清华得实WebST网络安全行业解决方案

WebST ( ) 010-6298822 010-82899313 http://www.th-dascom.com.cn 9 5

... 3... 4 1.... 4 2.... 6 3.... 6... 7... 8 1.... 8 1.1... 8 1.2... 8 1.3... 10 2.... 10 2.1... 11 2.2... 13 3.... 15 3.1... 15 3.2... 17 3.3... 17 4.... 18 4.1... 18 4.2... 19 4.3 WebST... 19 4.4 OA UNIX... 23 4.5... 23 5.... 24 5.1... 24 5.2... 24... 26 1.... 26 2.... 26 Page 2 of 2

GSM Internet 1997 3000 DCE Page 3 of 3

1. GSM OMC_Subnet Billing_Subnet OA OA UNIX OA Internet Proxy ServerInternet 1 1 OA L3 Internet IP NAT DMZ Internet WWWMail 2 Kernel Layer Distribute Layer Access Layer 3 Page 4 of 4

2 3 Page 5 of 5

2. GSM GSM CA UniCenter TNG HP OpenView OA MIS Internet E-MailWWW 3. (1) Internet OA Internet Internet (2) 85% OA Page 6 of 6

1. 2. 3. WWW 4. 5. 6. 7. Internet 8. 9. Page 7 of 7

1. 1.1 1.2 DISSPDefense Wide Information System Security Program -2 X 7 Y Page 8 of 8

Z ISO OSI 4 1.2.1 ISO7498-2 1) 2) 3) 4) 5) 6) 7) 1.2.2 ISO/OSI TCP/IP 1.2.3 1) 2) 3) 4) Page 9 of 9

5) 1.3 IT PC 5 2. Page 10 of 10

Check Point FireWall-1 Check Point FireWall-1 Check Point FireWall-1 RealSecure Norton Check Point OPSEC IBMHPSunCiscoBay260 OPSEC Check Point FireWall-1 OPSEC FireWall-1 OPSEC FireWall-1 2.1 IDS Internet DMZ WWW E-Mail DNS InternetProxy Server DMZ 1 2 3 4 5 6 7 VLAN OA L3/L2 VLAN VLAN-1 Windows PC NT VLAN-2 NTUNIX OMC-Subnet Billing-SubnetVLAN-1 PC OMC-SubnetBilling-Subnet UNIX VLAN-2 OMC-Subnet Billing-Subnet VLAN-1VLAN-2 VLAN SSR8600-1SSR8600-2 VLAN-1 VLAN-2 DMZ DMZ WWWE-MAILDNSPROXY WebST Page 11 of 11

8 6 CheckPoint CheckPoint FireWall-1 CheckPoint RealSecure OEM from ISS IDS Nokia Nokia IP Appliance PlatformNAP FireWall-1 CheckPoint FireWall-1 44% 100 80%CheckPoint FireWall-1 1 2 Check Point RealSecure Check Point Check Point CheckPoint RealSecure CheckPoint FireWall 1 FireWall-1 RealSecure RealSecure Page 12 of 12

CheckPoint RealSecure FireWall-1 E-Mail SNMP Trap SNMP Trap CheckPoint RealSecure 150 Symantec Norton AntiVirus for CheckPoint FireWall-1 NT UNIX OPSEC CheckPoint CheckPoint CheckPoing CCSE CheckPoint FireWall-1 XKC33006 2.2 1 NT Pentium III 500MHz 256MB RAM / 2 x 18GB SCSI-2 HD 100M NIC x 2 2 NT Pentium III 500MHz 64MB RAM / 4GB HD 100M NIC x 2 3 NT Pentium III 800MHz x 2 1GB RAM / 2 x 18GB SCSI-2 HD 1 Check Point FireWall-1 Server 1 CheckPoint FireWall-1 RealSecureAntiVirus 1 Symantec NAV for FireWall-1 Page 13 of 13

100M NIC x 2 4 Nokia Appliance Platform IP650 256MB RAM 10/100M NIC x 8 E1/T1 WAN Port x 1 2 OA-Subnet SSR8600 CheckPoint FireWall-1 RealSecure Engine Internet IP 5 Nokia Appliance Platform IP650 256MB RAM 10/100M NIC x 8 2 OMC-Subnet Billing-SubnetCisco 7513 Cisco 7513 Fast-Ethernet 6 Check Point FireWall-1 for Enterprise 4 NAP IP650 7 Check Point RealSecure for Nokia 8 NAP IP650 IP IDSIP 8 Symantec Norton AntiVirus for FireWall-1 1 NT 7 Nokia NAP IP650 IDS IP650 E1/T1 InternetSSR8600DMZ VLAN DMZ 210/100M NIC WebST Page 14 of 14

Primary Secondary VLAN-2 UNIX WebST VLAN-1 WebST DMZ VLAN-2InternetOMC-SubnetBilling-Subnet 8 3. Norton AntiVirus NT PC ISS System Scanner 3.1 : Page 15 of 15

Symantec Nonton AntiVirus Symantec Symantec IBM Lotus Notes/Domino(on AIXAS/400OS/390SUN SoralisNT)MS Exchang Server Unix Symantec IBM AIX, Linux, AS/400, OS/390 SUN Solaris Dos, Windows/3x, Windows 95/98, Windows NT Workstation/Server, Windows 2000,OS/2, NOVELL Netware, Macintosh Symantec Bloodhund TM, Striker32 MVPNAV SSCSymantec System Center NAVEX. NAV. Symantec Symantec Symantec 4 SARC 2000 SARC Internet SARC Symantec Symantec Page 16 of 16

