What is a network security
Network security is that the network system hardware, software and system data will be protected from accidental or malicious destruction and the reasons for the change, leaks, the system for normal operation and reliable network services without disruption.
1. Network security overview
With the rapid development of computer technology in the computer processing business from the math based on the single, document processing, based on the simple connection of the internal network of internal business processes, such as development of office automation based on complex internal network (Intranet) , outside the enterprise network (Extranet), the Global Internet (Internet), enterprise-class computer processing system and worldwide sharing of information and business processes. Improve handling capacity in the system at the same time, the system's connectivity is also constantly enhanced. But in the ability to connect information, the effectiveness of the circulation At the same time, based on the network connection security issues is increasingly conspicuous, and the overall network security is manifested in the following aspects: the physical network security, network topology security, network security, application system security and network management security.
So computer security issues, it should be like every household fire security issues, the Government should do. Not even think of your own will be targeted, there have been threats on the event, often unprepared, causing a great loss.
2. Physical safety analysis
Network security is the physical security of the entire network system premise. In the campus network in the construction of the network system is weak due to works of low pressure. Therefore, in the network engineering design and construction, the priority must be given to the protection and network equipment without electricity, fire and lightning against Considering cabling system and lighting wires, power lines, communication lines, heating ducts and cold air ducts the distance between Considering cabling system and insulation lines, naked lines and the ground and welding safety system must build mine, mine system will not only consider the mine buildings, it must also consider computers and other equipment Weak Pressure mine. Overall, the risk of physical security mainly, earthquakes, floods, fires and other environmental incidents; power failure; human operational error or mistake; equipment stolen, destroyed; electromagnetic interference; line intercepted; high availability hardware; Dual more redundant Balance design; room environment and alarm systems, security awareness, and so on, therefore, is to try to avoid the physical network security risks.
3. Network structure, the safety analysis
Network topology design have a direct impact on the security of network systems. If the internal and external communications network, the machine internal network security will be at risk, but also the same impact on the network of many other systems. Spread through the Internet will affect connected to the Internet / Intrant other network spreads, it could also involve legal, financial and other security-sensitive areas. Therefore, we design it is necessary to open server (WEB, DNS, EMAIL etc.), and other internal business network and the necessary network segregation and avoid network structure information compromised; at the same time, external network service requests to be filtered only allow normal communication of data packets arrive at their corresponding console, the other at the request of services in the mainframe should be rejected before.
4. System, the safety analysis
The so-called system of security refers to the entire network operating system and network hardware platform is reliable and trustworthy. At present I am afraid there is no absolute security can choose the operating system, whether it is the Microsfot Windows NT or any other commercial UNIX operating system, the developers will have its Back-Door. Therefore, we can reach the following conclusion: not completely secure operating system. Different users from different aspects of their network for detailed analysis, choose the highest possible safety of the operating system. So not only as reliable as possible to choose the operating system and hardware platform and operating system security configuration. Moreover, the need to strengthen login authentication process (especially in the mainframe before the arrival of authentication servers), ensuring that users of legitimacy should be followed strictly limit the operation log authority, the operation will be performed in the restricted within the scope of the smallest.
5. Application system, the safety analysis
Application of the safety system with the specific application, which covers a wide range. Application of the safety system is dynamic and constantly changing. Application security also involves the security of information, which includes many aspects.
-- Application System security is dynamic and constantly changing.
Application security involves many aspects, the current most widely used on the Internet E-mail system, its solutions are sendmail, Netscape Messaging Server, Software.Com Post.Office, Lotus Notes, Exchange Server, and so no less than two SUN CIMS more than 10 kinds. LDAP means involving its security, DES, RSA, and other methods. Application development system is constantly and application types is growing. In the application of the security of the system, the main consideration, as far as possible establishment of a safe system platform, but also through professional security tools to find loopholes to mend loopholes, and improve the security of the system.
-- Application related to the security of information and data security.
2006 ranked as antivirus software
Gold Award: BitDefender
Silver: Kaspersky
Bronze: F-Secure Anti-Virus
Fourth: PC-cillin
Fifth: ESET Nod32
Sixth: McAfee VirusScan
Seventh: Norton AntiVirus
8: AVG Anti-Virus
9th: eTrust EZ Antivirus
10: Norman Virus Control
11: AntiVirusKit
12: AVAST!
13: Panda Titanium
14: F-Prot
Information related to the security of confidential information leaks, unauthorized access, destruction of information integrity, counterfeiting, such as the availability of the system. In some network system, involving a lot of confidential information, some important information was stolen or damaged, and its economic and social implications and political implications will be very serious. Therefore, the computer user authentication must be carried out, important information communications must empower, transmission must be encrypted. Using multi-level access control, and power and control methods to achieve data security protection; use encryption technology to ensure that data transmission over the Internet of information (including passwords and account managers, upload information, etc.) confidentiality, and integrity.
