◆ Second, network security equipment: 1. switches enable VLAN technology of security: switch on the definition of a port VLAN, all connected to the specific port terminal is part of the virtual network, and the entire network can support multiple VLAN.VLAN through the establishment of a network firewall makes unnecessary data traffic to a minimum, to isolate individual transmission between VLAN and possible problems, greatly increasing the network throughput, reduce network latency.
In the virtual network environment, you can divide the different virtual network to control in the same physical network segment of the communications between users. This effectively enables data confidential, and configure it not to trouble, a network administrator can logically reconfigure networks, rapid, simple, effectively balance the load flow, easily add, delete and modify user, without having to physically resize the network configuration. 2. the router security: in accordance with the principle of security configuration routers route router is the core of the entire network and the heart, the protection of the router security also requires network management in the configuration and management of the router process take appropriate security measures. 1. plug security loopholes to limit physical access to the system is to ensure that the router security one of the most effective method. Restrict physical access to the system of one of the methods is the console and Terminal sessions configured in a relatively short idle time automatically exit the system. Avoid connect a modem to the router auxiliary port is also very important. Once the limit physical access to the router, the user must ensure that the router security patches are up-to-date. 2. avoid identity crisis intruder often use weak passwords or default password attacks. Longer passwords, selection of 30 to 60 days of the validity period of passwords and other measures to help prevent this type of vulnerability. In addition, once important it staff resigns, the user should immediately replace the password. The user should be enabled on the router password encryption functionality. 3. disable unnecessary services recently many security incidents are the disabled do not need the importance of local services. Note that a user's consideration is scheduled. Scheduled on the effective operation of the network is essential. Even if the user makes sure that the deployment time synchronization, over time, the clock may gradually lose synchronization. Users can take advantage of a network.
No comments:
Post a Comment