Planning And Implementation Of The Reforming Scheme For Network Security Of The Customer Service System, Guangxi Unicom

The problem of the Internet security has become more and more prominent along with the rapid development of the computer network technology. Thus there exist such network security problems in the network of Guangxi Unicom's customer service system as network storming, virus invasion, low capacity for network errors, unsafe data transmission, and incapable router switch, etc. This paper intends to bring forward an alternative scheme for the improvement of Internet security aiming at the above mentioned problems. The scheme will reconstruct and optimize the current network from the following aspects:1,Division of VLAN: According to the operational function, the central system is divided into several virtual networks. Three-tier exchange should be used as the routers between VLAN and the manipulative equipment for visits between VLAN so as to effectively control the network flux and improve the network security.2,Employment of VRRP: Virtual Router Redundancy Protocol should be used in two three-tier exchanges. This measure assigns VRRP virtual gateway addresses to all the terminals with exchanges as the next skip within the network. It not only realizes the automatic switch for the three-tier exchanges, but avoids static appointment of the defects of the gateway and provides effective redundancy of error capacity for the system as well.3,Construction of Firewall: Firewalls should be built at the network borders, i.e. between the system of customer service and the system of exterior operation and between the system of customer service and the Internet. Separation and visit control between the internal and external networks or between different trust fields should be carried out through strictly defined visiting strategies so that highly effective and safe visiting control is achieved.4,Reforming the Seating Networks of Local Cities and Towns: Redundancy plan is employed in the seating system network connection between the central system and the local cities and towns and the Hot Standby Router Protocol (HSRP) is employed between the routers of the local cities and towns. Therefore the automatic switch between the active routers and the standby routers of the local cities and towns is actualized and the redundancy standby in the seating networks of the local cities and towns is actualized to improve the safety and reliability of the network.5,Disposition of OSPF Sections: The whole network is divided into prior section and normal section and the seating networks of the local cities and towns are assigned to corresponding OSPF sections, which leads to the mutual actualization of the redundancy standby for the seating networks of the local cities and towns. Meanwhile, loopback interface is equipped to OSPF routers and employed as the router ID to improve the solidity of the network.Based on the analysis of the security problems existing in the network of the customer service system of Guangxi Unicom, this paper puts forward a reforming scheme for the network with pertinence. The scheme mentioned here will not just effectively solve the threatening problem that the network security is confronting at this moment, but also prepare some foundational facilities for the future network security. Then the intention of the overall optimization of the network is achieved.