With the rapid development of information technology, computer network plays an increasingly important role in politics, economy, society, culture and other fields. Statistics show that by the end of 1999, there were 440 million personal computers in the world and 259 million Internet users. It is predicted that by 2005, the global Internet users will reach 765 million. In addition, Internet-based e-commerce has also developed rapidly. It is estimated that by 2002, the global trade volume reached through the portal will reach 5 trillion US dollars. It is not difficult to imagine how much loss such a huge computer network will cause if information security is not guaranteed.
At present, China has formed three kinds of computer network systems: national public network, national private network and enterprise network. The Internet has covered more than 200 cities in China, and more than 3,000 government databases and 10000 enterprise databases are connected to the Internet, and countless emails are freely transmitted online. However, what is not commensurate with the huge user demand is that there are considerable loopholes in computer network information security in China. Weak awareness of network security, lax system and lax management allow viruses and hackers to take advantage of it; Objectively speaking, there is a problem that network security technology lags behind, especially in security protocols and system security. Therefore, information security has become a prominent and urgent problem in the process of informatization in China.
Generally speaking, information security is to ensure the integrity, availability and confidentiality of information. At present, information security can be divided into three levels: network security, system security and information data security.
The core of network layer security lies in whether the network is controlled, that is, can users from any IP address source enter the network? Once dangerous visitors enter the corporate network, the consequences are unimaginable. This requires the network to analyze the visitors and judge whether the data from this IP address is safe or not, and whether it will cause harm to the network; At the same time, the system is also required to automatically shut out dangerous access and automatically record it so that it cannot be harmed again.
The security problem at the system level is mainly the threat of virus to the network. The harm of virus is well known. It is like an untimely bomb hidden in the network, which may destroy the system at any time, causing serious consequences and even paralyzing the system. Therefore, enterprises must monitor in real time and kill viruses at any time, without any slack or negligence.
Information data is the key to security, which requires ensuring the integrity and confidentiality of information transmission. This security issue involves: Are users who use resources and data in the system really authorized users? This requires that the system can monitor and record the data information circulating in the network, and carry out strong identity authentication for users who use the system information data to ensure the information security of enterprises.
At present, the information security products developed for these three aspects mainly include antivirus software, firewall, security management, authentication and authorization, encryption and so on. Among them, antivirus software and firewall are the most widely used.
(1) firewall
Firewall can be said to be an access control product in a sense. It sets up a barrier between the internal network and the unsafe external network to prevent illegal access to internal resources from outside and unsafe access from inside to outside. The main technologies are packet filtering technology, application gateway technology and proxy service technology. Firewall can effectively prevent hackers from using unsafe services to attack the intranet, and can realize the functions of monitoring, filtering, recording and reporting the data flow, and better cut off the connection between the intranet and the external network. But it may have its own security problems, or it may be a potential bottleneck.
(2) Virtual private network
Virtual private network VPN is to realize the interconnection between two or more trusted intranets on the public data network by using data encryption technology and access control technology. The construction of VPN usually needs to use a router or firewall with encryption function to realize the reliable transmission of data on public channels.
(3) Security server
The security server mainly aims at the security of information storage and transmission in a LAN, and its functions include the management and control of LAN resources, the management of users in the LAN, and the audit and tracking of all security-related events in the LAN.
(4) Electronic visa agencies
As the third party of communication, CA provides reliable authentication services for various services. CA can issue electronic visa certificates to users, and provide users with membership authentication, key management and other functions.
(5) User authentication products
Due to the maturity and perfection of IC card technology, IC card is more widely used in user authentication products to store the user's personal private key, and combined with other technologies such as dynamic password to effectively identify the user's identity. At the same time, the digital signature mechanism can be realized by combining the personal private key on the IC card with the digital signature technology. With the development of pattern recognition technology, advanced recognition technologies such as fingerprint, retina and facial features will also be put into use, and combined with existing technologies such as digital signature, the authentication and recognition of user identity will be more perfect.
