Stock Abbreviation : Topsec      Stock Code : 002212
7*24 hour service: 400-777-0777
Product Service
View all
  • Infrastructure Network
  • Data security
  • Industrial Internet Security
  • IoT
  • Safety service and operation
  • Cloud computing and cloud security
  • Zero Trust
Border Security
Application Security
Security Management
Safety Detection
Endpoint Security
Popular products
Zero Trust
Build a dual system security framework of zero trust inference and trusted inference.
Consulting and support services
Security Operations
Red blue confrontation service
Security Cloud Service
New technology testing services
Security integration
Industry specific services
Popular products
Zero Trust
Build a dual system security framework of zero trust inference and trusted inference.
Special Topics in Security
Security Research
About Us
About Topsec
China's leading cyber security, big data and cloud service provider
Learn about Topsec
About Us
Contact Us
Zero Trust
Build a dual system security framework of zero trust inference and trusted inference.
EN

Baseline Management System

Complete offline script database | Superior scanning performance | Professional knowledge base for the verification of industrial configurations

Overview

Topsec Baseline Management System (TBM) is a professional inspection tool designed to help customers solve security configuration management problems. The system adopts efficient and accurate recognition technologies, and can check and analyze security configurations of various asset equipment automatically, offer professional statement verification and suggestions for relevant security configurations, to help users timely find vulnerable security configurations, meet their multi-dimensional demands for the online inspection of new business system, the third-party network access security inspection, compliance security inspection, and daily security inspection, etc.

Activity & Announcement
Advantages
Authoritative checklist base

TBM has studied the configuration verification regulations of all industries after accumulating technologies for years, and has developed a complete set of configuration verification knowledge base. The system is provided with multiple standards of configuration verification knowledge bases, such as security classified protection 2.0, China Telecom, China Mobile, PBC, Sinopec, MIIT, and the Third Research Institute of Ministry of Public Security, and also supports one-click switching, and can comply with the configuration verification demands of different industries.

Complete asset management system

The system is provided with a huge asset fingerprint base, which can accurately recognize operating system, middleware, database, network equipment, big data components, virtual equipment, industrial control equipment and other types of assets, and maintain a complete asset system by automatic finding or batched import. Besides, it also supports asset grouping as per the department result or asset type, so that users can comprehensively master the asset composition result and compliance within the network environment from the perspective of asset groups.

All-round centralized control

The product adopts the idea of centralized management and control, realizing the unified management capability of firewall, TVD, EDR, vulnerability scanning and other equipments, which greatly facilitates security operation and disposal work as well as monitoring of security equipment status. It supports real-time monitoring of device status, dynamic awareness of security devices' health, device policy backup and automated comparison of configuration differences, enabling rapid acquisition of security device configuration changes, realization of device policy configuration issuance, and enhancement of security operation efficiency.

Flexible access for multi-vendor probes

The product adopts the industry's mainstream active and passive collection methods to realize multi-vendor, multi-probe, multi-source heterogeneous security data access. The access device type is rich, supporting common firewalls, TVD, EDR, system vulnerability scanning, Web vulnerability scanning, honeypot, intrusion detection, Web attack detection, DDoS detection, database auditing, network auditing and other security devices.

Application
Scenario

As specified in security classified protection 2.0, the configuration information for information systems above Level II shall meet the compliance requirements. TBM is set at the bypass of core network switch to check the configuration compliance of all network-wide assets by TBM on the premise of accessible network.

Issues Resolved
  • In case of finding non-compliance items in asset configurations, security shall be strengthened as per the rectification suggestions to eliminate such items.
  • The system is built with the configuration verification knowledge base that can comply with security classified protection 2.0 regulations, to ensure that all asset configurations are as required, and conform to the specifications for the compliance inspection of security classified protection evaluation, and help users pass the evaluation.
  • By verifying configurations on a regular basis, the system can help users solve potential security hazards in configurations, and reduce the risk of security incidents.
Scenario

For civil aviation, operator, tobacco, energy and other large-scaled enterprises, the security inspection of asset configuration compliance is a key link in the annual security inspection implemented by the Headquarters of group companies for their provincial and municipal subordinate units. By adopting distributed deployment plans, the TBM platform is set at the Headquarters of group companies, while the secondary subordinate node probes are arranged at provincial and municipal subordinate units.

Issues Resolved
  • The system can help the Headquarters of group companies and their subordinate units find non-compliance items in asset configurations, make rectification and reinforcement timely, and meet the annual security inspection requirements.
  • In addition, it can also help the Headquarters of group companies implement automatic security inspection of configuration compliance for their subordinate units, and improve the efficiency of operation and maintenance.
Value to Customers
Process-oriented and accurate inspection mode

The configuration verification knowledge base can provide unified inspection standard for the configuration verification of each model of equipment, to avoid large manual verification errors significantly. Besides, the automatic configuration verification mode can maximize verification efficiency.

Compliance inspection demands fulfillment

The system can check security configurations in combination with security classified protection, implement business system asset management, security configuration inspection, security configuration report and suggestions by centering on security level protection grading, to ensure that the security classified protection can be executed effectively and accurately.

Reduction of baseline management costs

By checking security configurations automatically, the system can save the traditional time required to check security configurations by manual clicking and avoid the risk of errors brought by traditional manual inspection. Meanwhile, it can also issue detailed inspection reports, improve the accuracy and compliance of inspection results significantly, save time costs, and make inspection easier.

Success Case
Relevant Recommendations
RELIABLE NETWORK SAFE WORLD

Product Service

Security Research

Special Topics in Security

About Us
Hot products
Next Generation Firewall NGFW® Hyper-converged Management Emergency Response Service Data Security Management Platform
Typical cases
CNCC security construction project Loophole Scanning Project of a Communication Group Internet surface exposure detection project of a central ministry
More Recommendations
Data Security Cloud Computing Industrial Internet Internet of Vehicles
Copyright © 2022 Topsec Technologies Group. All Rights Reserved Privacy Policy