The Strategies And Schemes For Implementing Key Technologies In Campus Network

CampusNet is the on-campus service that enables your computer to access the internet and other campus network resources from your residence hall. Firewall protection is needed in CampusNet. The most basic function of a firewall is to monitor and filter traffic. We can provide flexible network access controls through a controlled firewall. Router is a device that forwards data packets along networks. A router is connected to at least two networks, commonly a CampusNet and its ISP network. Routers are located at gateways, the places where two or more networks connect. So the Firewall can not provide safety protection for the router. Firewall monitors network behavior for signs of abuse or intrusion from outer user in some degree, but it can't detect the abuse or intrusion in campus users. The question we want to discuss here is how to provide a first and stronger protection for the router in campus' network and how to restrict the users' behavior in campus' network.The paper first discusses and analysis the security problem of the router. And it provides the efficient method to help network manager to ensure the security of router and network. Cisco router implements traffic filters with access control lists (also called access lists). Access lists determine what traffic is blocked and what traffic is forwarded at router interfaces. Cisco provides both static and dynamic access list capabilities. The static access lists to provide a basic level of security for accessing your network. The dynamic access lists provide sophisticated traffic filtering capabilities for stronger, more flexible network security. To provide the security benefits of access lists, you should at a minimum configure access lists on border routers-routerssituated at the edges of your networks. Otherwise the border router would become bottleneck in campus' network.In LAN switch technology, VLAN / L3 develop very fast. Short for virtual LAN, a network of computers that behave as if they are connected to the same wire even though they may actually be physically located on different segments of a LAN. VLANs are configured through software rather than hardware, which makes them extremely flexible. One of the biggest advantages of VLANs is that when a computer is physically moved to another location, it can stay on the same VLAN without any hardware reconfiguration. The technology of gigabit Ethernet in campus network provide QOS assure. QOS refers to the capability of a network to provide better service to the selected network traffic over various technologies. The primary goal of QOS is to provide priority including dedicated bandwidth, controlled jitter and latency (required by some real-time and interactive traffic), and improved loss characteristics. It is important to make sure that providing priority for one or more flows does not make other flows fail. This paper analyzed a few kinds of combined techniques which are adopted by the QOS of gigabit Ethernet. 802.1p protocol is one of the protocols that supported by the QOS of gigabit Ethernet. Combined VLAN / L3 with QOS, this paper design a model how to control the bandwidth of campus network user. It also becomes a kind of network security policies.The Network Accounting Manage plays an important role in network management. The implementing of Network Accounting system depends on network management policies. This paper provides the efficient method to help network manager to ensure the accounting of network. The rule, implementation and problems concerned with accounting are discussed. Active Directory, which is an essential component of the Windows 2000 architecture, presents organizations with a directory service designed for distributed computing environments. Active Directory allows organizations to centrally manage and share information on network resources and users while acting as the central authority for network security. The users must log on windows2000 network by supplying a unique user name and password. The proxy must validate or authenticate this logon information for the users in order for the users to have access. We have the Proxy server web proxy...