Network Security Management Solutions

With the rapid development of information technology, the dependence of user management on computer application systems has increased, and the dependence of computer application systems on the network has increased. The scale of computer network continues to expand, and the network structure becomes increasingly complex. The normal operation of computer networks and computer application systems puts forward higher requirements for network security. Information security precautions should be considered as a whole, covering all levels of the information system, and taking comprehensive precautions against networks, systems, applications, and data. The information security prevention system model shows that security prevention is a dynamic process, the technical means before, during and after the event should be complete, and security management should run through security prevention activities from beginning to end.

The need for network security management

To achieve the purpose of network security, the network management needs to provide two functions. One is the network security management and control function, which ensures the security of the network structure from the aspects of authority, device configuration, and illegal device identification. The second is the network operation management function. performance and other aspects to ensure the security of the network operation.

Network Security Control

1. Access control, perfect authority management

Different operation authority can be assigned to different administrators, and different networks can be assigned to different administrators, so as to achieve coarse and fine-grained authority control and avoid unauthorized management. At the same time, for dangerous operations, it can have good prompts and provide log records.

2. Provide security management and control functions

The network management provides security control functions, and supports simple operations through the network management to complete the functions of configuring users, various services, VLANs, QoS, port speed limits, and static routes.

The network management provides the port control function, and supports simple operations through the network management to complete the configuration of the device's port status, dot1x, STP, port application VLAN, and QoS policy.

3. Network access device control

When an illegal device is connected to the network, an alarm is generated to notify the network administrator.

network operation management

1. Fault discovery and fault notification

When equipment failure occurs, the administrator can be notified immediately, and the fault link can be quickly located, so that the system can be restored quickly.

2. Equipment performance monitoring

Real-time acquisition of network device performance data, comprehensive control of device port traffic, database read and write rates, CPU load and other performance, to avoid network insecurity events caused by device performance in advance.

Zhihe Network Management Platform Network Security Management Solution

Zhihe network management platform network security management solution is a customized solution based on the special needs of network security. It achieves the goal of network security through network security control and network operation management functions.

Zhihe network management platform network security management solution realizes functions such as authority control, security control, port control, policy comparison, access device control, fault management, and performance monitoring.

Rights management and control

Zhihe network management platform adopts a variety of rights management methods, which can assign read-only rights to users, assign different function menus to users, and assign users different network management rights. Avoid unauthorized management and ensure network security. At the same time, the log module in the system will record the operation of each user on the system, including operation time, content, operator and other information, which is convenient for timely troubleshooting.

Security control function

Security control: Zhihe network management platform analyzes the configuration commands of different devices, and uses multi-threading technology and remote connection technology to issue specific configuration commands, so as to limit the user, various services, VLAN, QoS, and port speed of the device. , static routing and other functions, control network access, reduce network intrusion attacks, and achieve network security.

Port control: Zhihe network management platform operates the device through SNMP protocol and issues configuration commands to the device to realize the configuration of port status, dot1x, STP, port application VLAN, QOS policy and other functions, and realize network security from the port level.

 

 

Strategy comparison: Zhihe network management platform provides the comparison function of device configuration strategy, which can intelligently analyze the strategy information, and display the similarities and differences of different strategies to users in a differentiated manner, so that users can confirm the strategy configuration.

 

 

Access device control

Through the security management audit module, Zhihe network management platform adds management policies such as blacklist, whitelist, and mac-ip binding. Network administrators only need to do simple configuration in advance to detect illegal access devices in time. When an illegal device is connected, the network management generates an alarm in time to notify the network management personnel.

 

Comprehensive network operation management

1. Fault discovery and fault notification

Zhihe network management platform discovers faults in the network through multi-threaded active polling and receiving equipment trap/syslog and other reported information, and realizes rapid positioning of equipment through topology map, and uses software interface, email notification, and SMS notification to notify various methods. The network management personnel ensures that the network management personnel can timely control the abnormal information of the network operation.

 

 

2. Equipment performance monitoring

Zhihe network management platform obtains performance information of routers, switches, databases, middleware and other equipment through a multi-threaded active polling mechanism, and displays the performance information to users in the form of statistical graphs and lists, allowing users to intuitively control the operation of network equipment.

 

 

General network management function

In addition to excellent network management security management functions, Zhihe network management platform also provides comprehensive network management functions, such as providing topology management functions, and supporting topology display network alarms, supporting topology to complete various network management operations; providing extended functions, supporting extended support through configuration Device type, resource type, monitor task; provide business management functions, and realize business viewing and management through tables and topologies.

Value

Using the network security management solution of Zhihe network management platform, it can effectively manage the network operation status, prevent and organize the occurrence of network insecurity incidents.

• Realize user grading and network grading authority management.
• Realize simple operation and powerful functions of security control, port control and policy comparison.
• Implement access device control.
• Realize fault detection and notification in time.
• Achieve full control over the secure operation of the network.

Technical characteristics

Zhihe network management platform network security management solution mainly has the following technical characteristics:

1. Use JAVA multi-threading technology to achieve efficient management and control of network security.
2. Use remote connection methods such as SSH and Telnet to issue commands to network devices.
3. Perform command analysis on the device to be managed, and process the commands to be sent and the results returned by the device.
4. Obtain device information through SNMP, generate alarms and performance data, and process trap/syslog data.
5. By actively discovering the MAC and IP information in the network, and comparing with the black and white list set by the user, the admission control is realized.
6. Build an efficient message queue and push message events in real time.
7. Use mature JAVA frameworks, such as Spirng, Struts, Hibernate, WebService, WebSocket, etc.