| With the government and the growing of enterprise information and network scale, network security has increasingly become the focus of attention, and how to protect the network security has been the focus of scholars at home and abroad. In the face of increasingly advanced network technology, the traditional "loopholes, building walls, attack outside the" protection technology has been far from satisfying the needs of government and enterprise network security, especially in the safety management of the government, scientific research institutions, such as Bank Securities Department computer terminal is thin and weak, the problem of network security from within terminal hidden danger is particularly prominent. Therefore, the terminal control management is the premise to ensure the safe and reliable operation of the network, the network security management is the current urgent need to solve the problem.In this paper, using the 802.1x access technology, CA certification, SNMP and NAT drive technology and other key technologies, identification, the credibility of the terminal computer terminal user identity identification, data security and credibility of the terminal network terminal behavior supervision in four aspects, in order to guarantee the terminal information security and trusted access. Firstly, the use of the terminal node access algorithm, namely the password encryption algorithm, the terminal node network were acquired at the same time, the terminal node information; secondly, the terminal user identity authentication and CA authentication of the host terminal identification based on the combination of authentication technology, to realize the terminal authentication, prevent illegal access network; then the drive technology the use of NAT, to achieve detection, proxy servers and other violations of the user; and then use the software to filter the information acquisition, network equipment, terminal irregularities identification; developed a group management security access control strategy based on user permissions, accessibility and controllability; finally, the development of the control terminal security management module, is mainly to help the administrator to network, information and network implementation of user and host state detection.Research Based on these contents, and safety, stability, compatibility and other design principles, this paper developed a set of network terminal security management system, and the detailed test in real network environment. The test results show that, the system can complete the terminal access were identified in the end after the credibility, security access and security control and other functions, and irregularities identified and management terminal and accurately, so as to ensure the safety of the whole network. |
PDF Full Text Request