(6) Safety Management Center
Because there are many security products on the Internet and they are distributed in different places, it is necessary to establish a centralized management mechanism and equipment, that is, a security management center. Used to distribute keys to network security devices, monitor the running status of network security devices and collect audit information of network security devices.
(7) Safe operating system
Provide a safe running platform for the key servers in the system, and build a secure WWW service, a secure FTP service, a secure SMTP service, etc. , and as a solid foundation for various network security products to protect their own security.
Second, the current situation of information security products market in China
With the rapid development of Internet in China and the development of Internet applications represented by e-commerce, network security is attracting people's attention and becoming the focus of attention. Indeed, while the network provides convenience and benefits to people, it also makes us face great challenges in information security. On the one hand, network information security is a big issue related to national sovereignty and security. On the other hand, network information security has become the basic condition for the healthy development of the national economy. Therefore, the position of information security products in information construction is increasing day by day. It is no longer just a product needed by state organs and national defense departments, and its market demand is expanding rapidly.
199, the sales of security software in China was 455 million yuan, an increase of 33.8% compared with 340 million yuan in198. In recent two years, the market growth rate of security software in China is over 30%, which is obviously higher than that of the whole software market. Moreover, in terms of market segmentation, information security software is protected by the government because it involves national security (the other two are financial management software and Chinese information processing software), which will be one of the three areas where domestic software manufacturers can take advantage.
Compared with developed countries, China's investment in information security is still very low, generally less than 2% of the total cost of enterprise information system construction, while foreign enterprises' investment in security systems accounts for 15% ~ 20% of the total investment in network construction. In the United States, the annual sales of network security products from 65438 to 0999 reached $2 billion.
With the gradual popularization of computer applications and the rapid development of the Internet in China, especially in the process of implementing e-commerce in the future, the requirements of network security and information confidentiality will be higher and higher. In the future, the information security product market will be a software market segment with rapid growth and strong demand.
1, antivirus software market
At present, most of the market share of anti-virus software is in the hands of domestic software manufacturers, especially the anti-virus software on single machine has entered the stage of oligopoly competition, and the market share is relatively concentrated. At present, the main manufacturers and antivirus software are KV300 of Beijing Jiangmin New Technology Co., Ltd., Rising of Beijing Rising Computer Technology Company, KILL of Guanqun Gina Software Co., Ltd. and VRV of Nanjing Xinyuan Company. The market price of stand-alone antivirus software has also dropped to 200 ~ 400 yuan.
In the first half of this year, the competition in the stand-alone antivirus market became more intense, and the voice of price reduction came one after another. New competitors are constantly entering the anti-virus market in China. Kingsoft launched Kingsoft Internet Security in China, and the largest panda guardian in Europe also landed in China market, including the previous three American companies, Norton, Macfee and PC-cillin. All the four major antivirus software companies in the world have landed in China. The fiercer competition in China's anti-virus market has just begun. The international and domestic anti-virus elites will fight, and the monopoly of several domestic manufacturers may be broken.
With the popularity of the Internet and the low-cost expansion of stand-alone antivirus software, more and more viruses begin to spread through the Internet. According to the survey of the International Computer Security Association, more than 60% of the new viruses are spread through the Internet, so it can be said that the anti-virus ability of the Internet has become the key technology of anti-virus software. International antivirus software such as Panda Guardian, Norton, Macfee, etc. have come to the forefront, they can support all Internet protocols and identify viruses, while domestic antivirus manufacturers are relatively backward, and are still in the process of gradual transition from stand-alone application of antivirus software to enterprise-level protection. In the future, the competition of network antivirus software will be more reflected in the level of technology and service, and the market of enterprise antivirus software will undoubtedly grow. In China's network antivirus software market, the main manufacturers are NAI, Guanqun Jinchen and Symantec, and the domestic manufacturer Zhongbei Xinyuan occupies a place among them.
