Many enterprises' key businesses are based on network information systems. With the development of computer network technology and the continuous improvement of network users' requirements for data security and the availability of the entire system, how to ensure the safe and stable operation of network information systems is an important topic for enterprise IT departments. In order to ensure the normal operation of the entire network information system, it is necessary to ensure the stability and reliability of the operation of the basic units (i.e. network equipment) that make up the system.
During the life cycle of the network equipment, the equipment factory chamber of commerce releases some announcement information related to the product from time to time, including product life cycle announcement, product defect announcement, software vulnerability information, security vulnerability warning, etc. Based on these official announcements, network management personnel carry out risk assessment on the equipment currently operating on the network and take relevant measures in a timely manner, which is an important way to ensure the stability and reliability of equipment operation. However, this management method is facing the following challenges:
● The amount of official announcement information is too large and scattered to be conducive to collection;
● There are usually several models or even several manufacturers of network equipment in the current network environment, and there may be several software versions for each model of equipment. Each model version needs to be evaluated and the workload is huge.
For network assets within the scope of service, professional software tools are used to collect equipment product models, software versions and configuration information, and to find corresponding official announcement information based on current network equipment models and software versions, so as to assess the possible risks of the equipment. The following is the service process:
Informing the customer of the risk status existing in the current network equipment, including product life cycle, product defects, software vulnerabilities and security vulnerabilities, etc., and reminding the customer to take timely countermeasures to reduce operational risks, reduce business losses, and provide guarantee for the normal operation of the system.
Life cycle notice
The product will terminate its life cycle due to various reasons. These reasons may include the promotion of product updates due to market demand, technological innovation and development, or the replacement of older products with more functional new technology products over time. For this reason, ECCOM lists the products and related announcement information in the customer network that have ended or are about to end their life cycle, so as to help customers better manage this part of the products and formulate product replacement and upgrade plans.
Product defect notice
Product defect notification is a manufacturer's notification of important product problems (such as product hardware defects). By referring to the notice information, we can judge whether the relevant products need to be replaced, upgraded or take other measures according to the actual situation.
Software vulnerability information
Network manufacturers provide software vulnerability description information for their products. ECCOM makes statistical analysis of software version-related vulnerabilities involved in the user network, which can help users to complete:
● Risk management
● Product maintenance and operation
● Monitor updates to existing or known vulnerability information
● Study potential vulnerabilities in order to upgrade software
● Diagnose and troubleshoot vulnerabilities
● Take remedial measures to solve network problems
Security vulnerability alarm
A security vulnerability alarm is detailed information provided by a manufacturer in response to security issues related to its products (e.g., the risk of possible malicious attacks). By referring to the notice information, we can judge whether it is necessary to repair, upgrade or take other measures to the relevant software system according to the actual situation. ECCOM summarizes the security alarms involved in each software version and makes statistics on the number of devices involved in each security alarm so that customers can more intuitively understand the security risks existing in the network.
Tel : 400-820-5-820,800-820-5-820
mail : TAC@eccom.com.cn
web : www.ECCOM.NET.CN
ECCOM Smart Service
360° Comprehensive Lifecycle Services