An Industrial Network Border Protection System

Abstract

The present invention proposes an industrial network boundary protection system, including a production network system, a data collection network system, an office network system and an industrial firewall system. The production network system can be connected to the data collection network system through the industrial firewall system to realize one-way data transmission, and the equipment The control and operation of the system can be completed in the production network. The data mining network system includes an industrial control security audit platform, and the office network system also includes an industrial control system information security supervision and analysis platform, a production scheduling system and a client; the present invention uses industrial control security The audit platform can analyze the behavior of the communication between the data acquisition network system and the production network system and the data acquisition network system. Through the abnormal monitoring module, the real-time monitoring of the communication link status in the network can be completed, and the security of the industrial network border protection system can be improved. Through the industrial firewall system, the deep inspection of data packets based on the application layer can improve the communication security and have a significant effect on the core asset protection of the production network system.

Description

technical field [0001] The invention relates to the field of data application, in particular to an industrial network border protection system. Background technique [0002] In recent years, information security incidents of industrial control systems have occurred continuously. Malware such as "Stuxnet", "Flame", "Poison Zone", and "Havex" have seriously affected the stable operation of key industrial infrastructure, which fully reflects the information security of industrial control systems. Security is facing a grim situation. The information security risks and incidents of industrial control systems are still on the rise, and the situation is very serious. [0003] The primary content of network security isolation protection is to realize the access control of network traffic between some important subsystems in the network, which is the basis of network security protection. At present, the security threats faced by industrial control networks are not only conventional ...

AI Technical Summary

Problems solved by technology

[0003] The primary content of network security isolation protection is to realize the access control of network traffic between some important subsystems in the network, which is the basis of network security protection. At present, the security threats faced by industrial control networks are not only conventional IT attacks or virus infection , and the attack on the industrial control communication protocol and the security flaws and loopholes of the control equipment itself will bring more serious harm to the industrial control system, so the grasp of the granularity of access control becomes the fundamental factor for the success or failure of the industrial control network security construction. The existing port-level Access control policies cannot protect against malicious code attacks of industrial protocols, so it is necessary to set up an industrial firewall system with industrial protocol deep packet inspection (DPI) function at the network boundary to provide more effective industrial protocol application layer protection

Images