At present, there are not many listed companies entering the anti-virus market, only Henan Yuneng. 1September, 1999, Henan Jingwei Software Co., Ltd. was reorganized and Henan Yuneng Information Technology Co., Ltd. was established, with Henan Yuneng holding 70% of the shares. Henan Jingwei Software Co., Ltd. has launched an antivirus software, namely AV95 computer security guard. However, the market share of this product is not high, and after the capital increase and reorganization, the company turned to the development of management information system (MIS), and anti-virus software did not become its development focus.
2. Network security market
At present, network security technologies and products include software firewall, VPN (virtual; Private; Network), information encryption, access control, identity authentication, log audit, security assessment, intrusion detection, storage security, etc. Firewall products are widely used in network information security software. Firewalls are mainly divided into two categories: packet filtering firewalls and proxy firewalls. At present, some have adopted dynamic packet filtering technology and adaptive technology.
From the perspective of network security technology, large foreign network security software vendors are in a leading position. Since most large foreign network security vendors were established in the early 1990s, on the one hand, they benefited from the explosive growth of Interet, on the other hand, the urgent demand and increasing concern of users for security also contributed to the rapid development of network security software. At present, most of the well-known foreign network security software manufacturers have entered China, and they have considerable advantages in the high-end network security software market in China. At present, more than 60% products in the domestic network security market are foreign brands. According to incomplete statistics, there are only more than 10 kinds of "firewall" products in China, and only three or four kinds of firewalls are actually listed. By this year, the number of firewall products has not increased much, and no enterprise has been able to form its own advantages in this field.
For domestic network security software manufacturers, although they started late, they can study and master advanced security technologies faster. The localization advantage and the country's special policy on security products will make domestic manufacturers gradually mature in the high-end market and eventually occupy the market initiative.
The market of password products is protected by the state, and the units that develop, produce and sell password products must be designated by the State Password Management Committee and the Central Password Leading Group. At present, only a limited number of units are allowed to produce and sell nuclear and secret products, such as the Data Research Institute of the Ministry of Information Industry, 30 of the Ministry of Information Industry and 56 of the General Staff. The management of trade secret products is relatively loose, and the market competition is particularly fierce.
3 enterprises engaged in the production of information security products in China and their products.
Information security has become a major strategic issue related to national security, and it is the general trend to establish a secure information industry with independent intellectual property rights. At present, the relevant state departments attach great importance to the research and development of information security products. On July 20th, 2000, the foundation stone of China's first national high-tech research and development plan information security industrialization base was laid in Chengdu High-tech Industrial Development Zone. Chengdu Information Security Base is jointly established by Chengdu Hi-tech Industrial Development Zone, the 30th Institute of Electronics of the Ministry of Information Industry and Chengdu Weishitong Information Industry Co., Ltd. ... This information security base will be gradually established according to the principles of government construction, enterprise singing opera and market orientation. Its orientation is to provide general basic information security products for China, and strive to establish a complete industrialization system of "general basic information security products". Strive to form an information security industry cluster in the west of China within three to five years, cultivate a number of information security enterprises with certain strength at home and abroad, and generate income of more than 654.38 billion yuan, which has become an important support of the national information security industry.
In addition, Shanghai will also establish an information security product research and development base, and the state will set up a national information security engineering technology research center in Beijing. The industrialization of information products in China has made a good start.
There are more than 200 information security products manufacturers in China, but there are only about 15 companies with strength and scale, such as the Data Institute of the Ministry of Information Industry and Neusoft Alpes School. According to the procedures stipulated in the Regulations of People's Republic of China (PRC) on the Security Protection of Computer Information Systems and the Administrative Measures of Ministry of Public Security on Testing and Sales License of Computer Information Systems, China implements a sales license system for information security products, and the Computer Management and Supervision Department of the Ministry of Public Security is responsible for the examination and issuance of sales licenses and the examination and approval of safety function testing institutions for safety-specific products.