电力企业信息安全策略研究与实现-软件工程专业论文.docx

华中科技大学硕士学位论文 华 中 科 技 大 学 硕 士 学 位 论 文 II II Abstract As the rapid development of information construction and with the application of information network technology growing popularity, information security has become an important issues affecting the security and the efficiency of the network. At present, the hardware environment of the information construction of the power system has been basically fulfilled. Whether the number of hardware devices or network construction are relatively in good condition. Production, marketing, dispatch and operation and other departments have also achieved informationization. However, cause the different divisions and sectors of the power system have big understanding gap about the information security, and different staffs need to raise awareness of the information security, as well as the shortage of understanding of new coming information security issues, while the lack of a unified information security management standards, etc. There are much more information security issues. To solve these information security issues of the power enterprises, after introducing the basic concept and popular technologies of the information security, this paper studied risks and potential threats of the information security and analyzed the corresponding security requirements, based on a concrete power enterprise. According to the different using and functions of PC terminals and servers, we partitioned and isolated the enterprise’s network. Through the deployment of firewalls and IDS security devices, we modified the network structure, and designed and implemented corresponding strategy to enhance the network security, based on different levels of physical security, network security, system security, user security and data security. Besides, using VLAN classification, VLAN security technology, switch port security, user certification, BPDU filter technology, DHCP and ARP Snooping technology and devices security technology enhanced the informatio