电信运营商企业网络安全建设
摘要
随着计算机网络的发展,信息化已成为企业发展的必然趋势;电信运营商一级的公司,对于网络和办公自动化系统的依赖性非常强,一个安全的、稳定可靠的网络系统已经成为上海移动公司日常办公和业务应用的基础支撑体系。
由于计算机网络具有连接形式多样性、网络体系结构复杂性,终端分布不均匀性和网络的开放性等特征,致使网络易受黑客、病毒、垃圾邮件等的干扰和攻击,所以如何保证我公司的Intranet网络的安全成为一个重要的问题。
本文的主要内容就是,设计和建设一套适合本行业和本公司自身特点的网络安全防护体系,该防护体系能解决上海移动公司Intranet网络的各种特殊问题和故障,能满足上海移动公司自身Intranet网络的需要和发展。
本文通过分析上海移动公司Intranet网络的特点和公司的Intranet网络在实际运行过程中出现的一些故障和问题,例如使用全功能的防火墙对网络进行安全防护给公司内网造成的问题;防火墙无法独立应对内网发起的攻击;安全设备无法阻止病毒入侵内网,内网病毒泛滥和垃圾邮件偶尔大规模流入等,并通过分析问题出现的原因和探索问题的具体解决方案,从而研究如何设计建设和完善适合上海移动公司Intranet网络自身特点的安全防御体系,保障公司业务顺利开展。
技术与管理是相辅相成的,本文将两者结合在一起阐述,说明只有将管理和技术紧密结合,才能有效保障企业网络的安全。
Along with the development of computer network, information become the goal of the corporation. Modern corporation lean up network more and more, a secure and stabilization network become the basic support system of the company.
But because the network is multiformity and open, the system of net is complexity, and the terminal distributing is asymmetry, lead the net liable to attack of the virus, how to protect the safety of the Intranet is a very important problem.
The content of this article is how to design and build a net-safty-defending system which can suit company self. This system can solve the problems and troubles of SHMC, and can suffice the development of SHMC’s Intranet.
This article analyse the trouble and problem of our company’s Intranet in running, these troubles include protect security of Intranet by using all-around Firewall only, the firewall can not breast the attack coming from the inside, equipment can not prevent virus from entering the inside, and trash inflow now and then, and research how to by setting up a secure Intranet for corporation by analyzing the cause of these problems and studying solve scheme of these problems to prevent unlawful user from thieving , forging and destroying data by the bug of network.
Also, technology and manager supplement each other. This article try hard to explain both of technology and manager, let the reader realize only by combining the technology and manager, we can protect the safety of the company Intranet .
由于计算机网络具有连接形式多样性、网络体系结构复杂性,终端分布不均匀性和网络的开放性等特征,致使网络易受黑客、病毒、垃圾邮件等的干扰和攻击,所以如何保证我公司的Intranet网络的安全成为一个重要的问题。
本文的主要内容就是,设计和建设一套适合本行业和本公司自身特点的网络安全防护体系,该防护体系能解决上海移动公司Intranet网络的各种特殊问题和故障,能满足上海移动公司自身Intranet网络的需要和发展。
本文通过分析上海移动公司Intranet网络的特点和公司的Intranet网络在实际运行过程中出现的一些故障和问题,例如使用全功能的防火墙对网络进行安全防护给公司内网造成的问题;防火墙无法独立应对内网发起的攻击;安全设备无法阻止病毒入侵内网,内网病毒泛滥和垃圾邮件偶尔大规模流入等,并通过分析问题出现的原因和探索问题的具体解决方案,从而研究如何设计建设和完善适合上海移动公司Intranet网络自身特点的安全防御体系,保障公司业务顺利开展。
技术与管理是相辅相成的,本文将两者结合在一起阐述,说明只有将管理和技术紧密结合,才能有效保障企业网络的安全。
Along with the development of computer network, information become the goal of the corporation. Modern corporation lean up network more and more, a secure and stabilization network become the basic support system of the company.
