Product Service

Special Topics in Security

Security Research

About Us

About Topsec

China's leading cyber security, big data and cloud service provider

Learn about Topsec

Company Profile

Contact Us

Zero Trust

Build a dual system security framework of zero trust inference and trusted inference.

Network Audit System

Multi-dimensional and all-round audit | Security and efficiency | Instant check and statistics | Rich statistics

Network Audit System Overview

Topsec Network Audit System (TA-NET), with Topsec's independent intellectual property rights, is a secure and efficient cyber security audit product that is easy to manage and scale up. It is suitable for network environments that require real-time content audit and behavior monitoring. It adopts an open system architecture and modular design, with intelligent information processing capabilities and powerful audit analysis functions.

Activity & Announcement

Hot products Next Generation Firewall
Typical cases CNCC security construction project

Advantages

Full web application identification

The system automatically identifies and audits thousands of application protocols on the network, allowing fine-grained audits of web access, file transfer, mail transfer, and other protocols. It can accurately restore access behavior for bad speech, violence, drugs, pornography, and games, with an industry-leading number of network protocol types.

Fine audit granularity

The system performs flexible and fine-grained audits on network behavior through application identification and traffic monitoring, flexibly sets audit protocol fields and restores file types, and performs multi-dimensional and all-round audits on abnormal network behavior.

Accurate detection of sensitive files

Based on the data analysis of the session stream and the deep session restoration technology, file restoration is performed on the transmission content of applications such as email, HTTP, and FTP. The system detects sensitive information such as documents, images, and compressed files, accurately identifies sensitive words in each scene, and provides alarm responses for violations in a timely manner.

Insight into encrypted traffic

The system decrypts network encryption protocols through encrypted traffic analysis technology. Through the proxy mode and bypass mode, the system accurately audits encryption protocols such as HTTPS and SFTP to meet users' needs for fine-grained control of applications.

Application

Scenario

Bypass deployment is the most commonly used deployment mode. The audit system can be used after it is connected to the mirroring port of a switch. It is easy to bring the system online, without affecting the original network structure.

Issues Resolve

Ensures secure, stable, and reliable operation.
Is suitable for small and medium-sized network environments without changing the network structure.
Ensures fine-grained audit content and post-incident backtracking.

Scenario

In cascading deployment, each TA-NET device runs independently to audit network data of its own. The upstream device can deliver policies to the downstream device and check analysis results on the downstream device. This deployment mode is suitable for the customer's network structure and addresses the customer's need for hierarchical database control and auditing.

Issues Resolve

Ensures uniformity of policies between headquarters and branches.
Addresses the customer's need for hierarchical control and auditing.
Provides a response mechanism that has linkage with the threat analysis system.

Scenario

Distributed deployment allows multiple TA-NET devices to share the audit load from the entire network, and employs a high-performance centralized management center to facilitate centralized monitoring. This deployment mitigates the pressure on each TA-DB device.

The management center delivers strategies to the TA-DB devices and processes data queries for users. The proxy nodes can send audit events to the management center or store the incidents locally, depending on the configuration made by the customer. Regardless of where audit events are stored, administrators can query audit events of each proxy node and view analysis results on web pages of the management center.

Issues Resolve

Adapts to the customer network structure.
Provides a linkage alert response mechanism.
Addresses the customer's need for hierarchical control and auditing.

Value to Customers

Enhanced data security management

The system enhances the traceability of service access, helps customers manage Internet access logs in a unified manner, identifies security risks in a timely manner, reinforces the network, and assists in optimizing the use of network resources.

Fulfillment of compliance needs

The system effectively helps network operators to meet the requirements of security audit in Cybersecurity Classified Protection 2.0 and related policies and regulations, thereby comprehensively improving the network power of network operators and ensuring the stable operation of the network.

Flexible deployment for different scenarios

The system is commonly used in bypass deployment mode, and supports distributed deployment, multi-layer deployment, and centralized management as well as deployment in cloud environments, flexibly adapting to audits in different scenarios with users' changing network environment.

Success Case

Network audit project of a provincial expressway group

Audit strategies need to be enabled for toll booth and sub-center devices. Toll booths do not keep audit data locally, and data is uploaded to each sub-center for retention. In this way, upper-level devices can manage lower-level devices in a centralized manner. Audit data and alarm data are uploaded to the provincial center for unified retention in real time.

Value to Customers：: Stable and reliable system Comprehensive and detailed audits Easy investigation and personnel accountable identification

View details

Relevant Recommendations

Product Recommendation

Special Recommendation

News Recommendation

Network audit project of a provincial expressway group