Abstract: This is the sixth article in a series of articles on active safety network architecture. Classified Protection of Cybersecurity 2.0 proposes a "one center, triple protection" in-depth security protection system of security management center, secure communication network, secure area boundary, and secure computing environment, and proposes a new dimension of network security, further highlighting the importance of boundary management and centralized management and control.. The active safety network architecture can support the technical, management and expansion requirements of Classified Protection of Cybersecurity 2.0,, and highlights the realization of innovative technologies in new dimensions such as the safety management center and the boundary of the safe area,  enabling technical support for the implementation. The active security network architecture not only meets the requirements for security protection, but also enables the inherent security capabilities of the network to be actively and dynamically defended, which changes the thinking and mode of network security protection, and can significantly improve the efficiency and effectiveness of network security protection.

Key words: security management center, security zone boundary, security policy, certification access, cryptography technology

摘要： 本文是主动安全网络架构系列文章的第6篇．等保2.0提出安全管理中心、安全通信网络、安全区域边界、安全计算环境的“一个中心、三重防护”的纵深安全防护体系，提出了全新的网络安全维度，进一步突出了边界管理和集中管控的的重要性．主动安全网络架构可对等保2.0的技术、管理和扩展要求进行支撑，并突出了等级保护2.0的安全管理中心、安全区域边界等新维度的创新性技术实现，使得等保2.0的落地有了技术保障．主动安全网络架构在满足等保要求的同时，使得网络内生安全能力，可主动动态防御，改变了网络安全防护思路和模式，可显著提高网络安全防护的效率和效果．

关键词: 安全管理中心, 安全区域边界, 安全策略, 认证准入, 密码技术