Campus network security and preventive measures. Now this era is the era of network, campus network contains all kinds of information, and campus network also needs certain security precautions. Next, I will take you to understand the campus network security and preventive measures.
Campus Network Security and Preventive Measures 1 I. Preface
At present, the "campus network" based on the network environment has become the focus of school information construction. The purpose of campus network construction is to serve teaching, scientific research and management, and its construction principles are nothing more than advanced, practical, high performance, openness, expansibility, maintainability and operability, but most people ignore the security of the network, or pay insufficient attention to security in the process of building campus network. According to the statistics of the Federal Bureau of Investigation, the economic loss caused by network security problems in the United States is as high as $7.5 billion every year, and an Internet computer intrusion occurs every 20 seconds on average in the world. In China, the losses caused by hackers and computer viruses to enterprises every year are shocking. People are paying more and more attention to network security while enjoying the advantages of the network.
It can be seen that the security of campus network runs through the whole process of campus network construction, management and use, which is very important.
Second, the characteristics of campus network security issues
Because the school is a place centered on teaching activities, network security also has its own characteristics. Mainly manifested in:
1, bad information dissemination.
After the campus network is connected, both teachers and students can surf the Internet on their own machines through the campus network. At present, all kinds of information on the Internet are mixed, and related websites such as pornography, violence and cults are flooding. These toxic information violate human moral standards and relevant laws and regulations, and do great harm to students whose world outlook and outlook on life are forming. If security measures are not good, some students will not only visit these websites, but also spread this information on campus.
2. The harm of virus.
Viruses spread through the network, whether in speed, destructiveness or scope, are incomparable to single-machine viruses. Especially after the school is connected to the internet, it opens the door for external viruses to enter the school, and downloaded programs and emails may contain viruses.
3. Illegal visit.
There are not many secrets involved in the school, and the possibility of illegal acquisition by the outside world is also small. The key is illegal entry from the inside. Some students may get answers to exercises through abnormal means, which makes normal teaching exercises meaningless. What's more, some students may get the exam content before the exam, which seriously undermines the management order of the school.
4. Malicious destruction.
This includes the destruction of network equipment and network systems.
Network devices include servers, switches, hubs, communication media, workstations, etc. They are distributed all over the campus and are very difficult to manage. Some people may destroy them intentionally or unintentionally for various purposes, which will lead to the complete or partial paralysis of the campus network.
On the other hand, using hacker technology to destroy campus network system. It is manifested in the following aspects: modifying the home page of the school website and destroying the image of the school; Sending a lot of information to the server paralyzes the whole network; Use the school BBS to forward all kinds of illegal information.
5. User's own characteristics
Campus network is different from general intranet. First of all, its main users are teenagers, who are curious, eager to win and indifferent to legal consciousness. Most schools fail to educate them on information ethics, which makes them have the idea of worshipping hackers and always want to try their hand. Secondly, some websites provide hacker software and tutorials for click-through rate and self-interest; In addition, students are energetic, have mastered a lot of computer and network professional knowledge, and are easy to be attacked by hackers or write virus programs.
Third, the campus network security precautions
At present, the mature network security technology products are: firewall, intrusion detection, identity authentication, virus prevention, information filtering, data encryption, V PN, VLAN, fault tolerance, data backup, address binding and so on. However, network security is not only a simple stack of these technical products, but also an organic combination of a relatively complete and systematic series of security products, including systems, applications, equipment and services.
1. Divide VLAN according to users' characteristics and needs.
Compared with the local area network of other enterprises and institutions, networked computers and network users are more complicated. There are teachers' lesson preparation machines, students' computer rooms, students' dormitories, libraries, families' areas and computers for personnel, finance and logistics administration. Different users have different requirements for the security of the network and their own information, so the campus network can be divided into multiple VLAN.
