Virtual network technology

虛擬網技術主要基于近年發展的局域網交換技術(ATM和以太網交換）。交換技術將傳統的基于廣播的局域網技術發展為面向連接的技術。因此，網管系統有能力限制局域網通訊的范圍而無需通過開銷很大的路由器。

Virtual network technology is mainly based on the LAN Switching Technology (ATM and Ethernet switching) developed in recent years. The switching technology develops the traditional LAN technology based on broadcasting into a connection oriented technology. Therefore, the network management system has the ability to limit the range of LAN communication without passing through expensive routers.

由以上運行機制帶來的網絡安全的好處是顯而易見的：信息只到達應該到達的地點。因此防止了大部分基于網絡監聽的入侵手段。通過虛擬網設置的訪問控制，使在虛擬網外的網絡節點不能直接訪問虛擬網內節點。但是，虛擬網技術也帶來了新的安全問題：執行虛擬網交換的設備越來越復雜，從而成為被攻擊的對象；基于網絡廣播原理的入侵監控技術在高速交換網絡內需要特殊的設置；基于MAC的VLAN不能防止MAC欺騙攻擊。

The benefits of network security brought by the above operation mechanism are obvious: information only reaches the place where it should arrive. Therefore, most intrusion means based on network monitoring are prevented. Through the access control set by the virtual network, the network nodes outside the virtual network can not directly access the nodes in the virtual network. However, the virtual network technology also brings a new security problem: executing virtual network The equipment of network switching is becoming more and more complex, so it has become the object of attack; the intrusion monitoring technology based on the principle of network broadcasting needs special settings in the high-speed switching network; the VLAN based on Mac can not prevent MAC spoofing attack.

防火墻技術

Firewall technology

防火墻可以說是網絡安全的代名詞。網絡中的防火墻（包括安全網關）是一種用來加強網絡之間訪問控制，防止外部網絡用戶以非法手段通過外部網絡進入內部網絡，訪問內部網絡資源，保護內部網絡操作環境的特殊網絡互聯設備及相關技術。它對兩個或多個網絡之間傳輸的數據包如鏈接方式按照一定的安全策略來實施檢查，以決定網絡之間的通信是否被允許，并監視網絡運行狀態。

Firewall is synonymous with network security. Firewall in network (including security gateway) It is a special network interconnection device and related technology used to strengthen the access control between networks, prevent external network users from entering the internal network through the external network by illegal means, access internal network resources, and protect the internal network operating environment. It checks the data packets transmitted between two or more networks, such as the link mode, according to a certain security policy to decide Whether the communication between networks is allowed, and monitor the operation status of the network.

防火墻產品主要有堡壘主機，包過濾路由器，應用層網關(代理服務器)以及電路層網關，屏蔽主機防火墻，雙宿主機等類型。

Firewall products mainly include fortress host, packet filter router, application layer gateway (proxy server), circuit layer gateway, shielding host firewall, dual host and so on.

作為內部網絡與外部公共網絡之間的道屏障，防火墻是先受到人們重視的網絡安全產品之一。雖然從理論上看，防火墻處于網絡安全的底層，負責網絡間的安全認證與傳輸，但隨著網絡安全技術的整體發展和網絡應用的不斷變化，現代防火墻技術已經逐步走向網絡層之外的其他安全層次，不僅要完成傳統防火墻的過濾任務，同時還能為各種網絡應用提供相應的安全服務。另外還有多種防火墻產品正朝著數據安全與用戶認證，防止病毒與黑客侵入等方向發展。

As the first barrier between internal network and external public network, firewall is one of the first network security products to be paid attention to. Although theoretically, firewall is at the bottom of network security and is responsible for security authentication and transmission between networks, with the overall development of network security technology and the continuous change of network application, modern firewall technology has gradually changed To move to other security levels outside the network layer, we should not only complete the filtering task of the traditional firewall, but also provide corresponding security services for various network applications. In addition, a variety of firewall products are developing towards data security and user authentication, preventing virus and hacker intrusion and so on.

病毒防護技術

Virus protection technology

計算機病毒（包括木馬，惡意軟件）歷來是信息系統安全的主要問題之一。由于網絡的廣泛互聯，病毒的傳播途徑和速度大大加快。

Computer viruses (including Trojans and malware) have always been one of the main problems of information system security. Due to the wide interconnection of networks, the transmission path and speed of viruses have been greatly accelerated.

病毒的傳播途徑包括：

The routes of transmission of the virus include:

(1) 通過移動存儲設備進行病毒傳播：如U盤、CD、軟盤、移動硬盤等。

(1) Virus transmission through mobile storage devices: such as USB flash disk, CD, floppy disk, mobile hard disk, etc.

(2) 通過網絡來傳播：網頁、電子郵件、即時通信、FTP。

(2) Spread through the network: Web page, e-mail, instant messaging, FTP.

(3) 利用計算機系統和應用軟件的漏洞傳播。

(3) Exploit the vulnerability propagation of computer system and application software.

在實際應用中，病毒通常時同時借助上述多種途徑進行傳播。

In practical application, the virus usually spreads through the above multiple ways at the same time.

以上的精彩內容來自：濟南網站建設公司更多的精彩內容請關注我們的網站：http://www.qanho.com

The above wonderful content comes from Jinan website construction company. For more wonderful content, please pay attention to our website: http://www.qanho.com