The specific meaning of network security will change with the change of "angle". For example, from the perspective of users (individuals, enterprises, etc.). ), they hope that information related to personal privacy or business interests will be protected by confidentiality, integrity and authenticity when transmitted on the network, so as to prevent others or opponents from using eavesdropping, impersonation, tampering, denial and other means to infringe on users' interests and privacy.
Network security should have the following five characteristics:
Confidentiality: The characteristic that information is not disclosed or used by unauthorized users, entities or processes.
Integrity: the characteristics of data cannot be changed without authorization. In other words, information remains unchanged, not destroyed or lost during storage or transmission.
Availability: Functions that authorized entities can access and use as needed. That is, whether the required information can be accessed when needed. For example, denial of service in the network environment, destroying the normal operation of the network and related systems, are all attacks on usability;
Controllability: the ability to control the dissemination and content of information.
Auditability: provide basis and means when security problems occur.
From the perspective of network operators and managers, they hope to protect and control the access, reading and writing of local network information, so as to avoid threats such as "trap door", virus, illegal access, denial of service and illegal occupation of control network resources, and to prevent and defend the attacks of network hackers. For the security department, they hope to filter and stop illegal, harmful or state secrets, so as to avoid the disclosure of confidential information, avoid harm to society and cause great losses to the country. From the perspective of social education and ideology, unhealthy content on the Internet will hinder social stability and human development and must be controlled.
With the rapid development of computer technology, the business processed on the computer has also developed from a single computer-based mathematical operation, file processing, internal business processing and office automation based on a simple intranet to an enterprise-level computer processing system based on a complex intranet, extranet and Internet, and information sharing and business processing have spread all over the world. While the processing capacity of the system is improving, the connection capacity of the system is also improving. However, with the improvement of connection information and circulation ability, the security problem based on network connection has become increasingly prominent. The overall network security is mainly manifested in the following aspects: network physical security, network topology security, network system security, application system security and network management security.
Therefore, computer security problems should be prevented before they happen, just like fire prevention and theft prevention in every household. Even when you don't think you will be the target, the threat has already appeared. Once it happens, it will often be caught off guard and cause huge losses.
Physical safety analysis
The physical security of the network is the premise of the whole network system security. In the construction of campus network engineering, because the network system belongs to weak current engineering, the withstand voltage value is very low. Therefore, in the design and construction of network engineering, priority must be given to protecting personnel and network equipment from the harm of electricity, fire and lightning; Consider the distance between the wiring system and lighting lines, power lines, communication lines, heating pipes, cold and hot air pipes; Consider the safety of wiring system, insulated wire, bare wire, grounding and welding; It is necessary to build a lightning protection system, considering not only the lightning protection of buildings, but also the lightning protection of weak current withstand voltage equipment such as computers. Generally speaking, personal safety risks mainly include environmental accidents such as earthquakes, floods and fires; Power failure; Human error or error; The equipment is stolen or destroyed; Electromagnetic interference; Line interception; High availability hardware; Dual-machine multi-redundancy design; Computer room environment and alarm system, safety awareness, etc. , so try to avoid the physical security risks of the network.
Security analysis of network structure
The design of network topology also directly affects the security of network system. If the internal and external networks are interconnected, the machine security of the internal network will be threatened, and it will also affect many other systems on the same network. Transmission through the network will also affect other networks connected to the Internet/intranet; The impact may also involve security sensitive areas such as law and finance. Therefore, it is necessary to isolate public servers (WEB, DNS, EMAIL, etc.). ) from the external network and other internal business networks, in order to avoid the leakage of network structure information. At the same time, the service requests of the external network are filtered, and only normal communication packets are allowed to reach the corresponding host, and other requested services are rejected before reaching the host.
Security analysis of the system
The so-called system security refers to whether the entire network operating system and network hardware platform are reliable and trustworthy. I'm afraid there is no absolutely safe operating system to choose from. Whether it is Windows NT of Microsfot Fot Fot or any other commercial UNIX operating system, its developers must have their own back door. Therefore, we can draw the following conclusion: there is no completely secure operating system. Different users should analyze their networks in detail from different aspects and choose the most secure operating system as far as possible. Therefore, we should not only choose as reliable an operating system and hardware platform as possible, but also configure the operating system safely. Moreover, we must strengthen the authentication during the login process (especially before reaching the server host) to ensure the legitimacy of users; Secondly, the operator's operating authority should be strictly limited, and the operations he has completed should be limited to a minimum.
Security analysis of application system
The security of application system is related to the specific application, involving a wide range. The security of application system is dynamic and constantly changing. Application security also involves information security, which includes many aspects.
-The security of the application system is dynamic and constantly changing.
Application security involves many aspects. There are more than twenty solutions to the e-mail system widely used on the Internet, such as sendmail, Netscape Messaging Server and Software.Com Post. Office, Lotus Notes, Exchange Server and SUN CIMS. Its security means involve LDAP, DES, RSA, etc. The application system is developing constantly, and the application types are increasing. In the aspect of application system security, we mainly consider building a secure system platform as much as possible, and constantly discovering and repairing vulnerabilities through professional security tools to improve system security.
-Application security involves the security of information and data.
Information security involves the disclosure of confidential information, unauthorized access, destruction of information integrity, forgery, destruction of system availability and so on. In some network systems, a lot of confidential information is involved. If some important information is stolen or destroyed, its economic, social and political impact will be very serious. Therefore, users must be authenticated when using computers, the exchange of important information must be authorized, and the transmission must be encrypted. Multi-level access control and authority control are adopted to realize data security protection; Adopt encryption technology to ensure the confidentiality and integrity of information transmitted on the Internet (including administrator password and account, uploaded information, etc.). ).
Security risk analysis of management
Management is the most important part of network security. Unclear rights and responsibilities, imperfect safety management system and lack of operability may all cause management safety risks. When the network is subjected to other security attacks or threats (such as illegal operation by insiders), it is impossible to detect, monitor, report and warn in real time. At the same time, when the accident happens, it can't provide the basis for tracking clues and cracking hacker attacks, that is, it lacks the controllability and auditability of the network. This requires us to record the visit activities of the website at multiple levels and find illegal intrusions in time.
To establish a brand-new network security mechanism, we must deeply understand the network and provide direct solutions. Therefore, the most feasible way is to combine a sound management system with strict management. Ensuring the safe operation of the network and making it an information network with good security, expansibility and manageability has become the primary task. Once the above security risks become a reality, it is difficult to estimate the losses caused to the whole network. Therefore, network security construction is an important part of campus network construction.