Discussion on campus network security control strategy [Abstract] Digital university has become the main goal of information construction and development in colleges and universities. As the main carrier of information construction, campus network security has become the primary problem that can not be ignored in the network construction of colleges and universities. According to the current situation and characteristics of network security in colleges and universities, this paper puts forward corresponding control strategies. [Keywords:] network; Security policy; Data; With the continuous development of China's economy and science and technology, educational informationization and campus networking, as the educational mode and environment in the network age, have become the direction of educational development. With the rapid expansion of university network scale and the rapid growth of network users, campus network security has become the primary problem that cannot be ignored in the current university network construction. 2. The current situation of campus network security in colleges and universities 2. 1 The security of operating systems At present, the widely used network operating systems mainly include UNIX, WINDOWS, Linux and so on. These operating systems all have various security problems, and many new computer viruses are infected by using the loopholes in the operating system. If the operating system is not updated in time to make up for all kinds of loopholes, even if anti-virus software is installed, the computer will be infected repeatedly. 2.2 Viruses destroy the normal operation of computer systems, destroy system software and file systems, destroy network resources, drastically reduce network efficiency, and even cause computer and network system paralysis, which are the main factors affecting the network security of colleges and universities. 2.3 Hackers In the security industry standards of People's Republic of China (PRC) and People's Republic of China (PRC), hackers are defined as "people who have unauthorized access to computer systems", which is also the understanding of hackers by most people at present. Most hackers don't analyze the source code of the operating system or application software, find out the loopholes and write their own tools, but they can flexibly use the very rich off-the-shelf tools they have. The common methods of hacker intrusion are: port monitor, port scanning, password intrusion, JAVA bomb, etc. 2.4 Password intrusion is convenient for management and billing. Generally speaking, the school will assign an account to each teacher and student who surf the Internet, and assign corresponding permissions according to their application scope. Some people steal other people's passwords by abnormal means in order to access the content that should not be accessed or pass on the internet cost to others, resulting in confusion in cost management. 2.5 abnormal access or internal destruction in colleges and universities, some people destroy or tamper with personnel files for revenge; Someone changed the program settings, resulting in system confusion; Some people go beyond their authority to handle official duties and steal confidential information for personal gain; Some students get answers to exercises or exam contents by abnormal means, which makes normal teaching practice meaningless. These security risks have seriously undermined the management order of the school. 2.6 After the campus network spreading bad information is connected, both teachers and students can surf the Internet on their own computers through the campus network. At present, all kinds of information on the internet are mixed, and websites involving pornography, violence and cult content are flooded. These toxic messages violate human moral standards and relevant laws and regulations, and do great harm to students whose world outlook and outlook on life are forming. 2.7 Equipment damage Equipment damage mainly refers to the damage of network hardware equipment. The equipment involved in the campus network is distributed all over the campus, which is very difficult to manage. Any facility placed in a place that cannot be locked may be destroyed intentionally or unintentionally, resulting in serious consequences of total or partial paralysis of the campus network. 2.8 Restrict the use of sensitive servers Because there are a large number of important databases and files on sensitive servers such as finance, they have to be physically isolated from the campus network for fear of security problems, which makes the application software unable to play a real role. 2.9 Problems beyond technology The campus network is a special network environment. With the expansion of campus network, most colleges and universities have basically realized the internet access in teaching and research rooms, student dormitories and teachers' homes. Due to the expansion of internet sites, network supervision is more difficult. Because some college students are interested in network knowledge and have a high level of professional knowledge, some graduate students even study network security, so attacking campus network has become their first choice to display their talents and practice what they have learned. Secondly, many teachers and students are weak in computer network security awareness and lack of security knowledge. The rules and regulations of the school are not perfect enough to effectively regulate and restrain the online behavior of students and staff. 3 campus network security policy security policy refers to the rules that must be observed in order to ensure a certain level of security protection in a specific environment. The security strategy includes strict management, advanced technology and relevant laws. The security policy determines the methods and means to ensure the security of the network system. In other words, we must first know what we need, make a suitable strategic plan to meet the demand, and then consider how to implement it technically. 3. 1 Physical Security Policy Ensuring the physical security of various devices in the computer network system is the premise of the whole network security. Physical security is a process to protect computer network equipment, facilities and other media from environmental accidents such as earthquakes, floods and fires, as well as the damage caused by human errors or mistakes and various computer crimes. Its purpose is to protect computer systems, web servers, printers and other hardware entities and communication link layer network equipment from natural disasters, man-made destruction and wiring attacks. It mainly includes two aspects: 3. 1. 1 environmental safety. The security protection of the system environment ensures that the computer system has a good electromagnetic compatibility working environment. 3. 1.2 Equipment safety. Including anti-theft, anti-destruction, anti-electromagnetic information radiation leakage, anti-electromagnetic interference, equipment power protection. 3.2 Access control policy. The main task of access control is to ensure that network resources are not illegally used and accessed, and it is one of the most important core strategies to ensure network security. 3.2. 