Integrated security data acquisition and monitoring system
Fusion security Data acquisition and Monitoring system (Hyperfusion Probe) is a set of detection, acquisition, detection, analysis and display in one hyperfusion system。The system can analyze the collected traffic in real time, compare with the rule database and threat intelligence database to identify intrusion alarm events, and provide detection information and attack characteristics of security events to achieve comprehensive forensics and accurate traceability。It supports real-time awareness and comprehensive analysis of security situations, realizes risk early warning and security visualization, helps users understand security risks in a timely manner, and greatly improves the security defense capability of organizations。
Integration of hardware and software
Asset fine management
Flexible rule configuration
Security incident traceability analysis
Functional characteristics
Asset center
It supports non-destructive detection and passive monitoring to perceive and discover assets in the network, and forms asset ledger for all-round management and multi-dimensional presentation of assets。
Risk center
Provides weak password scanning and vulnerability scanning functions to detect existing vulnerabilities and weak passwords, reduce security risks caused by system vulnerabilities, and prevent hackers from breaching enterprise network security lines through weak password blasting
Flow analysis center
Through traffic monitoring, the system monitors and discovers weak passwords and security events on the entire network, and generates corresponding security alarm events。
Threat intelligence center
The system has built-in threat intelligence database, and supports threat intelligence data access from authoritative institutions including Yishao, Weibu, 360, Huawei, Tencent and so on。It can conduct detailed and accurate analysis of threats and trace the source of security incidents。
Situation analysis center
Provide multiple situation analysis screens and various situation analysis statistics to analyze and present the security status from different dimensions and perspectives, which is convenient for enterprise security managers to quickly understand the enterprise security status。
System O&M center
Provide functions related to system update and upgrading, and relevant tools required by operation and maintenance personnel for daily work to assist operation and maintenance work and improve safety operation efficiency。
Product capability
Vulnerability scanning capability
The system has a remote vulnerability scanning application service, provides a number of mainstream manufacturers of vulnerability scanning engines and the Ministry of Public Security vulnerability engine for customers to choose, according to the selected vulnerability scanning engine can output the corresponding vulnerability scanning report, as well as the operation analysis experts after the analysis of the output report output report。
Weak password detection capability
The system supports two weak password discovery modes, active scanning and passive traffic analysis, to detect weak passwords in the network。
Threat intelligence alarm detection capability
The system has built-in threat intelligence information of many mainstream manufacturers such as 360, Weibu, VT, and Public Security One, and supports traffic analysis and detection based on threat intelligence to discover attacks and external alarm events。
Ability to monitor and analyze data transmission quality
The system has the ability of monitoring and analyzing the data transmission quality, and can monitor the request and response in the transmission process, so as to determine the data transmission quality。
Network topology analysis ability
The system has the ability of network topology combing and analysis. The configured Layer 3 switch can automatically comb and present the network topology, helping network managers to accurately understand the structure and composition of the entire network, and obtain real-time network status and topology information。
Asset mapping and vulnerability analysis capabilities
The system supports active scanning and detection to discover and detect assets on unknown networks, and uses a powerful asset fingerprint database to identify the characteristics of various types of assets, including application information, process information, planned tasks, startup information, account information, shared information, and port information。You can discover vulnerabilities exposed to assets to facilitate timely repair。
Alarm event detection and discovery capability
By comparing traffic, logs, alarm rules, and threat intelligence on the entire network through traffic monitoring, intrusion alarm events are discovered, and feature detection information is provided to facilitate source tracing。
Event alarm closed-loop handling capability
The system provides the function of customizing service processing processes, including service processing processes, forms used in each process, and handling roles, to realize closed-loop service processes such as event verification, repair, and handling of alarms。

Shandong Yuntian Safety Technology Co., LTD. All rights reserved Lu ICP No. 17007379-1

Lu public network Anbei 37010202002190

" class="hidden">湖北美术学院