2. Set a firewall gateway at the campus network exit.
The firewall gateway can effectively isolate the campus network from the external Internet, effectively control the access connection between the campus network and the Internet, and prevent hackers from illegally accessing and attacking the campus network. Set firewall gateways for some important network segments in the campus network (such as academic affairs office, educational administration, finance, personnel, scientific research center, important laboratories, etc.). ) isolate them from the network segments of student computer room, student dormitory and family area, and provide the most basic access control for the network layer so that it will not be attacked by other network segments of the school.
3. Rational use of intrusion detection technology.
Intrusion detection technology is a kind of network security technology that actively protects itself from attacks. As a reasonable supplement to firewall, intrusion detection technology can help the system to cope with network attacks, expand the security management ability of system administrators (including security audit, monitoring, attack identification and response), and improve the integrity of information security infrastructure. We can use intrusion detection technology to build an active defense system of campus network and strengthen the protection of campus network, especially the protection of key network segments such as administration, teaching and research, and servers.
Campus network security and preventive measures 2 How to maintain campus network security?
1, the campus network is divided into internal network and external network, which means they can access the school's internal network or the Internet at the same time. College students usually play games and shop, and the school itself has its own server maintenance;
2. Under the general environment, firstly, install firewall equipment between the campus network and its Internet access point to prevent external attacks, and update it frequently to resist external attacks;
3. In order to protect the security of all users of the campus network, we should strengthen the security, in addition to the firewall, we should also increase anti-virus intrusion detection equipment such as ips and ids to analyze and detect external data to ensure the security of the campus network;
4. Take protective measures outside and inside, because some students' computers may be taken home or infected outside, so vlan isolation should be set on the internal core switch, and security equipment should be hung to detect and protect the ports;
5. There may be ddos attacks or arp virus spread in the intranet, so it is necessary to install anti-virus software on the server or computer, especially the school server system, to protect the safety of important computers.
6. For the server itself, we need to guarantee the server version of the system, often fix vulnerabilities and update security software. Ordinary computers usually dial up the Internet. If there is abnormal monitoring of upper-level equipment, it will generally not affect other computers. Take safety precautions and plan ahead.
Campus network security and preventive measures 3 campus network security knowledge
First, strengthen the education of students' network security knowledge, and require all teaching departments to actively offer computer network courses in accordance with the requirements of the national curriculum plan, so that students can master the necessary computer network knowledge. The school network classroom should extend the opening hours as much as possible to meet the students' online requirements. At the same time, it is necessary to combine the age characteristics of students, adopt flexible and diverse forms, impart necessary network security knowledge to students, and enhance their awareness and ability of security prevention.
Two, to further carry out the "National Youth Network Civilization Convention" study and publicity activities. Educate students to be good at online learning and not browse bad information;
Honest and friendly, not insulting and deceiving others; To enhance self-protection awareness, don't date netizens at will; It is necessary to maintain network security without disturbing network order; It should be beneficial to physical and mental health, and we should not indulge in virtual time and space.
Third, strengthen the management of students' online places such as electronic reading rooms, multimedia classrooms and computer rooms, prevent unhealthy content such as reaction, pornography and violence from endangering students, and guide students to treat the Internet correctly and surf the Internet in a civilized way.
Fourth, strengthen the construction and management of network civilization and network security. Take various effective measures to improve young students' ability to distinguish right from wrong, network moral level and self-discipline awareness, as well as their ability to prevent injuries and protect themselves under the network environment. In the process of campus network construction, we should pay attention to the establishment of network security measures, provide multi-level security control means and establish a security management system.
Fifth, strengthen the publicity and education of campus network civilization. All departments and teaching departments of the school are required to pay attention to the study and prevention of the adverse effects of the network on young people and actively guide young people to surf the Internet healthily. Strengthen the construction of teachers, so that every educator can understand network knowledge, abide by network ethics, learn network laws and regulations, and educate students on network ethics and network security through classroom teaching and extracurricular activities.
Six, increase exchanges and cooperation with the relevant departments of national network security, and strengthen the governance of Internet service places around the campus. Actively cooperate with the municipal public security, fire protection, culture, industry and commerce, urban management and other departments. To carry out the monitoring and management of the internet service business premises in and around the school to prevent students from indulging in internet cafes.