Stock Abbreviation : Topsec      Stock Code : 002212
7*24 hour service: 400-777-0777
Product Service
View all
  • Infrastructure Network
  • Data Security
  • Industrial Security
  • Intelligent Computing Cloud
  • Security Services and Operations
Special Topics in Security
Security Research
About Us
About Topsec
Learn about Topsec
About Us
Contact Us
Intelligent Computing Cloud
Assist customers in quickly and safely implementing large model applications.
EN

Topsec Situation Awareness System

Comprehensive Security Data Collection | Intelligent Threat Analysis | Closed-Loop Incident Response.

Product Overview

Topsec Situation Awareness System (TopSA) is built on a big data architecture and integrates multiple probe devices. It utilizes both active and passive collection methods to gather multi-source, heterogeneous security data. The system performs in-depth analysis of massive security data through search, investigation, scenario modeling, and correlation analysis. It also enables rapid centralized configuration and seamless linkage with various security devices. Additionally, the system provides a comprehensive threat intelligence database and integrates with external threat intelligence feeds. It offers a holistic situational view across multiple dimensions, including assets, vulnerabilities, attacks, threats, and response actions.

Activity & Announcement
Advantages
Multi-Dimensional Situational Awareness for Informed Decision-Making

Its situational analysis covers multiple dimensions, including network-wide status, threat landscape, security mapping, response actions, asset posture, attack campaigns, vulnerability status, website monitoring, malicious program activity, and multi-screen visualization. This comprehensive view enables decision-makers to maintain overall control, meeting industry-specific goals for real-time awareness, accurate monitoring, and prompt emergency response. Consequently, it enhances both risk identification efficiency and rapid threat disposal capabilities.

Automated response scheduling

Response orchestration automatically directs security devices to execute attack-blocking actions based on predefined policy rules, which reduces the difficulty of security operations and improves efficiency when facing multiple threat attacks. The system adopts intelligent correlation analysis technology to extract security logs from massive data, and security logs serve as the foundational data to support scenario analysis and policy scheduling. The system supports combined scenario scheduling through alarm logs, threat intelligence, vulnerabilities and other related data. It quickly correlates control strategies with execution devices across different scenarios to realize automated threat disposal capabilities, greatly enhancing the efficiency of threat disposal.

Comprehensive Centralized Management and Control

It centrally manages all types of security products such as firewall, TVD, EDR, vulnerability scanner, and realizes centralized configuration backup, policy management, and status monitoring. Device configuration backup supports automated backup and difference comparison. Device policy management supports acquiring, editing and issuing device policies to improve security operation efficiency. Device status monitoring supports real-time monitoring to dynamically monitor the health status of security devices.

Flexible Integration with Multi-Vendor Probes and Devices

The system employs active and passive collection methods, including syslog and SNMP, to aggregate multi-source, heterogeneous security data. It supports seamless integration with both Topsec and third-party devices, such as anti-DDoS, EDR, network/database auditing systems, firewalls, IDS/IPS, UTM, and WAF.

Applications
Scenario

TopSA is designed to detect, track, and predict the organization-wide security posture, triggering appropriate alerts. It can master the cybersecurity situation, timely handle cybersecurity threats, risks and potential hazards, dynamically monitor vulnerabilities, malware (including viruses and Trojans), and network attacks, discover clues of cybersecurity incidents fast, warn and report key cybersecurity threats accurately, so as to achieve real-time cybersecurity management, accurate security monitoring, timely emergency disposal, and other objectives, and finally enhance the capacity to identify and solve cybersecurity risks, and manage overall cybersecurity intelligently.

Issues Resolved
  • Network-wide security risks are intensively collected, monitored and analyzed.
  • A full-life-cycle security operation management is established, covering incident detection, discovery, analysis, identification and disposal.
  • Cybersecurity governance is normalized and standardized.
Scenario

To comply with national regulatory requirements, the system implements a layered architecture. It integrates horizontal components—such as data aggregation and processing, data center, analysis and response, and situational display—with vertical security protection and operational maintenance constructs. This forms an organization-wide supervision platform that enhances real-time monitoring, intelligent oversight, alerting, and early warning. It thereby strengthens protection against network-wide data breaches, attacks, theft, and other malicious activities.

Issues Resolved
  • Multi-source heterogeneous logs are uniformly collected, unified and analyzed, solving security islands and log dispersion problems.
  • Big data architecture model and second response of massive data improve the efficiency of investigation, evidence collection, and tracking.
  • Flexible modeling analysis and visible dragging mode make security analysis much easier.
  • Multi-dimensional display and comprehensive security portraits ensure comprehensive network-wide security analysis.
Value to Customers
Eliminates Security Silos through Centralized Log Management

The system uniformly collects, manages, searches, and analyzes logs from all security devices across the network, breaking down data silos and enabling a coordinated, defense-in-depth security posture.

Enables Rapid Response with Unified Command and Decision-Making

By centrally aggregating and analyzing alarms, incidents, and vulnerabilities, the system displays network-wide security trends on dashboards, enhancing detection, rapid response, and tracking capabilities.

Comprehensive security supervision, intelligent dispatch response

Leveraging advanced big data technologies, the system establishes a comprehensive, intelligent, and visible security supervision framework, and set up a corresponding supervision center, to identify risks on a continuous basis, master the current situation of security control comprehensively.

Specification
0 > 0 >
Feature Value
Data Collection Rate (per probe) ≥20,000 events per second
Search Response Time Sub-second latency when searching across 8 billion records
concurrent user sessions Supports 50 or more simultaneous user logins

Product Form Software
Supported Operating Systems Tongxin UOS V20 1060e
Tongxin UOS V20 1070e
OpenEuler-22.03-LTS
Kylin V10-SP2
CPU Server-grade processor with at least 32 threads and a minimum clock speed of 2 GHz
Memory 128 GB or more
Disk Space 4 TB or more of available storage
Network Interface Card (NIC) 10 Gigabit Ethernet
Relevant Recommendations
RELIABLE NETWORK SAFE WORLD

Product Service

Security Research

Special Topics in Security

About Us
Hot products
Next-Generation Firewall Intelligent Computing Cloud Platform LLM Security Gateway Data Security Management Platform
Typical cases
CNCC security construction project Loophole Scanning Project of a Communication Group Internet surface exposure detection project of a central ministry
More Recommendations
Data Security Intelligent Computing Cloud Industrial Internet Industrial Internet Cloud Security IoV Security
Copyright © 2022 Topsec Technologies Group. All Rights Reserved Privacy Policy