OPSEC在电力企业网络安全管理中的应用

网络防火墙作为一种通用的网络安全产品，并不能完全满足电力企业的实际需要和特定的场合，用户往往不得不借助于第三方的安全产品或自己开发的安全软件，因而存在如何与现有的网络安全系统形成一个整体的企业安全体系问题。针对该问题，文中介绍了在0PSEC(开放安全企业互联平台)的开发环境下，以目前几种常见的黑客攻击手段(DDOS，Trojan horses与Port-Scan)为研究对象，利用开放性协议OPSEC提供的公用接口，将设计的自动入侵检测报警的安全软件作为一个扩展的防火墙管理模块嵌入到支持OPSEC的企业网络防火墙中，配合原有的防火墙管理模块共同防御黑客攻击的开发实践。

APPLICATION OF OPSEC IN NETWORK SECURITY MANAGEMENT FOR POWER ENTERPRISES

As a kind of commonly used product of network security, the network firewall is not capable of meeting all actual needs and special occasions of power enterprises. Very often users have to resort to other security software or develop it by themselves. Hence the problem of the enterprise security system of how to integrate the new software with the current network security system into an organic whole. Taking such commonly used hacker attack methods as DDOS, Trojan horses and Port Scan as objects of research, under the development environment of open platform for secure enterprise connectivity (OPSEC) and by use of the communal interface provided by OPSEC, a development practice is introduced, in which the designed security software for automatically detecting invasion and alarming is embedded in an OPSEC supporting enterprise firewall as an extensive firewall management module, together with the old firewall management module to defend hacker attacks. This project is supported by Science & Technology (Development) Project, Central China Power Group (No. KJ9901 102 21)