| 计算机园区网络安全解决方案 |
| |
| 引用本文: | 朱艳红,孟军英.计算机园区网络安全解决方案[J].兵工自动化,2007,26(4):53-55. |
| |
| 作者姓名: | 朱艳红 孟军英 |
| |
| 作者单位: | 石家庄邮电职业技术学院,计算机系,河北石家庄050021;石家庄学院计算机系,河北石家庄050035 |
| |
| 摘 要: | 根据园区网络拓扑结构图提出不同层次的安全解决方案及网络安全认证措施.接入层基于不同部门划分,同时对S2150G的每个端口进行最大连接数设置,并绑定用户的MAC和IP地址,防止网络内部的恶意欺骗和攻击.若某一端口发生违例时间,则自动关闭该端口.汇聚层利用IP扩展访问控制列表实现对应用服务的访问限制.核心路由器上主要配置访问控制列表ACL的出栈应用.
|
| 关 键 词: | 园区网 内网 安全设置 权限认证 |
| 文章编号: | 1006-1576(2007)04-0053-03 |
| 收稿时间: | 2007-01-13 |
| 修稿时间: | 2007-03-18 |
Resolve Project of Computer Region-Network Security |
| |
| ZHU Yan-hong,MENG Jun-ying.Resolve Project of Computer Region-Network Security[J].Ordnance Industry Automation,2007,26(4):53-55. |
| |
| Authors: | ZHU Yan-hong MENG Jun-ying |
| |
| Affiliation: | 1. Dept. of Computer Science, Shijiazhuang Post Vocational Technology College, Shijiazhuang 050021, China; 2. Dept. of Computer Science, Shijiazhuang College, Shijiazhuang 050035, China |
| |
| Abstract: | The resolve project of computer region-network security and network security certificates on different levels,which based on the networks topology of computer region-network.The classification of access layer is based on the different department.Meanwhile,in order to prevent the malicious cheat and attacks from inner network,sets the maximal connection numbers of each port of S2150G,also binds the IP address and MAC address of users.When there is a violation,the port will be closed automatically.The aggregation layer uses the IP extend access control list to implement the access control.The main allocation access of core router controls the stack out of ACL. |
| |
| Keywords: | Region-network Intranet Security setting Authority authentication |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
