Network Security Situation Awareness

    Faced with an intricate and complex network security situation and numerous and huge network security data, and based on the experience of senior experts from network security operation and maintenance agencies and network security regulatory agencies, Surfilter has elaborately created a network security situational awareness platform—“Tianzhi”. It takes into account the specific business needs of users' daily network security monitoring, special security assurance and key security incident analysis, and combines multisource, heterogeneous, security Big Data, with fast, high-performance, correlation analysis, deep mining capabilities, and rich, beautiful and customizable data display capabilities. It makes security management, situation analysis and emergency response on large-scale network systems extremely simple, intuitive and rapid.

    Platform Success

    The Surfilter Situation Awareness Platform SURF-NSSA is designed around the security management requirements of business systems, relying on data of existing or newly established network security monitoring systems and network infrastructure resource monitoring systems. It integrates network security data of multiple external channels, and utilizes Big Data analysis technology and network security threat correlation analysis technology. The system starts from detection of business system normalization and discovers security risks and deficiencies by establishing security baselines, and real-time, dynamic comparison, to build a network security situation awareness platform for the whole life cycle. Network security event monitoring, comprehensive analysis, early warning and disposal management platform for the key information infrastructure creates closed-loop security management that integrates protection, detection, early warning, response, disposal and event backfilling, and provides a technical support basis for network security management decision-making.

    Interface Display

    The comprehensive security situation of the area under surveillance is displayed from different angles, such as timeline, safety time, region and importance level, etc. Visual statistical analysis and custom statistical query of the situation information management system-related data can be implemented, and data statistical analysis can be displayed from an overall perspective.

    Intelligent security situation data and warning notifications form reports, with more than 50 kinds of reports presenting statistical data, enable operation and maintenance personnel to understand the security situation of the entire network while simplifying the operation and maintenance work, thereby reducing security maintenance workload and optimizing the workflow in a more compliant security protection manner. The special meeting safeguard and supervision system is tailormade to ensure the smooth running of major events and special meetings.

    Product Functions

    Comprehensive Detection

    Comprehensively detects security risks such as internet application security, mobile application security, malicious code, intelligent threat detection, network public opinion, DNS, Netflow, security logs, etc. and collects them in a database.

    Correlation Analysis

    ollected inbound data is deeply analyzed through regular attributes based on different dimensions such as temporal correlation, causal correlation, etc., and correlation rules are established to form an integrated security situation.

    Security Modeling

    Baseline-based anomaly detection quickly detects known attacks and unknown anomalies in network interaction process and network traffic, and establishes a threshold through baseline dynamic learning, to generate security alerts.

    Emergency Response

    Customizes emergency response and disposal scenarios based on user’s operational needs, such as: public opinion warning, emergency support unit list, key task bulletin board, emergency disposal plan process and other layout modules.

    Visual Analysis Display

    Visual analysis transforms data into charts for centralized visual display, and uses visualization technology from multiple dimensions such as monitoring and early warning to project the global situation onto the big screen, providing convenient data observation and analysis from different angles and levels.

    Value-added Income

    Customize the "special safeguard" business module for special activities and meetings, focusing on monitoring key information infrastructure related to activities and meetings, to ensure smooth running of activities and meetings.

    Product Advantages

    Powerful Data Mining System

    Batch applications, interactive queries, Elastic Search (ES) full-text retrieval, data mining and real-time stream computing, and many other computations.

    All-weather Continuous Monitoring

    24*7 full-time monitoring, network security risks are quickly detected, and prompt warnings are generated helping users fully grasp the network security situation.

    Multi-carrier Network Monitoring

    Monitor web security risks and availability, mobile internet applications, mobile internet public opinion, security log analysis data, etc.

    Multi-dimensional Visual Analysis

    Intelligent threat analysis, security risk analysis, public opinion analysis, botnet propagation path analysis, operation and maintenance environment analysis.

    Automatic Report Generation

    Intuitively generates various trend charts based on the nature of text and icons, and automatically generates security risk briefings and threat analysis reports.