Industrial network boundary protection system

Abstract

The invention provides an industrial network boundary protection system. The industrial network boundary protection system comprises a production network system, a data acquisition network system, anoffice network system and an industrial firewall system; the production network system is connected to the data acquisition network system through the industrial firewall system, so that one-way datatransmission can be realized; both control and operation on equipment can be completed in a production network; the data acquisition network system comprises an industrial control safety audit platform; and the office network system further comprises an industrial control system information security supervision and analysis platform, a production scheduling system and a client side. According to the industrial network boundary protection system provided by the invention, behaviour analysis on the data acquisition network system, the production network system and communication of the data acquisition network system is made through the industrial control safety audit platform; the communication link state in a network can be monitored in real time through an abnormal monitoring module; the security of the industrial network boundary protection system is improved; depth inspection on a data packet based on an application layer can be carried out through the industrial firewall system; thecommunication security is improved; and the industrial network boundary protection system has the obvious effect for core asset protection of the production network system.

Description

technical field [0001] The invention relates to the field of data application, in particular to an industrial network border protection system. Background technique [0002] In recent years, information security incidents of industrial control systems have occurred continuously. Malware such as "Stuxnet", "Flame", "Poison Zone", and "Havex" have seriously affected the stable operation of key industrial infrastructure, which fully reflects the information security of industrial control systems. Security is facing a grim situation. The information security risks and incidents of industrial control systems are still on the rise, and the situation is very serious. [0003] The primary content of network security isolation protection is to realize the access control of network traffic between some important subsystems in the network, which is the basis of network security protection. At present, the security threats faced by industrial control networks are not only conventional ...

AI Technical Summary

Problems solved by technology

[0003] The primary content of network security isolation protection is to realize the access control of network traffic between some important subsystems in the network, which is the basis of network security protection. At present, the security threats faced by industrial control networks are not only conventional IT attacks or virus infection , and the attack on the industrial control communication protocol and the security defects and loopholes of the control equipment itself will bring more serious harm to the industrial control system, so the grasp of access control granularity becomes the fundamental factor for the success or failure of the industrial control network security construction. The existing port-level Access control policies cannot protect against malicious code attacks of industrial protocols, so it is necessary to set up an industrial firewall system with industrial protocol deep packet inspection (DPI) function at the network boundary to provide more effective industrial protocol application layer protection

Images