Computer network security technology, referred to as network security technology, refers to the technical means to solve the problems of how to effectively intervene and control and how to ensure the security of data transmission, which mainly includes physical security analysis technology, network structure security analysis technology, system security analysis technology, management security analysis technology and other security services and security mechanism strategies.

Technical classification

Virtual network technology

Virtual network technology is mainly based on LAN switching technology (ATM and Ethernet switching) developed in recent years. Switching technology develops the traditional broadcast-based LAN technology into a connection-oriented technology. Therefore, the network management system has the ability to limit the communication range of the local area network without going through an expensive router.

Firewall technology

Network firewall technology is a special network interconnection equipment, which is used to strengthen the access control between networks, prevent external users from illegally entering the internal network through the external network, access the internal network resources, and protect the internal network operating environment. It checks the data packets transmitted between two or more networks according to certain security policies to determine whether to allow communication between networks and monitor the network operation status.

Firewall products mainly include fortress host, packet filtering router, application layer gateway (proxy server) and circuit layer gateway, shielded host firewall, dual-homed host and so on.

Virus protection technology

Virus has always been one of the main problems of information system security. Due to the extensive interconnection of the network, the transmission route and speed of the virus have been greatly accelerated.

The transmission route of the virus is divided into:

(1) spread by FTP and mail.

(2) spread through floppy disks, CDs and tapes.

(3) Spread through web browsing, mainly malicious Java control websites.

(4) Spread through groupware system.

The main technologies of virus protection are as follows:

(1) Stop the spread of the virus.

Install virus filtering software on firewall, proxy server, SMTP server, network server and groupware server. Install virus monitoring software on desktop computer.

(2) Check and remove the virus.

Use antivirus software to check and remove viruses.

(3) virus database upgrade.

The virus database should be constantly updated and distributed to the desktop system.

(4) Install Java and ActiveX control scanning software on firewalls, proxy servers and PCs, and prohibit unauthorized downloading and installation of controls.

Intrusion detection technology

Using firewall technology, after careful configuration, it can usually provide safe network protection between internal and external networks and reduce network security risks. However, just using firewalls and network security is not enough:

(1) Intruders can look for possible back doors behind firewalls.

(2) The intruder may be in the firewall.

(3) Due to the limitation of performance, firewalls usually cannot provide real-time intrusion detection capability.

Intrusion detection system is a new network security technology that has emerged in recent years. Its purpose is to provide real-time intrusion detection and take corresponding protective measures, such as recording evidence for tracking and recovery, and disconnecting the network connection.

Real-time intrusion detection ability is very important. First, it can deal with attacks from internal networks, and second, it can shorten the time for hackers to invade.

Intrusion detection systems can be divided into two categories: host-based intrusion detection systems and network-based intrusion detection systems.

Security scanning technology

In the network security technology, another important technology is security scanning technology. The cooperation of security scanning technology with firewall and security monitoring system can provide a highly secure network.

Security scanning tools are usually divided into server-based and network-based scanners.

Authentication and digital signature technology

Authentication technology mainly solves the identification of both parties in the process of network communication. Digital signature, as a specific technology in identity authentication technology, can also be used to realize the non-repudiation requirement in communication.

Virtual private network technology

1, the demand of enterprises for VPN technology

The headquarters and branches of the company are connected through the Internet. Because the Internet is a public network, its security must be guaranteed. We call the private network realized by public network Virtual Private Network (VPN).

2. Digital signature

Digital signature is used as the basis to verify the identity of the sender and the integrity of the message. Public * * * key systems (such as RSA) are based on private/public * * * key pairs as the basis for verifying the identity of the sender and the integrity of the message. CA uses the private key to calculate its digital signature, and anyone can verify the authenticity of the signature with the public key provided by CA. Forging digital signatures is not feasible in computing power.

3、IPSEC

As an encrypted communication framework on IP v4 and IP v6, IPSec has been supported by most manufacturers, and it is expected to be determined as IETF standard in 1998, which is the Internet standard realized by VPN.

IPSec mainly provides encrypted communication function at the IP network layer. This standard adds a new header format, authentication header (AH) and encapsulated security payload (ESP) to each IP packet. IPsec uses ISAKMP/ oakley and SKIP for key exchange, management and security association.