Network security analysis

The network analysis system is a network management solution that allows network managers to prescribe the right remedy for various network security issues. It detects, analyzes, and diagnoses all data transmitted in the network, helping users eliminate network accidents and avoid security risks. Improve network performance and increase the value of network availability.

Physical security

The physical security of the network is the prerequisite for the security of the entire network system. In the construction of the campus network project, because the network system is a weak current project, the withstand voltage is very low. Therefore, in the design and construction of network engineering, priority must be given to protecting people and network equipment from electricity, fire, and lightning strikes; consideration should be given to wiring systems and lighting wires, power wires, communication lines, heating pipes, and hot and cold air pipes. Consider the safety of wiring systems and insulated wires, naked wires, and grounding and welding; lightning protection systems must be built. The lightning protection system not only considers the lightning protection of buildings, but also must consider the lightning protection of computers and other weak current withstand voltage equipment. Generally speaking, the risks of physical security mainly include environmental accidents such as earthquakes, floods, and fires; power failure; human error or error; equipment stolen or destroyed; electromagnetic interference; line interception; high-availability hardware; dual machines with multiple redundancy The rest of the design; the environment of the computer room and the alarm system, security awareness, etc., so we must pay attention to these security risks, and at the same time try to avoid the physical security risks of the network.

Network structure

The network topology design also directly affects the security of the network system. If there is communication between the external and internal networks, the machine security of the internal network will be threatened, and it will also affect many other systems on the same network. Dissemination through the network will also affect other networks connected to the Internet/Intranet; as far as the impact is, it may also involve security-sensitive areas such as law and finance. Therefore, when designing, it is necessary to isolate public servers (WEB, DNS, EMAIL, etc.) from the external network and other internal business networks to avoid the leakage of network structure information; at the same time, we must filter the service requests of the external network. Only normal communication packets are allowed to reach the corresponding host, and other requested services should be rejected before they reach the host.

system security

The so-called system security refers to whether the entire network operating system and network hardware platform are reliable and trustworthy. I am afraid that there is no absolutely secure operating system to choose from. Whether it is Microsoft's Windows NT or any other commercial UNIX operating system, its developer must have its Back-Door. Therefore, we can draw the following conclusion: There is no completely secure operating system. Different users should make a detailed analysis of their network from different aspects and choose an operating system with the highest possible security. Therefore, it is not only necessary to choose the most reliable operating system and hardware platform, but also to configure the operating system safely. Moreover, the authentication of the login process must be strengthened (especially the authentication before reaching the server host) to ensure the legitimacy of the user; secondly, the operation authority of the login should be strictly restricted, and the operations performed by it should be restricted to the minimum range.

Application system security

The security of the application system is related to the specific application, and it involves a wide range of aspects. The security of the application system is dynamic and constantly changing. Application security also involves information security, which includes many aspects.

——The security of the application system is dynamic and constantly changing.

Application security involves many aspects. For the most widely used E-mail system on the Internet, its solutions include sendmail, Netscape Messaging Server, SoftwareCom Post.Office, Lotus Notes, Exchange Server, SUN CIMS, etc., more than 20 kinds. . Its security methods involve various methods such as LDAP, DES, and RSA. Application systems are constantly evolving and application types are constantly increasing. In terms of the security of the application system, the main consideration is to establish a safe system platform as much as possible, and to continuously discover and repair vulnerabilities through professional security tools to improve the security of the system.

——The security of the application involves the security of information and data.

Information security involves leakage of confidential information, unauthorized access, destruction of information integrity, counterfeiting, and destruction of system availability. In some network systems, a lot of confidential information is involved. If some important information is stolen or destroyed, its economic, social and political impact will be very serious. Therefore, the user must be authenticated when using the computer, the communication of important information must be authorized, and the transmission must be encrypted. Multi-level access control and authority control methods are adopted to realize the security protection of data; encryption technology is adopted to ensure the confidentiality and integrity of information transmitted online (including administrator passwords and accounts, uploaded information, etc.).

Manage risk

Management is the most important part of network security. Unclear responsibilities, imperfect safety management system and lack of operability may cause management safety risks. When there are attacks on the network or other security threats to the network (such as illegal operations by insiders, etc.), real-time detection, monitoring, reporting, and warning cannot be performed. At the same time, when an accident occurs, it cannot provide traces of hacker attacks and a basis for solving the case, that is, lack of controllability and auditability of the network. This requires that we must conduct multi-level records of site visits and discover illegal intrusions in a timely manner.

The establishment of a new network security mechanism requires a deep understanding of the network and the ability to provide direct solutions. Therefore, the most feasible approach is to develop a sound management system combined with strict management. Ensuring the safe operation of the network and making it an information network with good security, scalability and ease of management has become the primary task. Once the above-mentioned security risks become a reality, the resulting losses to the entire network are difficult to estimate.