H Ni - 08/2014THAM LUNGIAI PHAP AN NINH MANG TRUYN S LIU CHUYN DUNG PHUC VU QUAN LY NHA NC*

NI DUNG TRNH BY*

PHN I:HIN TRANG MNG TSL CHUYN DNG*

CU TRC PHN LP CA MNG TSLCDMng TSLCD c xy dng vi tc cao, dung lng ln, cng ngh hin i ng thi xy dng cc h thng an ton thng tin m bo phc v vic truyn s liu v trin khai cc ng dng GTGT trn nn Mng, l cc h thng vnh ai bo v, pht hin tn cng v xm nhp tri php, bo v v khi phc d liu, c bit l h thng bo v u cui...*

M HNH MNG NG TRC (LP A)*

p

p

p

nng

h ni

h ch minh

stm-N ring

GE

GE

GE

u t trong Giai on 1

Ch thch

u t trong Giai on 2

S TNG TH MNG TSLCD*

M HNH mng ti H ni (lp B)*

M HNH MNG TI TP. H CH MINH (lp B) *

M HNH MNG TI NNG (lp B)

*

S CHI TIT MNG TSLCD*

`

I. Cc dch v sn sng cung cp:1. Dich vu Hi nghi truyn hinh2. Dch v Scopia Desktop (Mega eMeeting)3. Dch v truy cp Internet4. Dch v cho thu ch t my ch (Hosting)5. Dch v my ch Web, Email (Web & Email server)6. Dch v IP/MPLS VPN lp 2, lp 3(Kt ni mng ring o ni b, lin mng gia cc mng ring o)

II. Cc dch v s trin khai trong thi gian sp ti:1. Dich vu thoai IP da trn mang TSLCD (Softswitch)2. Dich vu DataCenter (Trung tm tch hp d liu)3. Dch v truy nhp t xa (Remote Access IP VPN)..CC DCH V TRIN KHAI TRN NN MNG TSLCD*

PHN II:AN TON, BO MT NG TRUYN MNG TSL CHUYN DNG*

CAC NGUY C MT AN TOAN THNG TIN, D LIU MNG TSLCD nh cp thng tin, d liu ti thit b u cui (my tnh, in thoi, ...).Nghe ln thng tin trn ng truyn lm l thng tin.Lm sai lch thng tin, d liu gy hu qu nghim trng.Truy nhp tri php vo my trm hoc h thng mng.Hnh vi tn cng c ch , ph hi ti nguyn thng tin, d liu.Ly nhim virus, m c hi gy chm tc mng, nh cp thng tin, d liu qua cc m c hi ny.

*

CC GII PHP AN TON BO MT THNG TIN TRN MNG TSLCDChnh sch m ha d liu trn ng truyn c Ban C yu Chnh ph ph trch. Ngoi ra, chnh sch bo mt cn c khuyn ngh i vi cc c quan ng v Nh nc ngoi vic truy nhp truyn s liu, vic trin khai cc dch v GTGT nh truy cp Internet, Web, Email, Datacenter, dch v Hosting, Videophone, Thoi... phi c cc chnh sch (policy) bo mt bi v khng th p dng mt hay mt vi chnh sch chung cho tt c cc c quan.

Cc gii php an ton, bao mt cho mng TSLCD:Bc tng la (Firewall) v h thng pht hin tn cng (IDS/IPS).Bo mt ng truyn.3. i vi tng phn h Mng v ng dng khch hng, trin khai cc h thng an ton thng tin c th.

*

1. Bc tng la (Firewall) v h thng pht hin tn cng (IDS/IPS):* Mng TSLCD c 3 cng kt ni Internet ti H Ni, TP.H Ch Minh v Nng. m bo an ninh cho cc kt ni Internet, mng TSLCD c trang b h thng bo mt ti 3 trung tm min tng ng, gm: H thng Firewall v IDS/IPS da trn nn tng phn cng, l cc module cm trn thit b Core Switch.* H thng Firewall v IDS/IPS trn cu hnh hot ng ch d phng 1:1 ti 3 trung tm min. + Firewall: kim sot truy nhp vo ra mng.+ IDS/IPS: pht hin cc tn cng v truy nhp bt hp php t bn ngoi vo mng thng qua ng kt ni Internet, ng thi a ra cc phng php ngn chn tn cng v cc thng bo c bn gii quyt khi c tn cng vo mng Thit b Firewall v IDS kt hp vi nhau m bo tnh an ton, bo mt cao cho mng TSLCD.* To vng phi qun s (Demilitarized Zone - DMZ) bo v cc my ch k ni Internet (Web, Email, DNS)

