摘要
为抵御来自内网的安全威胁,保障供电局网络信息安全,探讨内网安全防护方案。通过分析内网信息安全事件原因,对比两种802.1X认证的控制方式,根据内网安全现状和需求,采用NAC准入控制系统结合接入交换机基于端口的802.1x认证方式,设计了桂林供电局内网安全防护解决方案。给出了网络准入控制系统的总体系统架构及策略管理服务器、准入控制服务器、接入层交换机等系统组成部分的具体部署方式。应用效果表明,该方案在病毒防范等内网安全防护方面有积极作用。
In order to against the security threat from internal network and guarantee the network information security of power supply bureau, the internal network security protection scheme is discussed.By analyzing reasons of internal network information security events and comparing two kinds of 802.1X authentication control modes, and based on the internal network security status and requirements, the NAC access control system combing with the port based 802. 1X authentication control mode which connected to switch is adopted. The internal network security protection solution scheme for Guilin power supply bureau is designed. The overall system architecture of the network access control system and the specific deployment of system components including strategy management server, access control server and access layer switch and so on are given. Application results show that the scheme has positive roles in the internal network security protections such as virus defense and so on.
出处
《广西电力》
2014年第6期59-62,共4页
Guangxi Electric Power
关键词
内网安全防护
网络准入控制
802.1X认证
intranet security protection
network access control, 802.1 x authentications