6. Manage security risk analysis
Network management is the most important thing in the part of security. Select the right unknown, security management system is not perfect and the lack of operational management and so may cause security risks. When a network attack, or by some other network security threats (such as internal personnel operated in violation of regulations, etc.), can not be carried out real-time detection, monitoring, reporting and early warning. At the same time, when the accident occurred, were unable to provide the hacker attacks based on detection and tracking clues that the lack of network control and auditable. This requires us to visit the site to record levels of more timely discovery of illegal act of aggression.
Establish a brand-new network security mechanisms, we must thoroughly understand the network and can provide a direct solution, therefore, the most feasible approach is to develop a sound management system and strict management. Protection of the safe operation of the network, making it a good security, scalability and easy management of the information network will become a top priority. Once the security risks become a reality, caused by the loss of the entire network are incalculable. Therefore, the building of network security is the process of building the campus network an important part.
7. Network security
-- Physical measures: for example, the protection of key network equipment (such as switches, the large-scale computer, etc.), strict network security rules and regulations, to take radiation protection, fire prevention and installation of uninterruptible power supply (UPS), and other measures.
-- Access Control: the user access to network resources for the strict certification authority and control. For example, user authentication, password encryption, update and identification, with the user's files and directories, access permissions, and network equipment configuration control authority, and so on.
-- Data encryption: encryption to protect data security is an important means. Encryption is the role of information security can not be intercepted understand its meaning.
Prevent computer network virus, and install network anti-virus system.
-- Other measures: Other measures include information filtering, fault tolerance, data mirroring, data backup and auditing. In recent years, centering on the issue of network security put forward a number of solutions, such as data encryption and firewall technology. Data encryption is on the network transmission of data encryption, decryption arrive later reverted to the original data to prevent unauthorized users intercepted after the theft of information. Firewall technology is adopted for the network isolation and restricted access methods to control network access, thereby protecting network resources. Other safety technologies include key management, digital signature, authentication, smart card technology and access control, and so on.
Network security is one of computer science, network technology, communications technology, encryption technology, information security technology, applied mathematics, number theory, information theory and other disciplines comprehensive discipline.
Network security is that the network system hardware, software and system data will be protected from accidental or malicious destruction and the reasons for the change, leaks, the system for normal operation and reliable network services without disruption.
Network security is its essence, speaking on the network information security. Broadly speaking, any information relating to the network the confidentiality, integrity, availability, authenticity and controllability of the relevant technology and theory are network security research field.
Network Security Council with the specific meaning of "perspective" varies. For example: users (individuals, businesses, etc.) point of view, they want to personal privacy or commercial interests of the information in the transmission network is subject to confidentiality, integrity and authenticity of protection, avoid other people or opponent use of wire-tapping, impersonation, tampering with, or deny, such as means of violating the interests of users and implicit, the Q and destruction.
From the perspective of the operation of the network and managers say they want information on the local network access, read and write operations such as protection and control, to avoid the "trapdoor", viruses, unauthorized access, denial of service and network resources illegal occupation and illegal control , and other threats, repression and defense network hackers.
On the security sector, they hope to illegal, harmful or involve state secrets filter the information and blockades, to avoid leaking confidential information to avoid harm to the community, the country resulting in tremendous losses.
From a social perspective, education and ideology, unhealthy content on the network, will be the stability of society and human development are causing obstruction, must be controlled.
2 and enhance the network security awareness delay
With the rapid development of computer technology, information networks has become an important guarantee for social development. Information related to national network of government, military, culture, education, and other areas. Including storage, transmission and processing of information is important to many of the government's macroeconomic control policy, commercial economic information, bank funds transfers, stocks and shares, energy resources data, and scientific research data, and other important information. Many of sensitive information, or even a state secret. So will inevitably attract from all over the world manmade attacks (such as information leakage, theft, tampering with data, data cut-tim, computer viruses, etc.). At the same time, network entities to withstand such as floods, fires, earthquakes, electromagnetic radiation and other aspects of the test.
In recent years, computer crimes have increased dramatically computer crime has become a widespread international problem. According to the FBI report, computer crime is a commercial crime one of the largest types of crime, and the average amount of each crime for 45,000 US dollars, the annual computer crime caused economic losses as high as 50 billion dollars.
Most computer crime is transient, WAN, professional, temporal and spatial separation characteri
楼主 你至今还保留关于网络安全的英文文献吗??如果有的话 麻烦可以发给我吗?我的QQ:403577706 谢谢了!!