Best Practice_Correlate with IAM to Prevent Network Threat
  

sangfor_2267 Lv3Posted 19 Mar 2021 17:45

Dear all
I have released document about IAM correlate with Endpoint Secure to prevent cyber threats, Welcome to check. If you have any questions about the test content in the document, you can ask at the bottom of the page or send an email to zhijie.yan@sangfor.com




1.1 Function Scenario
Current problems faced bycustomers
The Internet has become anindispensable production tool for employees. However, due to the complexity ofthe network environment and the threat of various viruses, there are endlesslevels of Internet management and terminal security issues.
Network side:
1. High-bandwidthapplications such as video take up a lot of bandwidth resources, employees areslow to surf the Internet, and internal complaints increased.
2. When employees go towork, they use Internet to surf entertainment website, which seriously affectswork efficiency.
3. There are many outgoingfile applications and channels such as mail, web disk and QQ WeChat, and therisk of important data leakage is getting higher and higher, and there is alack of traceability methods;

Endpoint side:
1. The Endpoint assets arenot clearly sorted out, the terminal assets that need to be protected cannot beclarified, and the terminal responsible person cannot be clarified.
2. Endpoint are oftenplagued by viruses, and their internal unrestricted and rapid spreading poses amajor threat to Local Area network.
3. The employees have weaksecurity awareness, and the risk of operating system vulnerabilities issignificant, which can easily cause threats to invade;

Endpoint security access toensure the security of access terminals
The Endpoint securitysoftware is installed uniformly, and the terminal Endpoint Secure software canbe forcibly installed after IAM certification;
Endpoint security accessinspection, including system vulnerability scanning, anti-virus installation,open interfaces, etc., only allow endpoints that meet the security requirementsto access the network;
Regular endpoint vulnerabilityscanning, after vulnerability scanning, it can be automatically repaired andreported;
Network terminalintelligent linkage to strengthen threat protection capabilities
IAM supports malicious URLfiltering, network antivirus detection, zombie host detection, etc. to protectInternet security;
Endpoint Secure takes theartificial intelligence algorithm as the core, greatly improves the terminalvirus security check and kill effect, and can check and kill the new virusthreat of ransomware in a comprehensive way.
Through the networkterminal linkage, the endpoint threats and attacks discovered by IAM can belinked with Endpoint Secure to scan and repair terminal security in time.
1.2 Topology
5316660547124ea56c.png

  
Device
  
Account/Password
IP
Description
PC1
administrator/111111
20.10.0.3/24

PC2
administrator/111111
20.10.0.8/24

MGR
admin/@sangfor123
20.10.0.100/24
Endpoint Secure MGR
IAM
admin/@sangfor123
LAN: 20.10.0.1/24
IAM
1.3 Test Introduction
1. Correlation conditions
IAM needs to access ES TCP443 port. IAM requires version 12.0.16 (inclusive) and above.
......


Like this topic? Like it or reward the author.

Creating a topic earns you 5 coins. A featured or excellent topic earns you more coins. What is Coin?

Enter your mobile phone number and company name for better service. Go

Trending Topics

Board Leaders