Design And Implementation Of Enterprise Network Upgrade And Network Security Reinforcement

Based on the background of the network upgrade and security reinforcement project of a certain refinery and chemical enterprise,this thesis establishes a network information system with efficiency,stability and safety,according to the relevant regulations and standards for the state and group companies,combining the present situation of the current network and considering the redundancy and expansibility aspects.(A)Network upgrade work.This thesis describes the shortcomings of the original network architecture and configuration of the enterprise,considers its characteristics and requirements,and makes the choice of the network equipments.It realizes the enterprise backbone network with high performance,high stablity and necessary redundancy through the use of network virtualization and link aggregation technology.Moreover,it resolves the problems of disorder in management of access layer and frequenct occurrence of broadcasting storm via VLAN technology.The logical networktopology proposed reflectes the regional divisions and functions in the enterprise network,and the overall topology of the enterprise indicatesthe physical structure,the interconnection of equipments and the application of related technologies in the enterprise's network.(B)Safety reinforcement work.This chapter focuses on the management of the network security of the enterprise,and by taking the enterprise demand in the network security into fully consideration,together with the latest security concepts and internal control requirements,analysis concludes a security reinforcement design on three levels,including external security protection,terminal access control,and operation and maintenance,which could improve the security control both internally and externally,in the way of implementing the hardware level intrusion detecting system and the fortress,the development of the software level terminal accecc control,security protocol login,access control,and other security configuration.(C)Test work.Tests have been carried out as to the concerning the two aspects mentioned.As to the network running testshardware redundancy testing,link redundancy testing and network performance testing are included.The reliability of the network architecture is tested by simulating the equipment or link failure scenarios in the real working environment,and the load performance tests are carried out by monitoring and counting the relevant parameters during the busy hours of the network.And as to the network security tests,it includes intrusion detecting function test,terminal access test and operation and maintenance security test.In the intrusion detecting function test,it identifies the network attack behavior,alarm and block functionusing the relevant software to play back the attack data packet.In addition,terminal access and operation and maintenance are simulated in real scene.The test results meet the design requirements,so that it achieves the desired objectives of the study.This thesis focuses on the overall planning and network architecture design of new technologies.At the same time,it puts forward the solution to enterprise network security and reinforcement,which lays a solid foundation for enterprise information construction and enterprise network upgrade optimization.