Data security has a decisive impact on the survival and development of enterprises, and the leakage and destruction of data assets will lead to irreparable economic losses and loss of core competitiveness of enterprises. Data flow is the only way to unlock its value, and if you want to protect the core assets of the enterprise, you need to realize the secure exchange of data.
In order to prevent the leakage of intellectual property rights and trade secrets, many enterprises usually isolate their networks from security. Internally, the internal and external networks are separated, the Internet is isolated from the intranet, the production network is isolated from the office network, and the office network is isolated from the R&D network to ensure the information security of the enterprise. 5 Common Means of Network Isolation:
1. Isolation of DMZ area
Enterprises set up two firewalls between the internal and external networks, and the area between the two firewalls is the DMZ area. The internal network can actively access the DMZ zone, and the DMZ zone can actively access the external network, thus forming an intermediate buffer that can meet higher security standards.
2. Firewall isolation
A protective barrier constructed on the boundary between the internal and external networks, and between the private and public networks. A firewall is erected between the two networks to block all cross-network communication by default.
3. Virtual machine isolation
Two virtual subnets (for example, an office virtual subnet and a R&D virtual subnet) are constructed in the virtualization platform, and the two virtual subnets are not connected to each other. Enterprises can isolate virtual desktops by assigning two virtual desktops to each employee who needs them, connecting two virtual subnets respectively.
4. Barrier isolation
The basic principle of the dedicated network isolation equipment is to block the network communication protocol, adopt the private communication protocol internally, connect only one network at the same time, and take turns to connect the two networks for data ferry.
5. Dual NIC host isolation
Install two NICs on a physical host, one connected to the internal network and one to the external network. Generally, it needs to be managed by a special person. When cross-network file exchange is required, the sender transmits the data to the host, and the file content is reviewed and registered by a special person, and then the data is sent from the host to another network.
However, in the daily business of enterprises, there are a large number of scenarios that require file transfer between different networks. The IT department needs a data security exchange system that not only meets the security management standards, but also meets the needs of business users, and can be controlled by IT. "FTRANS Cross-network File Security Exchange System" is a safe, reliable, powerful and innovative data security management product, which can help enterprises and organizations quickly establish a "system" between isolated networks (such as R&D network-office network, production network-test network, intranet-extranet, etc.).
1. Safe and efficient data transmission channel" to effectively prevent the leakage of sensitive information. The product features are as follows:
1. Multi-mode cross-network data exchange securely
Three cross-network file exchange modes are provided to meet the cross-network file exchange requirements in different scenarios.
fmail file mail: Accurate sending and receiving of similar mail.
FHUB transfer station: convenient self-delivery for a single user.
Network disk delivery: Delivery to a specific storage location in the system.
2. Document exchange approval
It supports step-by-step approval according to the two logics of organizational structure and reporting relationship.
Support countersigning, or signing, transferring, CC, and support approval notices.
Support the preview of approval documents**, and the file security check results are used as a reference for approval.
3. Sensitive information check
Sensitive information is checked for cross-network exchange files, and sensitive signature databases can be managed and imported in a unified mannerRegular expressions and custom sensitive keyword checks are supported, and policies can be defined based on the number of hits.
At the same time, you can set all checkpoints such as file type, size, quantity, sender and sender identity, etc., and flexibly combine them into security check policies.
Based on the inspection results, three processing actions are matched: blocking, releasing and triggering the manual approval process.
4. High-performance data transmission
The private file transfer protocol, combined with the unique high-speed transfer plug-in, ensures high-speed file transfer.
High-performance transmission technology ensures reliable transmission of large files and massive files.
File verification mechanism, support for resumable transmission, automatic retransmission of errors, and 100% transmission accuracy
5. Comprehensive log audit
Complete records of all user operation logs and file exchange logs of the platform.
The original file can be retained for a long time, regardless of user deletion.
Logs can be automatically archived and cleaned on a regular basis to alleviate storage pressure.
Logs can be retrieved and exported.
6. Enterprise-level integration capabilities
It provides a wide range of integration support, and the permission components provide open APIs to fully support enterprise-level application integration.
It supports enterprise AD account integration and AD unified identity authentication, and supports the integration of the approval process with the enterprise OA system and BPM system.
Support anti-virus engine, third-party DLP, encryption and decryption system integration.
Support WeCom, DingTalk, etc. for message notification integration.
Feichi Yunlian has been focusing on enterprise-level data exchange technology for more than ten years, and its products have been applied to more than 200 leading customers in multiple industries, ensuring the daily use of 150,000 end users in real time, and the quality of products and services is more guaranteed. The data security exchange platform "FTRANS cross-network file security exchange system" builds the internal system of the enterprise.
1. A secure cross-network file exchange channel greatly improves the efficiency of the whole process.