The Application Case of Antiy Provincial Situational Awareness Platform Won the Excellence Award of “2018 Network Security Solution”
2018 China Cybersecurity Week is in full swing throughout the country. On “network security standards and industry sub-forum” in Chengdu conference area on September 18, the Heilongjiang provincial network security situational awareness and emergency disposal platform (or situational awareness platform), which was built by Antiy, won the excellence award of "2018 network security solution" issued by China Network Security Industry Alliance.
There are two different versions of Antiy’s situational awareness platform, a monitoring situational awareness platform for security management needs of component and functional departments, and a practical situational awareness platform for high asset value, high threat confrontation and high protection level scenarios.
The situational awareness platform of Heilongjiang province is the first provincial-level pilot for the component department of Cyberspace Administration of China. It is an important case of Antiy’s monitoring situation awareness platform. In order to implement the work requirements of President Xi Jinping’s “all-weather and omni-directional perception of cybersecurity situation”, the component department of Heilongjiang province took the lead in launching the first-phase construction of “network security situational awareness and emergency disposal platform” and selected Antiy as main contractor.
From the perspective of local component department, it is not only necessary to understand the risks of information asset exposed to the internet in the province, but also to monitor, analyze and evaluate important systems and key information infrastructure within the management scope, and to guide security planning, push risk information and guide emergency disposal, which is the blind spot in the past management work. On the basis of the innovative ideas of “close-distance deployment, centralized awareness, effective protection and rapid response”, Antiy has constructed its platform, built the host protection capability to cover the important government websites of the province, tested and deployed traffic monitoring on some important information systems and key information infrastructure. Combined with the threat intelligence data pushed by Antiy, the monitoring results preliminarily show the overall situation of the provincial network security, provide support for the provincial network security monitoring, early warning and emergency response management process, and improve the management capacity of the provincial network security.
On the whole, the macro situational awareness around monitoring management needs is only part of the functional requirements of situational awareness, while the capability and system construction for the medium-sized situation and actual combat needs are more complicated. It is not a simple product form, but a complex capability system supported by a large number of basic capabilities phases and basic products, which involves continuous monitoring, collaborative response, workflow management, knowledge management and big data analysis, etc. It also needs to be supported by deep packet detection/ load vector analysis extraction detection, vector labeling and other deep security capabilities. Antiy is always committed to realizing “perceiving the true situation and making the real situational awareness” and knows that there is still a long way to go.