This achievement belongs to computer field. Network security is related to the political, economic, cultural and national defense security of a country. In the process of building a secure network system, there are some problems that need to be solved urgently: heterogeneous security products in the intranet cannot work together, terminal access, access control and sensitive data protection are seriously puzzling the security of the intranet; passive security defense methods at the network boundary cannot effectively warn and actively defend against various attacks from the external network in real time; new malicious programs continue to appear, seriously threatening the security of the intranet and network boundary. Supported by the National Development and Reform Commission's Information Security Industrialization Project, 863 Plan, National Enterprise Innovation Fund, Ministry of Public Security's Information Security Project, National Natural Science Foundation's Key and General Projects, this achievement has overcome a variety of technical problems, developed intranet integrated security management systems and products, network boundary active real-time defense systems and platforms based on application behavior norms, cloud security malicious program defense systems and platforms, etc., effectively protecting the security of intranet and intranet boundaries. Innovations include: 1. Propose a new method for integrated security management of the intranet and develop related systems and products to integrate and operate intranet security management, security protection, operation and maintenance management, security auditing, terminal access control, etc.; Research and develop products such as access control, authorized access authentication and unified configuration management for fixed terminals and Mobile device, as well as dynamic data auditing and hierarchical protection of digital information. 2. A new method for active real-time defense of network boundaries based on application behavior specifications is proposed and a security access platform for network boundaries is developed. By standardizing all application behaviors to maintain the normal operation order of the network and prevent unknown network attacks; soft control measures are used to automatically correct deviations in application behaviors, avoiding the damage caused by the high false alarm rate of the hard control method. The existing security technology for preventing harmful application behavior will be expanded to become an integral part of it. This technology can effectively defend against known network attacks and resolve various new or deformed network attacks in a timely manner. 3. Propose a new cloud security defense method for malicious programs and develop Hongtai Cloud Security Platform. On the one hand, by deploying lightweight malicious code defense software on terminals, new virus solutions are distributed to terminals in units of virtual defense groups, which ensures terminal security while reducing security costs in the cloud and terminal; on the other hand, the cloud uses A variety of heterogeneous detection engines to detect various unknown program codes uploaded by terminals in parallel, which can efficiently and accurately detect and process various malicious program codes. The results of this project have applied for more than 90 invention patents, and authorized 38 invention patents, including 2 international invention patents. The patent results have been cited by IBM, HP, NEC, Cisco, Siemens, Philips, Ericsson, Huawei, Ali, ZTE and Inspur. Two of them have created direct economic benefits of 45 million yuan in the past three years; two national standards and 6 industry standards have been drafted; 70 software copyrights have been registered; Published 19 A-category journals, searched 86 by SCI/EI, and his papers were cited more than 6000 times (google scholar). The technical products developed by this project have been widely used in more than 70% of public security units at the county level and above in the country, as well as many government, military, telecommunications and banking units. They have been widely used in the 2010 Asian Games and Universiade, the 2010 Shanghai World Expo, and the 2011 Nanchang National Urban Games, the 2014 CICA Summit, the 2015 Zhengzhou SCO Meeting, the 2017 Xiamen BRICS Leaders 'Meeting, the 2018 Ningxia Hui Autonomous Region Celebration of the 60th Anniversary of the Founding of the Autonomous Region, The 2018 Shanghai Import Expo provides security. In the past three years, the cumulative new output value has been 775 million yuan, and the new profits and taxes have been 211 million yuan, with significant social and economic benefits.