Network Security

Network security is defined as the network system of hardware, software and its system of data protection, and not by accident or malicious reasons and suffered damage, change, disclose, system a continuous and reliable in normal operation, the network services do not interrupt. Network security from its essentially is on the network information security. Broadly speaking, always involves network information on the confidentiality, integrity, and availability, authenticity and control of relevant technology and theory are network security area of research. Network security is an involved in computer science, network technology and communication technology, the password techniques, information security technology, applied mathematics and number theory, information theory etc. Various disciplines of integrated disciplines.

Main characteristics

Network security should have the following five features:

Confidentiality: information don't leak it to unauthorized users, entity or process, or for its use properties.

Integrity: data without authorization, cannot undertake changing characteristic. Namely information in stored or transmitted process keep not be amended, don't be destroyed or lost characteristics.

Availability: can be authorized to access and on-demand use physical properties. That is when the need when whether to access the information needed. For example, denial of service under the network environment destruction network and relevant the system runs normally belong to the attack of usability,

Controllability: for dissemination of information and content has the control.

Can examine gender: appear security issues provides the basis and means

From the network operation and management perspective, they hope to local network information access, read/write operation under protection and control, avoid "stuck door", virus, illegal access, denial of service and network resources illegally occupy and illegal control threat, stop and defense network hacker attacks. On the security department for, they hope to illegal, harmful or involving state secrets of information filtering method and prevent and avoid confidential information leakage, avoid to cause harm to society, national caused heavy loss. From the social education and ideology perspective, Internet unhealthy content, the social stability and development of human caused obstacles, we must carry on the control.

Along with the rapid development of computer technology, the computer processing of business are based on a single arithmetic, document handling, based on the simple connected to the internal network of internal processing, office automation, development based on complex Intranet, Extranet, Internet enterprise-class computer processing system and the worldwide information sharing and processing. In system processing capability at the same time, the system of connection capacity is also in constant improvement. But in connection capacity information, the ability to increase circulation at the same time, based on network connection security is increasingly prominent, the whole network security is mainly manifested in the following aspects: the network of physical security, network topology structure security, network security system, application system security and network management of safety, etc.

Therefore computer security problems, should be like in every household, accomplish as fire anti-theft iridology. Don't even think of you will become a goal, threat has emerged, once in place, often unprepared, cause great losses.

It with network performance and function relations

Usually, the system safety and performance and function is a pair of contradictory relationship. If a system does not offer any kind of service to the outside (disconnect), outside is not may constitute a security threats. But, the enterprise access international interconnection network, provide online stores and e-commerce services, equivalent to an internal closed network built an open network environment, various security including system level security is caused.

Construct network security system, on the one hand, because want to certification, encryption, monitor, analyze, record etc, thus influence network efficiency and reduces customer application of flexibility; On the other hand also increases the management cost.

But, from network security threat is real, especially in the network operation on the key business, network security is first to solve the problem.

Choosing appropriate technology and products, make flexible network security strategy, in network security situation, provide flexible network service channel.

Using appropriate safety system design and management programs, and it can effectively reduce the network security of network of influence of performance and reduce the management cost. Omni-directional safety system:

And other security system (such as security systems), enterprise application system of similar safety system should include:

Access control: based on specific network segment, service access control system, establish will arrive in most attacks stop attack target before. Check safety loophole: for security holes through the cycle of inspection, even though the attack can be reached a target, also can make the most attack is invalid. Attack monitoring: based on specific network segment, service establish attack monitoring system, real-time detect most attack, and take corresponding actions (such as disconnect network connection, record attack process, tracking attack source, etc.).

Encryption communication: active encryption communication, can make an attacker can't understand, modify sensitive information.

Authentication: good authentication system can prevent the attacker fake legitimate users.

Backup and restore: good backup and recovery mechanism, can be in attack that inflicts losses, as soon as possible recover the data and system service.

Multi-layer defense, and attacker in breakthrough after the first line of defense, delay or blocking them to attack the target.

Hidden inside information, make an attacker can't understand the system within the basic situation.

Establish safety monitoring center for information system provides the security system administration, monitoring, canal protect and emergency services.

