Abstract: Aiming to solve the problem of many small and medium-sized enterprises gradually being unable to defend against the progressive cybersecurity attacks, this paper designed a general design principle and architecture for enterprise network security construction after analyzing the network security risks that the small and medium-sized enterprises often confront, proposed a technical scheme of network security construction which covered communication security, perimeter security, computing environment security, security center, cloud security, and mobile application security. The proposed scheme can make the network security lever after enterprise transformation meet the requirements of relevant national laws and regulations.