Virtual network technology

虛擬網(wǎng)技術(shù)主要基于近年發(fā)展的局域網(wǎng)交換技術(shù)(ATM和以太網(wǎng)交換）。交換技術(shù)將傳統(tǒng)的基于廣播的局域網(wǎng)技術(shù)發(fā)展為面向連接的技術(shù)。因此，網(wǎng)管系統(tǒng)有能力限制局域網(wǎng)通訊的范圍而無需通過開銷很大的路由器。

Virtual network technology is mainly based on the LAN Switching Technology (ATM and Ethernet switching) developed in recent years. The switching technology develops the traditional LAN technology based on broadcasting into a connection oriented technology. Therefore, the network management system has the ability to limit the range of LAN communication without passing through expensive routers.

由以上運行機制帶來的網(wǎng)絡(luò)安全的好處是顯而易見的：信息只到達(dá)應(yīng)該到達(dá)的地點。因此防止了大部分基于網(wǎng)絡(luò)監(jiān)聽的入侵手段。通過虛擬網(wǎng)設(shè)置的訪問控制，使在虛擬網(wǎng)外的網(wǎng)絡(luò)節(jié)點不能直接訪問虛擬網(wǎng)內(nèi)節(jié)點。但是，虛擬網(wǎng)技術(shù)也帶來了新的安全問題：執(zhí)行虛擬網(wǎng)交換的設(shè)備越來越復(fù)雜，從而成為被攻擊的對象；基于網(wǎng)絡(luò)廣播原理的入侵監(jiān)控技術(shù)在高速交換網(wǎng)絡(luò)內(nèi)需要特殊的設(shè)置；基于MAC的VLAN不能防止MAC欺騙攻擊。

The benefits of network security brought by the above operation mechanism are obvious: information only reaches the place where it should arrive. Therefore, most intrusion means based on network monitoring are prevented. Through the access control set by the virtual network, the network nodes outside the virtual network can not directly access the nodes in the virtual network. However, the virtual network technology also brings a new security problem: executing virtual network The equipment of network switching is becoming more and more complex, so it has become the object of attack; the intrusion monitoring technology based on the principle of network broadcasting needs special settings in the high-speed switching network; the VLAN based on Mac can not prevent MAC spoofing attack.

防火墻技術(shù)

Firewall technology

防火墻可以說是網(wǎng)絡(luò)安全的代名詞。網(wǎng)絡(luò)中的防火墻（包括安全網(wǎng)關(guān)）是一種用來加強網(wǎng)絡(luò)之間訪問控制，防止外部網(wǎng)絡(luò)用戶以非法手段通過外部網(wǎng)絡(luò)進(jìn)入內(nèi)部網(wǎng)絡(luò)，訪問內(nèi)部網(wǎng)絡(luò)資源，保護(hù)內(nèi)部網(wǎng)絡(luò)操作環(huán)境的特殊網(wǎng)絡(luò)互聯(lián)設(shè)備及相關(guān)技術(shù)。它對兩個或多個網(wǎng)絡(luò)之間傳輸?shù)臄?shù)據(jù)包如鏈接方式按照一定的安全策略來實施檢查，以決定網(wǎng)絡(luò)之間的通信是否被允許，并監(jiān)視網(wǎng)絡(luò)運行狀態(tài)。

Firewall is synonymous with network security. Firewall in network (including security gateway) It is a special network interconnection device and related technology used to strengthen the access control between networks, prevent external network users from entering the internal network through the external network by illegal means, access internal network resources, and protect the internal network operating environment. It checks the data packets transmitted between two or more networks, such as the link mode, according to a certain security policy to decide Whether the communication between networks is allowed, and monitor the operation status of the network.

防火墻產(chǎn)品主要有堡壘主機，包過濾路由器，應(yīng)用層網(wǎng)關(guān)(代理服務(wù)器)以及電路層網(wǎng)關(guān)，屏蔽主機防火墻，雙宿主機等類型。

Firewall products mainly include fortress host, packet filter router, application layer gateway (proxy server), circuit layer gateway, shielding host firewall, dual host and so on.

作為內(nèi)部網(wǎng)絡(luò)與外部公共網(wǎng)絡(luò)之間的道屏障，防火墻是先受到人們重視的網(wǎng)絡(luò)安全產(chǎn)品之一。雖然從理論上看，防火墻處于網(wǎng)絡(luò)安全的底層，負(fù)責(zé)網(wǎng)絡(luò)間的安全認(rèn)證與傳輸，但隨著網(wǎng)絡(luò)安全技術(shù)的整體發(fā)展和網(wǎng)絡(luò)應(yīng)用的不斷變化，現(xiàn)代防火墻技術(shù)已經(jīng)逐步走向網(wǎng)絡(luò)層之外的其他安全層次，不僅要完成傳統(tǒng)防火墻的過濾任務(wù)，同時還能為各種網(wǎng)絡(luò)應(yīng)用提供相應(yīng)的安全服務(wù)。另外還有多種防火墻產(chǎn)品正朝著數(shù)據(jù)安全與用戶認(rèn)證，防止病毒與黑客侵入等方向發(fā)展。

As the first barrier between internal network and external public network, firewall is one of the first network security products to be paid attention to. Although theoretically, firewall is at the bottom of network security and is responsible for security authentication and transmission between networks, with the overall development of network security technology and the continuous change of network application, modern firewall technology has gradually changed To move to other security levels outside the network layer, we should not only complete the filtering task of the traditional firewall, but also provide corresponding security services for various network applications. In addition, a variety of firewall products are developing towards data security and user authentication, preventing virus and hacker intrusion and so on.

病毒防護(hù)技術(shù)

Virus protection technology

計算機病毒（包括木馬，惡意軟件）歷來是信息系統(tǒng)安全的主要問題之一。由于網(wǎng)絡(luò)的廣泛互聯(lián)，病毒的傳播途徑和速度大大加快。

Computer viruses (including Trojans and malware) have always been one of the main problems of information system security. Due to the wide interconnection of networks, the transmission path and speed of viruses have been greatly accelerated.

病毒的傳播途徑包括：

The routes of transmission of the virus include:

(1) 通過移動存儲設(shè)備進(jìn)行病毒傳播：如U盤、CD、軟盤、移動硬盤等。

(1) Virus transmission through mobile storage devices: such as USB flash disk, CD, floppy disk, mobile hard disk, etc.

(2) 通過網(wǎng)絡(luò)來傳播：網(wǎng)頁、電子郵件、即時通信、FTP。

(2) Spread through the network: Web page, e-mail, instant messaging, FTP.

(3) 利用計算機系統(tǒng)和應(yīng)用軟件的漏洞傳播。

(3) Exploit the vulnerability propagation of computer system and application software.

在實際應(yīng)用中，病毒通常時同時借助上述多種途徑進(jìn)行傳播。

In practical application, the virus usually spreads through the above multiple ways at the same time.

以上的精彩內(nèi)容來自：濟(jì)南網(wǎng)站建設(shè)公司更多的精彩內(nèi)容請關(guān)注我們的網(wǎng)站：http://mails.szecar.cn

The above wonderful content comes from Jinan website construction company. For more wonderful content, please pay attention to our website: http://mails.szecar.cn