Simple network management protocol (SNMP)-based terminal security access control method

Abstract

The invention relates to a simple network management protocol (SNMP)-based terminal security access control method. The control method comprises the following steps of: setting a relationship between a port of a switch and a media access control (MAC) address, and providing control over the access of the MAC address of terminal equipment to a network; when the terminal equipment accesses the switch through a network cable, reporting the MAC address accessed to a control system in form of TRAP message by using the terminal switch, and when the control system judges that the access of the MAC address from the port is allowed, configuring the port of the switch into an enabled state; when the access of the MAC address is judged to be illegal, disabling the port; and after an illegal access connecting cable is removed, transmitting the state of the port of the terminal switch as a default state through an SNMP by using the control system to realize control over the access of a single MAC address to a specific terminal switch or a plurality of switches in a specific region. The overall migration cost and difficulty of a system are lowered, much infrastructure deployment cost can be greatly saved for an enterprise, and infrastructures are easy to deploy and operate.

Description

technical field [0001] The invention relates to the field of terminal security access control, in particular to a method for controlling terminal security access based on the SNMP protocol. Background technique [0002] At present, the security problem of enterprise LAN environment is prominent. Enterprises are facing the pressure of terminal access control brought by internal threats, branches, visitors and mobile office. Professional hackers driven by profit often target enterprise terminals and exploit security loopholes in terminals. Obtain unauthorized access to important resources, and then launch attacks on core business systems, resulting in data eavesdropping or destruction, core business interruption, malicious code, information leakage and other security incidents, resulting in loss of business and reputation. [0003] SNMTP (Simple Network Management Protocol), as a general security management standard protocol, can monitor the running status and data exchange i...

AI Technical Summary

Problems solved by technology

[0004] The technical problem solved by the present invention is to provide a method that can solve the problem of illegal access of terminals in the enterprise local area network environment, and at the same time realize roaming control of mobile terminals in large and medium-sized environments Function, which solves the security problem of illegal terminal access in enterprises, and at the same time realizes the needs of mobile office, adopts SNMP protocol to realize, strong network adaptability, reduces the cost and difficulty of overall system migration, and can make full use of the existing network architecture , a control method for terminal security access based on SNMP protocol that does not require expensive network architecture transformation

Images