CC GII PHP AN TON BO MT THNG TIN TRN MNG TSLCD (2)*

*GII PHP AN TON BO MT THNG TIN TAI TRUNG TM HA NI

*GII PHP AN TON BO MT THNG TIN TAI TRUNG TM TP H CHI MINH

*GII PHP AN TON BO MT THNG TIN TAI TRUNG TM A NNG

2. Bo mt ng truyn: * S dng cc cng ngh bo v lp mng (IPSec), lp vn chuyn (TLS, SSL), IP/MPLS VPN (lp 2 v lp 3 theo m hnh OSI).* Trn cng h tng vt l mng TSLCD, to cc knh IP/MPLS VPN phn tch v logic cc c quan ng, Chnh ph, Quc hi(VPN_TinhUy, VPN_UyBan, VPN_BBN, VPN_CEManagement, VPN_MCU, VPN_Internet)

3. i vi tng phn h Mng v ng dng khch hng, trin khai cc h thng an ton thng tin c th:* Xc thc ng nhp (Cisco ACS), bc tng la ngi dng, chng virus, chng spam, trojan* Trin khai cc thit b phn cng, phn mm v bo mt v an ton ng truyn (VD: bo mt i vi dch v THHN) * M kha (mt khu, m kha b mt, m kha cng khai)CC GII PHP AN TON BO MT THNG TIN TRN MNG TSLCD*

PHN III:GIAI PHAP AN NINH BAO MT MNG TSLCD PHUC VU QUAN LY NHA NC TAI VUNG TY NGUYN*

*VUNG TY NGUYNVung Ty Nguyn gm 5 tinh: theo th t v tr a l t bc xung nam gm Kon Tum, Gia Lai, k Lk, k Nng v Lm ng.Ty Nguyn l vng t c vai tr v v tr kinh t, x hi, chnh tr ht sc quan trng, c nhng nt c th v a l, lch s, vn ha, tn ngng (a thn), con ngi Do vy, Ty Nguyn lun lun nhn c s quan tm khng ch ca gii nghin cu, m ca ton x hi. Ty Nguyn l a bn chin lc c bit quan trng v kinh t-x hi, quc phng, an ninh v mi trng sinh thi ca t nc; l khu vc nhy cm, cn c bit quan tm n vn an ninh, quc phng cho c trc mt v lu di, nn vic n nh v pht trin ca vng l nhn t quan trng gp phn vo s n nh chung ca c nc.

M HNH MNG TI CC TNH, THNH VUNG TY NGUYN (LP C)*

Trang s:GII PHP AN TON BO MT THNG TIN TAI CAC TINH VUNG TY NGUYN

Trang s:

Trang s:GII PHP AN TON BO MT HI NGHI TRUYN HINHBo mt hi ngh truyn hnh, mng truyn s liu: Bo mt h thng HNTH. Ch lm vic im im v im a im c thit k bng phn cng, s dng chip FPGA Spartan3E, dng bo mt cc gi IP trong mng LAN, WAN hay mng Internet. Tc m ha/gii m ti a o c 80 Mbps Cu hnh hon ton t ng khi bt ngun S dng mt m ca ngnh c yu

Trang s:

*Bo mt tn hiu thoi VoIP: My m VoIP MIP-08T c tnh nng bo mt cc gi tin IP gia u cui u cui trong mng LAN, WAN, Internet v mng V Tinh. C y cc tnh nng c bn ca mt in thoi IP thng thng. GII PHP AN TON BO MT TIN HIU THOAI VoIP

* H thng th in t mt gii quyt c: - m bo an ton d liu trn ng truyn t ngun n ch. - m bo an ton CSDL th ti my trm - Mail Client. - m bo an ton ti cc Mail Server. Cc hot ng bo mt xc thc th in t da trn cc dch v chng thc in t ca h thng CA chuyn dng Chnh ph Bn cnh nhng vn v k thut cn gii quyt th cc vn nh : Chnh sch an ton, mi trng vn hnh v h thng qun l an ton cho h thng th in t mt cng cn phi c p dng GII PHP AN TON BO MT TH IN T

*BU IN TRUNG NGPHNG K THUT NGHIP VH Ni - 05/2014Xin trn trng cm n! KIN TRAO I V GP !

Mng Truyn s liu chuyn dng ca cc c quan ng v Chnh phMng Truyn s liu chuyn dng ca cc c quan ng v Chnh ph*Mng Truyn s liu chuyn dng ca cc c quan ng v Chnh phMng Truyn s liu chuyn dng ca cc c quan ng v Chnh ph*Mng Truyn s liu chuyn dng ca cc c quan ng v Chnh phMng Truyn s liu chuyn dng ca cc c quan ng v Chnh ph*