南昌大学计算机网络基础
内部网络分段是保证安全的一项重要措施,同时也是一项基本措施,其指导思想在于将非法用户与网络资源相互隔离,从而达到限制用户非法访问的目的。办公自动化网络可以根据部门或业务需要分段。网络分段可采用物理分段或逻辑分段两种方式:物理分段通常是指将网络从物理层和数据链路层上分为若干网段,各网段相互之间无法进行直接通讯;逻辑分段则是指将整个系统在网络层上进行分段。并能实现子网隔离。在实际应用过程中,通常采取物理分段与逻辑分段相结合的方法来实现隔离。
Internal network segmentation is an important measure to ensure the safety, but also a basic measure, its guiding ideology is the illegal users and cyber source isolated from each other, thereby limiting users unauthorized access to. Office automation network according to the departments or business segment. Network segment can use physical segment or logic sections in two ways: physical segment usually refers to the network from the physical layer and data link layer is divided into a number of segments, each segment has no direct communication between each other; logical segmentation refers to the whole system in network layer segmentation. And can realize the network isolation. In practical application process, usually taking physical segment and logic sections combined to achieve isolation.
第 - 11 - 页 共 14 页
南昌大学计算机网络基础
3.4 病毒防治
相对于单机病毒的防护来说,网络病毒的防治具有更大的难度,网络病毒防治应与网络管理紧密结合。网络防病毒最大的特点在于网络的管理功能,如果没有管理功能,很难完成网络防毒的任务。只有管理与防范相结合,才能保证系统正常运行。
Compared with the single virus protection, network virus prevention and control has greater difficulty, network virus prevention and control should be closely combined with network management. Network anti virus is characterized by network management function, if there is no management function, it is difficult to complete the task of network antivirus. Only the management and prevention of the combination, in order to ensure the normal operation of the system.
3.5 数据恢复
办公自动化系统数据遭到破坏之后,其数据恢复程度依赖于数据备份方案。数据备份的目的在于尽可能快地全盘恢复运行计算机系统所需的数据和系统信息。根据系统安全需求可选择的备份机制有:实时高速度、大容量自动的数据存储、备份与恢复;定期的数据存储、备份与恢复;对系统设备的备份。备份不仅在网络系统硬件故障或人为失误时起到保护作用,也在入侵者非授权访问或对网络攻击及破坏数据完整性时起到保护作用,同时亦是系统灾难恢复的前提之一。
Office automation system data destruction, their data
第 - 12 - 页 共 14 页
南昌大学计算机网络基础
recovery is dependent on the data backup scheme. Data backup is to as soon as possible the overall recovery operation needed for a computer system data and information system. According to the system safety requirements can choose backup mechanisms: real time high speed, large capacity automatic data storage, backup and recovery; regular data storage, backup and recovery device of the system backup. Backup not only in the network hardware failure or human error play a protective role, but also in the unauthorized access or to the network attack and destroy data integrity play a protective role, but also is the premise of disaster recovery system.
4 结束语
随着企业各部门之间、企业和企业之间、国际间信息交流的日益频繁,办公自动化网络的安全问题已经提到重要的议事日程上来,一个技术上可行、设计上合理、投资上平衡的安全策略已经成为成功的办公自动化网络的重要组成部分。
As among the various departments and enterprises, enterprises
and
between
enterprises,
international
information exchanges become more frequent, office automation and network security problems have been mentioned important schedule to come up, a feasible in technology, reasonable
第 - 13 - 页 共 14 页
南昌大学计算机网络基础
design, investment balance security strategy has become a successful office automation network important component.
学生姓名:崔福红 学号:5501110009
第 - 14 - 页 共 14 页