Abstract: With the development of water conservancy informatization, Yangtze River Scientific Research Institute continues to strengthen internet technology IT application, which brings great convenience to hydro-science research and its management. Notwithstanding its convenience, IT application also raises some security issues with time passing by. At present, to examine each weak link of the network, to improve the overall network security and to avoid network security events have become the focus of work. In line with the actual network and business conditions of Yangtze River Scientific Research Institute, we discussed the content of network security construction of Yangtze River Scientific Research Institute by analyzing its current security risks from three aspects: network boundary, internal network and internal situation awareness. Furthermore, we proposed countermeasures from four aspects of boundary protection, terminal protection, server protection and situational awareness, and expounded the network security technical routes that can be implemented.

Key words: network security, cloud security protection, terminal security, situational awareness, virtual security, Yangtze River Scientific Research Institute