| 21st century is a Network age and people are becoming more and more dependent upon the Internet as a carrier in the daily life. It has become an unchangeable trend that the traditional communication network is changing into the IP technology totally. For now, some new technologies came out thick and fast which centered on IP. This phenomenon accelerated the speed of the elimination of the traditional telecommunication technology and transaction. Therefore, it has become the main operators'choice all over the world that to make a telecommunication level with IP network transition. Take China Mobile for example, by the end of 2010, the telephone traffic bore by the IP network attained 72%. The Signaling Network, Transmission Network and Ran Radio Access Network will also realize the IP pattern gradually.The network which centered on IP must face a tough truth that some serious security issues exist in it. This thesis deals with the present situation of Shandong Mobile system's network and starts a research work in order to reinforce the network security. Shandong Mobile owns network protection basically for the moment and the network layer protection gains notable effect. But the system which can connect outer net will turn into a safe hollow. Combine the main means of network attack at present, we took thorough measures to the safety of network gears such as DNS or Firewall. We made network security into the lowest base-line through a train of means such as authentication of log-in, authorization access, management of long-range maintenance port, log management and so on. According to the defects of different systems, we appointed safety scanning which is aimed at the in-house UNIX System and Windows System. Furthermore, we found out loopholes and latent dangers across-the-board and then we repaired them in time.Combine the daily work experience of Shandong Mobile network, we found that with the development of Internet's hacking and defense technology, the most common and effective method is to preserve the visit of normal authorized users by using all kinds of technology skills and to prevent the illegal visit of unauthorized users. Then different kinds of means must be used to form a unity and we must monitor the whole process from invasion to audit in the future completely. Withal, we developed the security control platform to accomplish the management about the authentication authorization audit of the centralized accounts and to impel all users to complete their daily works conveniently by using this platform. The security control platform can do the work about synchronization and protection of complicated account numbers after the perfection to the account management by it. Users nothing remains but to remember the password which can enter the system. For this reason, users'efficiency has been increased and the exits of weak password have been avoided. In the meantime, administrators'work-piece ratio to protect all resource and accounts are raised. This security platform designed effective and convenient audit measures, so we can discover security issues and all kinds of Intrusion attempts in our system without delay, we can give security administrators timely and exact information so as to make them take corresponding measures, also we can strengthen system's security. Through the network security reinforcement, we realized totally the combination of reliability, property of control, QOS, SLA and such telecom level features and IP. Thereby we enhanced the security management of Shandong Mobile's effect and benefit greatly. |
PDF Full Text Request