醫(yī)院信息安全建設(shè)方案

1、醫(yī)院醫(yī)院信息安全建設(shè)方案信息安全建設(shè)方案■文檔編號文檔編號■密級密級■版本編號版本編號V1.0■日期日期?2019II六.整改建議.............................................................................................................................................166.1物理安全.....

2、....................................................................................................................................166.2網(wǎng)絡(luò)安全...............................................................................

3、..........................................................176.3主機安全.........................................................................................................................................196.3.1業(yè)務(wù)系統(tǒng)主機...

4、.......................................................................................................................196.3.2數(shù)據(jù)庫主機.........................................................................................

5、.....................................216.4應(yīng)用安全.........................................................................................................................................226.4.1HIS系統(tǒng)（三級）.....................

6、...............................................................................................226.4.2LIS系統(tǒng)（三級）.............................................................................................................

7、........246.4.3PACS系統(tǒng)（三級）.................................................................................................................266.4.4EMR系統(tǒng)（三級）..................................................................

8、................................................276.4.5集中平臺（三級）..................................................................................................................296.4.6門戶網(wǎng)站系統(tǒng)（二級）..........................

9、................................................................................316.5數(shù)據(jù)安全與備份恢復(fù).....................................................................................................................326.6安全管理

10、制度.................................................................................................................................336.7安全管理機構(gòu)..............................................................................

11、...................................................336.8人員安全管理.................................................................................................................................346.9系統(tǒng)建設(shè)管理..................

12、...............................................................................................................346.10系統(tǒng)運維管理.................................................................................................

13、..............................35七.總體設(shè)計網(wǎng)絡(luò)拓撲.............................................................................................................................387.1設(shè)計拓撲圖...........................................

14、..........................................................................................387.2推薦安全產(chǎn)品目錄.....................................................................................................................

15、....39八.技術(shù)體系建設(shè)方案.............................................................................................................................418.1外網(wǎng)安全建設(shè)....................................................................

16、.............................................................418.1.1抗DDos攻擊：ADS抗DDos系統(tǒng).........................................................................................418.1.2邊界訪問控制：下一代防火墻NF.......................

17、..................................................................438.1.3網(wǎng)絡(luò)入侵防范：網(wǎng)絡(luò)入侵防御系統(tǒng)NIPS..............................................................................468.1.4上網(wǎng)行為管理：SAS.................................

18、...............................................................................488.1.5APT攻擊防護：威脅分析系統(tǒng)TAC........................................................................................508.1.6Web應(yīng)用防護：web應(yīng)用防火墻......

19、....................................................................................548.2內(nèi)外網(wǎng)隔離建設(shè)............................................................................................................................

20、.588.2.1解決方案..................................................................................................................................598.3內(nèi)網(wǎng)安全建設(shè)...................................................................

21、..............................................................618.3.1邊界防御：下一代防火墻NF................................................................................................618.3.2入侵防御...............................

22、...................................................................................................628.3.3防病毒網(wǎng)關(guān).............................................................................................................

23、.................638.3.4APT攻擊防護...........................................................................................................................678.4運維管理建設(shè).......................................................

24、..........................................................................688.4.1運維安全審計：堡壘機..........................................................................................................688.4.2流量審計：網(wǎng)絡(luò)安全審計SAS..