摘要
安全便利的计算机网络,是企业生产经营信息化的必要条件。本文对企业计算机内外网中常用的虚拟局域网隔离、访问权限隔离、移动存储介质等方法的安全隐患进行了分析。为应对各种隐患带来的数据泄密的威胁,我们建议内外网采用完全物理隔离的架构,同时使用完全物理隔离的双网计算机,并根据企业需要的安全等级使用相应的数据交换方式,监控和限制内网到外网的数据传递,确保企业经营活动具备安全可靠的网络和计算机环境。
Secure and convenient computer network is a precondition for enterprise information system. In this article, we analyze security vulnerabilities and threats of some popular methods used in enterprise network such as VPN isolation, access authority isolation and mobile storage medium. To cope with above threats, we suggest deploying dual network with physical isolation rather than logical isolation. We also suggest using a highly secured computer with dual-network physical isolation as terminal. Furthermore, data exchange regulation with solid supervision between internal and external network is essential.
关键词
安全
内网
外网
物理隔离
security
internal network
external network
physical isolation
