| 基于网络准入控制的内网安全防护方案探讨 |
| |
| 引用本文: | 梁彪. 基于网络准入控制的内网安全防护方案探讨[J]. 广西电力, 2014, 37(6): 59-62 |
| |
| 作者姓名: | 梁彪 |
| |
| 作者单位: | 广西电网有限责任公司桂林供电局,广西桂林,541002 |
| |
| 摘 要: | 为抵御来自内网的安全威胁,保障供电局网络信息安全,探讨内网安全防护方案.通过分析内网信息安全事件原因,对比两种802.1X认证的控制方式,根据内网安全现状和需求,采用NAC准入控制系统结合接入交换机基于端口的802.1x认证方式,设计了桂林供电局内网安全防护解决方案.给出了网络准入控制系统的总体系统架构及策略管理服务器、准入控制服务器、接入层交换机等系统组成部分的具体部署方式.应用效果表明,该方案在病毒防范等内网安全防护方面有积极作用.
|
| 关 键 词: | 内网安全防护 网络准入控制 802.1x认证 |
Discussion on Internal Network Security Protection Scheme Based on Network Access Control |
| |
| LIANG Biao. Discussion on Internal Network Security Protection Scheme Based on Network Access Control[J]. Guangxi Electric Power, 2014, 37(6): 59-62 |
| |
| Authors: | LIANG Biao |
| |
| Affiliation: | LIANG Biao (Guilin Power Supply Bureau, Guangxi Power Grid Co., Ltd., Guilin 541002, China) |
| |
| Abstract: | In order to against the security threat from internal network and guarantee the network information security of power supply bureau, the internal network security protection scheme is discussed.By analyzing reasons of internal network information security events and comparing two kinds of 802.1X authentication control modes, and based on the internal network security status and requirements, the NAC access control system combing with the port based 802. 1X authentication control mode which connected to switch is adopted. The internal network security protection solution scheme for Guilin power supply bureau is designed. The overall system architecture of the network access control system and the specific deployment of system components including strategy management server, access control server and access layer switch and so on are given. Application results show that the scheme has positive roles in the internal network security protections such as virus defense and so on. |
| |
| Keywords: | intranet security protection network access control, 802.1 x authentications |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