1 network access control. Network access control provides the first layer of access control for network access, controlling which users can log on to the server and obtain network resources; Controls when users are allowed to access the network and at which workstation they are allowed to access the network. 3.2.2 Network access control. Network access control is a security protection measure against illegal network operations. Users and user groups are given certain rights. The network controls which directories, subdirectories, files and other resources users and user groups can access; You can specify what users can do with these files, directories and devices. 3.2.3 Directory-level security control. The network should allow users to control their access to directories, files and devices. The permissions specified by users at the directory level are valid for all files and subdirectories, and users can further specify the permissions of subdirectories and files under directories. 3.2.4 Attribute security control. When using files, directories and network devices, the network system administrator should specify the access attributes of files, directories, etc. Attribute security control can associate a given attribute with files, directories and network devices of a network server. Attribute security provides further security on the basis of permission security. 3.2.5 Network server security control. The network allows a series of operations to be performed on the server console. Users can use the console to load and unload modules, install and delete software and other operations. The security control of network server includes setting a password to lock the server console to prevent illegal users from modifying, deleting important information or destroying data; You can set the time limit for server login and the time interval for illegal visitor detection and shutdown. 3.2.6 Network monitoring and locking control. Network administrators should monitor the network, and servers should record users' access to network resources. For illegal network access, the server should give an alarm in the form of graphics, text or sound to attract the attention of the network administrator. If criminals try to access the network, the network server should automatically record the number of attempts to access the network. If the number of illegal visits reaches the set value, the account will be automatically locked. 3.2.7 Security control of network ports and nodes. A port is a virtual "portal" through which information enters and resides in the computer. The ports of servers in the network are usually protected by automatic callback devices and silent modems, and the identity of nodes is identified in encrypted form. Automatic dial-back devices are used to prevent impersonation of legitimate users, and silent modems are used to prevent hackers' automatic dialing programs from attacking computers. The network often controls the server and client, and users must carry authorization codes (such as smart cards, magnetic cards and secure password generators) to confirm their identities. After the user's identity is verified, the user is allowed to enter the client. Then, the client and server authenticate each other. 3.3 Firewall Control Strategy A firewall is a technical measure to protect computer network security and a barrier to prevent hackers in the network from accessing an organization's network. It is a system (software or hardware or both) located between two networks, which is used to restrict external illegal (unauthorized) users from accessing internal network resources. Through the establishment of the corresponding network communication monitoring system, the internal and external networks are isolated, the invasion of external networks is blocked, and theft or malicious attacks are prevented. 3.4 Information Encryption Strategy The purpose of information encryption is to protect data, files, passwords and control information in the network and protect data transmitted on the network. There are three common methods of network encryption: link encryption, endpoint encryption and node encryption. Link encryption is to protect the security of link information between network nodes; Endpoint encryption is to protect data from source users to destination users; Node encryption is to protect the transmission link between the source node and the destination node. The process of information encryption is realized by various encryption algorithms. In most cases, information encryption is the only way to ensure the confidentiality of information. 3.5 Network Intrusion Detection Technology Any network activity that attempts to undermine the integrity, confidentiality and credibility of an information system is called network intrusion. Intrusion detection is defined as the process of identifying malicious attempts and behaviors against computer or network resources and responding to them. It not only detects intrusions from outside, but also detects unauthorized activities from internal users. Intrusion detection applies the strategy of both attack and defense, and the data it provides may not only be used to discover the abuse of authority by legitimate users, but also provide effective evidence for investigating the legal responsibility of intruders to some extent. 3.6 Backup and mirroring technology uses backup and mirroring technology to improve integrity. Backup technology is the most commonly used measure to improve data integrity. It refers to backing up the data that needs to be protected in another place. Once the original is lost, you can use data backup. Mirroring technology means that two devices perform exactly the same work, and if one of them fails, the other can still work. 3.7 Filtering Harmful Information For the campus network, due to the particularity of users, it is necessary to filter harmful information on the network to prevent some pornographic, violent and reactionary information from endangering students' physical and mental health, and a complete network management and information filtering system must be adopted. Realize the harmful information filtering management of computers on campus. 3.8 Network security management norms The solution of network security technology must rely on the support of security management norms. In terms of network security, in addition to taking technical measures, strengthening network security management and formulating relevant rules and regulations will play a very effective role in ensuring the safe and reliable operation of the network. The security management strategy of the network includes: determining the level and scope of security management; Formulate relevant network operation and use rules and personnel access to the computer room management system; Formulate the maintenance system and emergency measures of the network system. Conclusion The security of campus network is not only a problem of equipment and technology, but also a problem of management. For the administrators of the campus network, it is necessary to improve the awareness of network security, strengthen the mastery of network security technology, attach importance to the training of network security knowledge for students and staff, and formulate a complete set of rules and regulations to regulate the behavior of netizens. Refer to Xie Xiren. Computer network [M]. Liaoning: Dalian University of Technology Press, 2000.