Abstract: This paper focused on the construction project of enterprise management information system, comprehensively analyzed the existing internal and external security risks through risk assessment methods, and designed a network security defense technology system guided by the "one center, three layers of protection" framework in classified protection 2.0 of cybersecurity. The paper conducted key technology research in areas such as Web application security, data security, and threat automation response, implemented Web application security protection technology, centralized data monitoring and auditing technology, comprehensive threat analysis and response technology, and met the requirements of level protection and offensive and defensive combat. This network security defense technology system has been applied in a railway design enterprise, effectively enhances the depth defense and active defense capabilities of the enterprise management information system.