But because the network is multiformity and open, the system of net is complexity, and the terminal distributing is asymmetry, lead the net liable to attack of the virus, how to protect the safety of the Intranet is a very important problem.
The content of this article is how to design and build a net-safty-defending system which can suit company self. This system can solve the problems and troubles of SHMC, and can suffice the development of SHMC’s Intranet.
This article analyse the trouble and problem of our company’s Intranet in running, these troubles include protect security of Intranet by using all-around Firewall only, the firewall can not breast the attack coming from the inside, equipment can not prevent virus from entering the inside, and trash inflow now and then, and research how to by setting up a secure Intranet for corporation by analyzing the cause of these problems and studying solve scheme of these problems to prevent unlawful user from thieving , forging and destroying data by the bug of network.
Also, technology and manager supplement each other. This article try hard to explain both of technology and manager, let the reader realize only by combining the technology and manager, we can protect the safety of the company Intranet .
引文
[1] 《网络安全与管理》,林涛,电子工业出版社,2005 [2] 《网络安全完全手册》, 布拉格等,电子工业出版社,2005 [3] 《构筑适合本行业特点的网络安全防护体系》,许苓,彭飞,电子质量,2002。3 [4] 《局域网:组网技术与维护管理》,胡存生,电子工业出版社,2004.8 [5] 中国移动网站, http://www.chinamobile.com [6] 《中国移动电子运行维护系统与网管系统互联接口规范(V1.1.0)》 中国移动集团公司 2003 [7] CISCO 网站, http://www.cisco.com/web/CN [8] 《ROUTING TCP/IP VOLUME 1》,JEFF DOLE, [9] 《ROUTING TCP/IP VOLUME 2》,JEFF DOLE, [10] 《计算机网络综合布线系统》,李宏力,清华大学出版社,2003 [11] 《局域网技术与组网工程》,苏英如,中国水利水电出版社,2005 [12] 《局域网:组网技术与维护管理》,胡存生,电子工业出版社,2004.8 [13] 《计算机网络工程典型案例分析》, 孙江宏、赵腾任、刘国斌,清华大学出版社,2004 [14] 《一种与入侵检测互动的 Internet 安全防范系统》,张颖、王辉,计算机工程与应用,2003 [15] 中国移动网站, http://www.chinamobile.com [16] 《反黑客教程》,高志国、龙文辉,中国对外翻译出版公司,2001 [16] 《电子治理引论——面向 21 世纪电子政务专业核心课程系列教材》,刘邦凡,北京大学出版社,2005 [17] 《计算机通信网络安全》,冯登国,清华大学出版社,2001 [18] 安全在线网站, http://www.dosecu.com [19] 《中国电信业网络与信息安全研讨会白皮书》,2005 [20] 《网络精髓-实用与理论》,Michael J.Martin,机械工业出版社,2000 [21] 《Cryptography and Network Security:Principles and Practice.Fourth Edition》,William Stallings,电子工业出版社,2006 [22] 《思科网络技术学院教材》,Viso Amato,人民邮件出版社,2000 [23] 《密码学与网络安全:原理与实践》,杨明等译,电子工业出版社,2005 [24] 《网络信息安全与保密》,杨义先,北京邮电大学出版社,1999 [25] 《计算机网络安全与应用技术》,袁家政,邮电出版社,2002 [26] 《信息安全学》,周学广,机械工业出版社,2003 [27] 《计算机网络应用基础》,王宝智、姜国华,清华大学出版社,2005 [28] 《计算机网络安全》,戴红,电子工业出版社,2003 [29] 《网络安全原理与应用》,张永世,科学出版社,2003.5 [30] 《网络安全基础教程:应用与标准》,William Stallings,清华大学出版社,2005 [31] 《网络安全原理与应用》,沈苏彬,人们邮电出版社,2005