Symantec 40 Symantec System Center (SSC) Norton AntiVirus Enterprise Solution 4.0 Norton AntiVirus for FireWall 1.5 FireWall-1 3.2 ISS System Scanner ISS System UNIX NT ISS System Scanner ISS System Scanner OS OS ISS System Scanner OS ISS System Scanner OS URL 3.3 1 NT Pentium III 500MHz 256MB RAM / 2 x 18GB SCSI-2 HD 100M NIC x 2 1 Symantec AntiVirus Server ISS System Scanner Console 2 Symantec Norton AntiVirus Solution 4.0 1 NT 3 ISS System Scanner Console 1 4 ISS System Scanner Agent 10 7 Page 17 of 17

4. 4.1 1 OA OMC-Subnet Billing-Subnet UNIX 2 OMC-Subnet Billing-Subnet UNIX VLAN-2 UNIXNT UNIX Internet DMZ DMZ PROXY 2 PROXY DMZ PROXY WebST 3 1 2 3 4 5 Page 18 of 18

6 7 4.2 C/S TCP B/W/D Web WebST DCE Internet/Intranet/Extranet WebST WebST Intranet WebST WebST CA WebST WebST 4.3 WebST WebST 9 JavaConsole WebSEAL Web Web NetSEAL VPN TCP/IP C/S ObjectSEAL CORBA MQSEAL MQ NotesSEAL Notes DBSEAL EPKMS PKI Page 19 of 19

9 WebST Page 20 of 20

WebST JavaConsole WebSEAL Web Web Smart Junction Web URL Web Web WebST WebSEAL NetSEAT Web Web WebSEAL (1) (2) JavaConsole ACLs (3) WebST (4) WebST Web (5) WebSEAL http Page 21 of 21 10 WebSEAL NetSEAT WebSEAL

(6) WebSEAL ACLs ACL Web (7) WebSEAL Web http (8) Web WebSEAL (9) WebSEAL Web NetSEAL TCP/IP Internet/Intranet/Extranet VPN TCP/IP VPN VPN 11 NetSEAL NetSEAT NetSEAL WebST NetSEAL NetSEAT TCP/IP NetSEAL (1) JavaConsole (2) JavaConsole ACL ACLs (3) WebST (4) WebST (5) NetSEAL TCP/UDP Page 22 of 22

(6) NetSEAL ACLs ACL (7) NetSEAL TCP/UDP (8) NetSEAL TCP/UDP 4.4 OA UNIX OA UNIX VLAN-2 UNIX UNIX NTUNIX UNIX PC UNIX UNIX UNIX PROXY UNIX TCP/IP UNIX WebST WebST NetSEAL TCP UNIX VLAN-2 VLAN-2 UNIX NT/UNIX TCP UNIX NT/UNIX 7 UNIX VLAN-2 NT/UNIX OMC-SubnetBilling-Subnet IPIP UNIX PC UNIX UNIX 4.5 1 PC Server SUN SPARC2 WebST for PC Pentium III 2 x 800MHz Primary WebST for SPARC Ultra-II 2 x 450MHz Secondary WebST 1GB RAM / 2 x 18GB SCSI-2 HD 100M NIC x 2 2 WebST 2 WebST 3 NeSEAL >=2 2 WWW 4 WebSEAL >=2 2 5 WebST 500 WebST 7 Page 23 of 23

OMC-SubnetBilling-SubnetVLAN-1 Proxy WebST WebSEALNetSEAL WebST WebST WebSEAL NetSEAL NetSEAT NetSEALWebSEAL 5. 5.1 5.2 OPSEC Check Point FireWall-1 Check Point RealSecure IDS Symantec NAV Internet DMZ VLAN-1VLAN-2 OA Internet DMZ PROXY Internet PROXY PROXY DMZ PROXY WebST PROXY Check Point IP WebST PROXY VLAN-1 VLAN-2 WebST VLAN-1 OMC-SubnetBilling-Subnet VLAN-2 WebST IPTCP/UDP VLAN-1 WebST WebST Page 24 of 24

VLAN-2 UNIX OMC-SubnetBilling-Subnet UNIX VLAN-2UNIX WebST Secure ShellSSH OMC-Subnet Billing-Subnet UNIX PC WebST UNIX VLAN-2 IP OMC-SubnetBilling-SubnetUNIX VLAN-2 IP RealSecure IDS IP 650 NIC Internet VLAN-1 OMC-Subnet Billing-Subnet IP SSR8600 X-Pedition 8600 4 ISS System Scanner Agent Scanner Console WebST WebST WebST PC NetSEAT ACL VLAN-1 OMC-SubnetBilling-Subnet DMZ PROXY WebST Page 25 of 25

1. 2. 1 NT Pentium III 500MHz 256MB RAM / 2 x 18GB SCSI-2 HD 100M NIC x 2 2 NT Pentium III 500MHz 64MB RAM / 4GB HD 100M NIC x 2 3 NT Pentium III 800MHz x 2 1GB RAM / 2 x 18GB SCSI-2 HD 100M NIC x 2 4 NT Pentium III 500MHz 256MB RAM / 2 x 18GB SCSI-2 HD 100M NIC x 2 5 PC Server SUN SPARC E250 for PC Pentium III 2 x 800MHz for SPARC Ultra-II 2 x 450MHz 1GB RAM / 2 x 18GB SCSI-2 HD 100M NIC x 2 6 NT Pentium III 500MHz 64MB RAM / 4GB HD 100M NIC x 2 7 10/100M X 12Ports 1 Check Point FireWall-1 Management Server Reporting Modules 1 CheckPoint FireWall-1 RealSecureAntiVirus 1 Symantec NAV for FireWall-1 1 Symantec AntiVirus Server ISS System Scanner Console 2 WebST Primary WebST Secondary WebST WebST WebST WebSEAL WebST NetSEAL 1 JAVA Console 2 Page 26 of 26