Abstract: With the rise of new technologies such as big data, Internet of Things and cloud computing, traditional and new cyber security threats have become a new challenge to enterprise cyber security. Enterprises in the construction of network security at the same time also need certain technical means and methods to test the ability of enterprise network security protection. At present, the network attack and defense drill is the main way for enterprises to test their own network security protection ability in the real environment. In the attack and defense drill, the network security monitoring is the focus of the defense. This article mainly from the role of the offensive and defensive drills in network security monitoring, offensive and defensive drills in network security monitoring and network security monitoring work challenges of three aspects, systematically in this paper, the network security monitoring in the whole work methods and focus on the difficulty in the offensive and defensive drills, and combining with the working experience, the author puts forward a solution. In order to help enterprises to better carry out network security monitoring in the offensive and defense drill, improve the level of enterprise network security protection and network security operation level

Key words: information technology, network security, attack and defense drill, safety monitoring

摘要： 随着大数据、物联网、云计算等新技术的崛起，传统和新型网络安全威胁已经成为企业网络安全面临的全新挑战．企业在进行网络安全建设的同时也需要一定的技术手段和方法对企业的网络安全防护能力进行检验．目前，网络攻防演练是企业在真实环境中检验自身网络安全防护能力的主要方式．而在攻防演练中，网络安全监测工作又是防守方工作的重点．本文主要从攻防演练中网络安全监测的作用、攻防演练中网络安全监测工作开展和网络安全监测工作面临的挑战3个方面，系统地阐述网络安全监测工作在整个攻防演练中工作方法和重点难点，并结合作者实际工作经验，提出解决办法．以期帮助企业的更好地在攻防演练中开展网络安全监测工作，提高企业网络安全防护水平和网络安全运营水平．

关键词: 信息技术, 网络安全, 攻防演练, 安全监测