Network security is defined as the network system of hardware, software and its system of data protection, and not by accident or malicious reasons and suffered damage, change, disclose, system a continuous and reliable in normal operation, the network services do not interrupt. Network security from its essentially is on the network information security. Broadly speaking, always involves network information on the confidentiality, integrity, and availability, authenticity and control of relevant technology and theory are network security area of research. Network security is an involved in computer science, network technology and communication technology, the password techniques, information security technology, applied mathematics and number theory, information theory etc. Various disciplines of integrated disciplines.Main characteristicsNetwork security should have the following five features:Confidentiality: information don't leak it to unauthorized users, entity or process, or for its use properties.Integrity: data without authorization, cannot undertake changing characteristic. Namely information in stored or transmitted process keep not be amended, don't be destroyed or lost characteristics.Availability: can be authorized to access and on-demand use physical properties. That is when the need when whether to access the information needed. For example, denial of service under the network environment destruction network and relevant the system runs normally belong to the attack of usability,Controllability: for dissemination of information and content has the control.Can examine gender: appear security issues provides the basis and meansFrom the network operation and management perspective, they hope to local network information access, read/write operation under protection and control, avoid "stuck door", virus, illegal access, denial of service and network resources illegally occupy and illegal control threat, stop and defense network hacker attacks. On the security department for, they hope to illegal, harmful or involving state secrets of information filtering method and prevent and avoid confidential information leakage, avoid to cause harm to society, national caused heavy loss. From the social education and ideology perspective, Internet unhealthy content, the social stability and development of human caused obstacles, we must carry on the control.Along with the rapid development of computer technology, the computer processing of business are based on a single arithmetic, document handling, based on the simple connected to the internal network of internal processing, office automation, development based on complex Intranet, Extranet, Internet enterprise-class computer processing system and the worldwide information sharing and processing. In system processing capability at the same time, the system of connection capacity is also in constant improvement. But in connection capacity information, the ability to increase circulation at the same time, based on network connection security is increasingly prominent, the whole network security is mainly manifested in the following aspects: the network of physical security, network topology structure security, network security system, application system security and network management of safety, etc.Therefore computer security problems, should be like in every household, accomplish as fire anti-theft iridology. Don't even think of you will become a goal, threat has emerged, once in place, often unprepared, cause great losses.It with network performance and function relationsUsually, the system safety and performance and function is a pair of contradictory relationship. If a system does not offer any kind of service to the outside (disconnect), outside is not may constitute a security threats. But, the enterprise access international interconnection network, provide online stores and e-commerce services, equivalent to an internal closed network built an open network environment, various security including system level security is caused.Construct network security system, on the one hand, because want to certification, encryption, monitor, analyze, record etc, thus influence network efficiency and reduces customer application of flexibility; On the other hand also increases the management cost.But, from network security threat is real, especially in the network operation on the key business, network security is first to solve the problem.Choosing appropriate technology and products, make flexible network security strategy, in network security situation, provide flexible network service channel.Using appropriate safety system design and management programs, and it can effectively reduce the network security of network of influence of performance and reduce the management cost. Omni-directional safety system:And other security system (such as security systems), enterprise application system of similar safety system should include:Access control: based on specific network segment, service access control system, establish will arrive in most attacks stop attack target before. Check safety loophole: for security holes through the cycle of inspection, even though the attack can be reached a target, also can make the most attack is invalid. Attack monitoring: based on specific network segment, service establish attack monitoring system, real-time detect most attack, and take corresponding actions (such as disconnect network connection, record attack process, tracking attack source, etc.).Encryption communication: active encryption communication, can make an attacker can't understand, modify sensitive information.Authentication: good authentication system can prevent the attacker fake legitimate users.Backup and restore: good backup and recovery mechanism, can be in attack that inflicts losses, as soon as possible recover the data and system service.Multi-layer defense, and attacker in breakthrough after the first line of defense, delay or blocking them to attack the target.Hidden inside information, make an attacker can't understand the system within the basic situation.Establish safety monitoring center for information system provides the security system administration, monitoring, canal protect and emergency services.