Campus network is often facing of many kinds of attacks of different motive. Security system for export of campus network can .accept the valid access, block the attacks and enhance the network security.The export of ZJU network has features of multi-access modes, volume users, multi-export ports. Bottleneck of throughput and weak security are old scheme' s defects. So we need to redesign the architecture of export. More efficiency of user' s valid and security access, more security defense of application servers are discussed in this paper.The paper will study the security theory and design the security architecture mode of campus network export-port. And new design of the key techniques: authorized technique, security communication technique, secure defense technique which meet the requirement of ZJU campus network.The system is constructed by three modules: export authorized module, security communication module by L2TP, servers defense module. |