computer program be can be by instruct the hardware of correlation to complete, described program can be stored in a calculating
In machine read/write memory medium, the program is upon execution, it may include such as the flow process of the embodiment of above-mentioned each method.
Wherein, described storage medium can for magnetic disc, CD, read-only memory (Read-Only Memory,
) or random access memory (Random Access Memory, RAM) etc. ROM.
The above, the only specific embodiment of the present invention, but protection scope of the present invention is not limited to
This, any those familiar with the art the invention discloses technical scope in, can readily occur in
Change or replacement, should all be included within the scope of the present invention.Therefore, protection scope of the present invention
Should be defined by scope of the claims.
Claims (10)
1. a kind of method for checking security baseline, is applied to security baseline inspection system, it is characterised in that institute
Stating security baseline inspection system includes:Configuration security baseline selftest module, the configuration security baseline self-inspection mould
Block is located in the network equipment, other modules in configuration security baseline selftest module and the network equipment
Carry out information exchange;Methods described includes:
The configuration security baseline selftest module gathers the configuration parameter of other modules in the network equipment;
The configuration security baseline selftest module judges the configuration of other modules in the network equipment for collecting
Whether parameter is matched with the desired value of configuration parameter;
If the configuration parameter of other modules is pre- with the configuration parameter in the network equipment for collecting
Time value does not match that then the configuration security baseline selftest module sends a warning message.
2. the method for checking security baseline according to claim 1, it is characterised in that configuration peace
The step of full baseline selftest module gathers the configuration parameter of other modules in the network equipment, specifically includes:
The configuration security baseline selftest module other modules in preset time gathers the network equipment
Configuration parameter.
3. the method for checking security baseline according to claim 1, it is characterised in that configuration peace
The step of full baseline selftest module gathers the configuration parameter of other modules in the network equipment, specifically includes:
The configured information of the configuration security baseline selftest module receiving user's input, and in response to the instruction
Information, gathers the configuration parameter of other modules in the network equipment, and the configured information is described for indicating
Configuration security baseline selftest module gathers the configuration parameter of other modules in the network equipment.
4. it is according to claim 1 check security baseline method, it is characterised in that if described
The desired value of the configuration parameter of other modules and the configuration parameter not phase in the network equipment for collecting
Match somebody with somebody, then, after the configuration security baseline selftest module is the step of send warning information, also include:
The configuration security baseline selftest module judges whether to need warning information to be sent to user terminal;
If desired the warning information is sent to the user terminal, then it is described to configure security baseline self-inspection mould
Block obtains the corresponding number information of the user terminal;
It is described configuration security baseline selftest module according to the corresponding number information of the user terminal, by the announcement
Alarming information is sent to the user terminal;
The configuration security baseline selftest module recording operation information, the operation information is described to collect
The network equipment in the configuration parameter of other modules when not matching that with the desired value of the configuration parameter,
The mismatch information for being recorded and warning information.
5. the method for checking security baseline according to claim 4, it is characterised in that configuration peace
Full baseline selftest module judges whether to need warning information to be sent to after the step of user terminal, also includes:
If the warning information need not be sent to the user terminal, the configuration security baseline self-inspection
Module recording operation information, the operation information are other modules in the network equipment that described ought be collected
The desired value of configuration parameter and configuration parameter when not matching that, the mismatch information for being recorded and announcement
Alarming information.
6. a kind of device for checking security baseline, is applied to security baseline inspection system, it is characterised in that institute
Stating security baseline inspection system includes:Configuration security baseline selftest module, the configuration security baseline self-inspection mould
Block is located in the network equipment, other modules in configuration security baseline selftest module and the network equipment
Carry out information exchange;Described device includes:
Collection submodule, in the configuration security baseline selftest module, for gathering the network equipment
In other modules configuration parameter;
Judging submodule, positioned at it is described configuration security baseline selftest module in, for judge collect described in
In the network equipment, whether the configuration parameter of other modules is matched with the desired value of configuration parameter;
Sending submodule, in the configuration security baseline selftest module, for the institute that described ought be collected
When the desired value of the configuration parameter and the configuration parameter of stating other modules in the network equipment is not matched that, it is used for
Send a warning message.
7. it is according to claim 6 check security baseline device, it is characterised in that
The collection submodule, in the configuration security baseline selftest module, specifically for every preset
Time gathers the configuration parameter of other modules in the network equipment.
8. it is according to claim 6 check security baseline device, it is characterised in that
The collection submodule, in the configuration security baseline selftest module, specifically for receive user
The configured information of input;
The collection submodule, in the configuration security baseline selftest module, specifically in response to institute
State configured information;
The collection submodule, it is in the configuration security baseline selftest module, described specifically for collection
The configuration parameter of other modules in the network equipment, the configured information are used to indicate the configuration security baseline certainly
Inspection module gathers the configuration parameter of other modules in the network equipment.
9. it is according to claim 6 check security baseline device, it is characterised in that
The judging submodule, in the configuration security baseline selftest module, specifically for judging whether
Need warning information to be sent to user terminal;
Described device also includes:Acquisition submodule, record sub module;
The acquisition submodule, in the configuration security baseline selftest module, for when need will be described
When warning information is sent to the user terminal, the corresponding number information of the user terminal is obtained;
The sending submodule, in the configuration security baseline selftest module, is additionally operable to according to the use
The corresponding number information of family terminal, the warning information is sent to the user terminal;
The record sub module, in the configuration security baseline selftest module, for recording operation information,
The operation information is that the configuration parameter of other modules in the network equipment that described ought be collected is matched somebody with somebody with described
When putting the desired value of parameter and not matching that, the mismatch information for being recorded and warning information.
