Abstract: The national standards of cybersecurity classified protection 2.0 were officially released in 2019, marking the entry of classified protection into the 2.0 era. At the same time, a number of classified protection 2.0 solutions have emerged, including eyecatching solutions such as “product packages” and “definitely pass”, which are essentially just a stack of security products, misleading some network operators. Relying solely on safety products can only solve part of the technical problems, and does not really implement the requirements of the classified protection standards. Based on the perspective of network operators carrying out classified protection construction, this paper proposes a “process & product & service” classified protection 2.0 whole process solution by using design thinking, and combines with auxiliary tools such as classified protection process management platform (CPPM) and compliance autoinspection platform (CAIP) to improve efficiency and ensure the quality of scheme delivery. The solution is designed to help the majority of network operators complete the construction of classified protection with less worry and effort and build a cornerstone of comprehensive cybersecurity defense system of our country.

Key words: classified protection, cybersecurity, whole process, solution, compliance autoinspection platform

摘要： 2019年正式发布网络安全等级保护制度2.0国家标准，标志着等级保护工作进入2.0时代，同时也涌现出一批等级保护2.0解决方案，其中不乏“产品套餐”“包过”等博眼球的方案，其本质只是一些安全产品的堆叠，误导了一些网络运营者.单纯依靠安全产品只能解决技术层面的部分问题，没有真正将等级保护标准要求落到实处.以网络运营者开展等级保护建设工作为视角，利用设计思维提出“流程+产品+服务”的等级保护2.0全流程解决方案，并结合等级保护流程管理平台(CPPM)、合规自检平台(CAIP)等辅助工具提高效率，保障方案交付质量.旨在助力广大网络运营者省心、省力完成等级保护建设工作，为我国网络安全综合防御体系筑起基石.

关键词: 等级保护, 网络安全, 全流程, 解决方案, 合规自检平台