Virtual network technology
Virtual network technology is mainly based on the LAN Switching Technology (ATM and Ethernet switching) developed in recent years. The switching technology develops the traditional LAN technology based on broadcasting into a connection oriented technology. Therefore, the network management system has the ability to limit the range of LAN communication without passing through expensive routers.
The benefits of network security brought by the above operation mechanism are obvious: information only reaches the place where it should arrive. Therefore, most intrusion means based on network monitoring are prevented. Through the access control set by the virtual network, the network nodes outside the virtual network can not directly access the nodes in the virtual network. However, the virtual network technology also brings a new security problem: executing virtual network The equipment of network switching is becoming more and more complex, so it has become the object of attack; the intrusion monitoring technology based on the principle of network broadcasting needs special settings in the high-speed switching network; the VLAN based on Mac can not prevent MAC spoofing attack.
Firewall is synonymous with network security. Firewall in network (including security gateway) It is a special network interconnection device and related technology used to strengthen the access control between networks, prevent external network users from entering the internal network through the external network by illegal means, access internal network resources, and protect the internal network operating environment. It checks the data packets transmitted between two or more networks, such as the link mode, according to a certain security policy to decide Whether the communication between networks is allowed, and monitor the operation status of the network.
Firewall products mainly include fortress host, packet filter router, application layer gateway (proxy server), circuit layer gateway, shielding host firewall, dual host and so on.
As the first barrier between internal network and external public network, firewall is one of the first network security products to be paid attention to. Although theoretically, firewall is at the bottom of network security and is responsible for security authentication and transmission between networks, with the overall development of network security technology and the continuous change of network application, modern firewall technology has gradually changed To move to other security levels outside the network layer, we should not only complete the filtering task of the traditional firewall, but also provide corresponding security services for various network applications. In addition, a variety of firewall products are developing towards data security and user authentication, preventing virus and hacker intrusion and so on.
Virus protection technology
Computer viruses (including Trojans and malware) have always been one of the main problems of information system security. Due to the wide interconnection of networks, the transmission path and speed of viruses have been greatly accelerated.
The routes of transmission of the virus include:
(1) Virus transmission through mobile storage devices: such as USB flash disk, CD, floppy disk, mobile hard disk, etc.
(2) Spread through the network: Web page, e-mail, instant messaging, FTP.
(3) Exploit the vulnerability propagation of computer system and application software.
In practical application, the virus usually spreads through the above multiple ways at the same time.
The above wonderful content comes from Jinan website construction company. For more wonderful content, please pay attention to our website: http://www.jnzyjz.cn