摘 要:近年来,随着企业数字化转型和业务融合,他们向公众或内部员工开放更多应用网站,同时钓鱼攻击,勒索软件等在线网络攻击威胁增多,很容易绕过传统边界安全防御系统。基于远程浏览器隔离模型,文章以主动防御的视角设计了一种基于远程浏览器隔离的网络安全防御系统,在不影响用户浏览网站前提下,将浏览会话转移至远端服务器隔离,只发送合规渲染后的内容到用户终端,保护用户终端不被恶意攻击。
中图分类号:TP309 文献标识码:A 文章编号:2096-4706(2022)07-0133-04
Research on Network Security Defense System Based on Remote Browser Isolation
(Beijing Venustech Cybervision Co., Ltd., Chengdu 610213, China)
Abstract: In recent years, with the digital transformation and business convergence of enterprises, they open more application websites to the public or internal employees. At the same time, the threat of phishing attacks, ransomware and other online cyber attacks has increased, and it is easy to bypass traditional border security defense systems. Based on the remote browser isolation model, this paper designs a kind of network security defense system based on the remote browser isolation from the view of active defense. Under the premise that it does not affect users browsing the website, it transfers the browsing session to the remote server isolation, sends only the compliance-rendered content to the user terminal, protects user terminal from malicious attacks.
Keywords: remote browser isolation; terminal security; application security; data security
[1] 国家计算机网络应急技术处理协调中心 .2020 年中国互联网网络安全报告 [M]. 北京:人民邮电出版社,2021:23.
[2] 奇安信战略咨询规划部 & 奇安信行业安全研究中心 . 内生安全 [M]. 北京:人民邮电出版社,2021:76.
[3] 张晓艺 . 如何防范基于浏览器的网络威胁 [J]. 计算机与网络,2019,45(9):50-51.
[4] 叶朝阳,王欣,张士聪,等 .SASE 云安全研究与实践 [J].电信科学,2022,38(1):140-149.
[5] 宁华,荣晓燕,刘海峰,等 . 网络安全等级保护下的零信任 SDP 评估方法 [J]. 网络安全技术与应用,2021(7):2-5.