10. it is according to claim 9 check security baseline device, it is characterised in that
The record sub module, positioned at the safe selftest module of the configuration, need not be by the alarm for working as
When information is sent to the user terminal, recording operation information, the operation information described ought be collected
When in the network equipment, the desired value of the configuration parameter of other modules and the configuration parameter is not matched that, institute
The mismatch information of record and warning information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510642155.XA CN106559249A (en) | 2015-09-30 | 2015-09-30 | Check the method and device of security baseline |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510642155.XA CN106559249A (en) | 2015-09-30 | 2015-09-30 | Check the method and device of security baseline |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106559249A true CN106559249A (en) | 2017-04-05 |
Family
ID=58417975
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510642155.XA Pending CN106559249A (en) | 2015-09-30 | 2015-09-30 | Check the method and device of security baseline |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106559249A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108337124A (en) * | 2018-03-21 | 2018-07-27 | 北京天融信网络安全技术有限公司 | Configuration information management method, device, equipment and readable storage medium storing program for executing |
CN110855652A (en) * | 2019-11-05 | 2020-02-28 | 南方电网数字电网研究院有限公司 | Safety baseline configuration compliance detection method and device, computer equipment and medium |
CN111767549A (en) * | 2020-07-09 | 2020-10-13 | 中国工商银行股份有限公司 | Detection method and device |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120265865A1 (en) * | 2011-04-14 | 2012-10-18 | Ricoh Company, Ltd. | Device management system |
CN103518359A (en) * | 2013-02-08 | 2014-01-15 | 华为技术有限公司 | Method, device and network for achieving attack resistance of cloud computing |
CN103746988A (en) * | 2013-12-31 | 2014-04-23 | 曙光云计算技术有限公司 | Security management method and system of cloud host machine |
CN104363107A (en) * | 2014-10-21 | 2015-02-18 | 中国联合网络通信集团有限公司 | Inspection method and equipment for security baseline |
-
2015
- 2015-09-30 CN CN201510642155.XA patent/CN106559249A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120265865A1 (en) * | 2011-04-14 | 2012-10-18 | Ricoh Company, Ltd. | Device management system |
CN103518359A (en) * | 2013-02-08 | 2014-01-15 | 华为技术有限公司 | Method, device and network for achieving attack resistance of cloud computing |
CN103746988A (en) * | 2013-12-31 | 2014-04-23 | 曙光云计算技术有限公司 | Security management method and system of cloud host machine |
CN104363107A (en) * | 2014-10-21 | 2015-02-18 | 中国联合网络通信集团有限公司 | Inspection method and equipment for security baseline |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108337124A (en) * | 2018-03-21 | 2018-07-27 | 北京天融信网络安全技术有限公司 | Configuration information management method, device, equipment and readable storage medium storing program for executing |
CN110855652A (en) * | 2019-11-05 | 2020-02-28 | 南方电网数字电网研究院有限公司 | Safety baseline configuration compliance detection method and device, computer equipment and medium |
CN111767549A (en) * | 2020-07-09 | 2020-10-13 | 中国工商银行股份有限公司 | Detection method and device |
CN111767549B (en) * | 2020-07-09 | 2023-09-05 | 中国工商银行股份有限公司 | Detection method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8601536B2 (en) | Bus monitor for enhancing SOC system security and realization method thereof | |
CN107566388B (en) | Industrial control vulnerability detection method, device and system | |
CN106324385A (en) | Testing system and method for battery management system | |
CN106559249A (en) | Check the method and device of security baseline | |
CN105956669A (en) | Vehicle maintenance strategy pushing method and device | |
EP3623781A1 (en) | Battery pack temperature detection system | |
CN105812200A (en) | Abnormal behavior detection method and device | |
CN107579861A (en) | Website Usability alarm method, device and electronic equipment based on multi-line monitoring | |
CN105676693A (en) | Method and system for data synchronization of vehicle sensor in automatic driving | |
CN112651029B (en) | System and method for detecting application system loopholes, storage medium and electronic equipment | |
CN110245077A (en) | A kind of response method and equipment of program exception | |
CN102609350A (en) | Server memory failure alarm method | |
CN105761167A (en) | Method for evaluating health status of transformer station secondary equipment | |
CN105606958A (en) | Processing method, system, and apparatus for fault information of power system | |
CN110209529A (en) | The guard method of radio frequency parameter and electronic equipment | |
CN104794013B (en) | Alignment system running status, the method and device for establishing system running state model | |
CN107943661A (en) | A kind of data storage management system | |
CN107977467A (en) | Database monitoring device | |
CN107317708A (en) | The monitoring method and device of a kind of Court business application system | |
CN111654405B (en) | Method, device, equipment and storage medium for fault node of communication link | |
JP2020525944A (en) | Bus monitoring system, method and apparatus | |
CN110940874A (en) | Calibration method, server and medium for nuclear power station transformer protection device | |
TW200924428A (en) | An inside tracing method of the network attacking detection | |
CN107395387A (en) | The methods, devices and systems of two-shipper business recovery | |
CN112836192B (en) | Portrait characteristic data issuing method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170405 |
|
RJ01 | Rejection of invention patent application after publication |