The data center of Tianjin Municipal Human Resources and Social Security Bureau requires that the same-city data center, the production and disaster recovery data center shall perform their respective duties. In case of disaster, the production data center is down, and the same-city data center can quickly recover data and applications, so as to reduce the loss caused by disaster to users.

The data center security system of Tianjin Municipal Human Resources and Social Security Bureau provides security support for data center, such as security interconnection, access control, identity authentication, authorization management, access control, vulnerability management, anti-virus, intrusion prevention, security audit, desktop (terminal) security, etc. The security management and O&M system is the guarantee for long-term effective operation of data center.

From the location, they are divided into the production data center and the same-city data center, which are redundant and mutual disaster recovery. From the function, they are divided into business private network and public service network. Security isolation and information exchange system (YK-GAP series gateway) is adopted between business private network and public service network for safe data exchange.

Digital China DCFW-1800E series firewalls are deployed in the service private network area of a single data center to form a cluster and hang on the core switch to perform secure filtering on cross-VLAN data through policies, while data of the same VLAN is not filtered. The other two sets form a dual-machine cluster and hang on the core switch to perform secure filtering on service data through policies, and at the same time provide high-performance VPN access services for relevant units.

YK-GAP series gateway is used for physical connection control between data centers. The two data centers are connected to secure and non-secure networks respectively. Information ferry is carried out through the gateway to ensure that no direct physical path is set between the data of the two places. Meanwhile, information filtering, such as anti-virus and anti-malicious code is conducted to ensure information security.

Each data center deploys a Web Application Firewall to protect the internal server of the entire public service network, providing complete WEB protection, web page protection, load balancing and other functions to ensure the continuous and stable operation of users’ core applications and services.