The product not only enables network information security audit system and firewall interaction, effectively prevent the attack outside the network; while its unique statistical reporting of network attacks, online behavior, such as log analysis of network traffic, and generate a variety of ways value statements. Enterprise Network Management System provided by the statistical report data, can effectively monitor and analyze the source of internal network traffic, goals, and the proportion of various data applications, optimizing network resources, but also on the staff of the Internet to effectively conduct supervision and management, improve network utilization throughout the enterprise value.
Information security has become a power system electricity production, operation and management of the important part. How to Power Information Network system from hackers and viruses, protect the security of data transmission reliability is to build "digital power system" that must be considered one of the points. Web information systems in todays rapid development, Web information systems have a wide range of security issues storm drain in front of us. Lenovo net in August the Department of Royal Security Services to a certain penetration testing engineer information systems OA ministries do penetration testing, we found that many of the OA information system security vulnerabilities. OA information system using JSP + Oracles B / S architecture design, penetration testing information security engineers to test the OA and found several SQL injection and cross site XSS vulnerabilities. SQL injection vulnerability to access all table data, database data can be added, deleted, etc, can get a lot of the database on the host system configuration and implementation of shell commands. On request, penetration testing engineer for XSS vulnerabilities were cross-site testing, in a short time to collect multiple users Cookies, Cookies information that contains the users password MD5 value. XSS Cross Site Vulnerability here has been tested and can be embedded in a malicious Web page to automatically send text messages, phishing and so on. OA system multiple XSS vulnerabilities, malicious use if it is serious, they would have generated in the OA system XSS worm.