To integrate resources and share data, Baoji plans to construct a united public service platform for social security card and implement the “Internet + Human Resource and Social Security” project. The electronic social security business and online public services of pension, medical care, industrial injury, unemployment, employment and personnel departments in Baoji City shall be added to the unified public service platform for social security card, rather than build separate business platform. The main construction items of Baoji “Internet + Human Resource and Social Security”, a basic network platform of public service information system, are to construct an efficient, reliable and secure network bearing environment for the cloud data center of Human Resource and Social Security, and to provide transmission support for the construction of “Internet + Human Resource and Social Security” public service information system.

Baoji “Internet + Human Resource and Social Security”, a basic network platform of public service information system is logically divided into two parts: public service area and production area. The public service area is applicable to business applications related to public services and the production area is applicable to business applications related to human resources and social security information system, and is connected to the upper and lower human resources and social security networks.

For the public service area, the flat two-layer structure and double-star topology are used in network system. The core switch DCRS-7600E and backbone links are all designed with double redundancy to build a high-performance and reliable non-blocking architecture, providing dual-homing and dual-active all-10G network backbone connection for the data center.

In this construction, the network of the production area is temporarily deployed with single DCRS-7600E as the core and single access, as well as all 10 Gigabit network backbone. In the second phase, VSF network virtualization competence is to be adopted to construct a dual core redundant link architecture, providing the network transmission with higher reliability and better performance.

Two DCFW-N series, the next-generation firewall products, are deployed at the access boundary between public service area and Internet, which are hot standbys to protect against security threats from the Internet stably and reliably; DCFW-N, the next-generation firewall, is also deployed at the access boundary between production area and upper-lower private network and at the boundary between production area and public service area, realizing behavior standardization and security isolation by perception, discovery and blocking functions. At the same time, the Bastion Host DCSAS-1000 is deployed to realize united login and control of all remote management and maintenance of network equipment, security equipment, host system and application system, to simplify the O&M process, and to rationalize, secure, specialize and standardize O&M management.