Intranet security unified management platform and management method of management platform

Abstract

The invention discloses an intranet security unified management platform and a management method of the management platform. The intranet security unified management platform comprises an admission standard management system, an intelligent network management system and a multi-dimensional terminal security management platform. The management method comprises the steps of: carrying out feature identification on a terminal accessing to a network; carrying out query according to a feature of the terminal, taking an admission role; carrying out standard examination on the role to access the network according to the role authority; carrying out monitoring and irregularity response on security configuration and operation behaviors after the terminal accesses the network; carrying out monitoring and irregularity response on flow condition of the network; and carrying out statistics and BI (Business Intelligence) analysis on various kinds of events. According to the intranet security unified management platform and the management method of the management platform, admission control is realized through switching of an isolation region, the transmission of all data of a device in the isolation region is controlled through the management platform, the standard restriction is realized through a WEB authentication page on which the an access device is forced to access the management platform, and thus the non-client end admission control is realized, and the defect that a plurality of devices under a single port are simultaneously accessed to the network or simultaneously isolated is avoided.

Description

technical field [0001] The present invention relates to network security technology, in particular to an information system intranet security unified management platform and management method, which is an integration of identification, security inspection and security policy enforcement for users and terminals accessing the information system intranet Network security system. Background technique [0002] Admission Control is short for Network Access Control (NAC). Access control refers to the protection of the network boundary, and the compliance check of the terminals connected to the network and the users of the terminals. In the admission control industry, the most traditional technology is the international standard IEEE802.1x technology. 802.1x protocol—port-based network access control protocol (port-based network access control protocol), is an access control and authentication protocol for Client / Server. It can restrict unauthorized users / equipment from accessing...

AI Technical Summary

Problems solved by technology

[0009] Step3: If the authentication is passed, the controlled logical port of the access switch is opened; otherwise, the port remains closed, and the access device cannot access the network

[0010] The admission control scheme based on the 802.1x protocol has three major disadvantages: the inability to push the access page, extensive authority control, and insufficient support for the hub environment

[0011] First of all, all the current 802.1x platforms require network users to install a network client for authentication. Network access, this process is equally effective for visitors and regular employees. Due to the lack of support for guiding network access, even legitimate users cannot be assisted to access the network and cannot perform normal work. If the administrator manually installs the network access client end, and there is a heavy workload in the case of a large number of devices and scattered; second, many non-desktop ip devices (such as network printers) in the network cannot access the network without installing the client

[0012] Secondly, most 802.1x authentications are port-based. After the authentication is passed, the ports are completely released. Fine-grained authority control based on the destination address, destination port, or protocol cannot be performed according to different access roles. When all users can access with the same authority, it is easy to cause internal cross-access and leakage of important resources

[0013] Finally, for most switches, the standard 802.1x protocol cannot solve the situation where the hub is connected to the port

When a large number of hubs are used in the network, the port-based characteristics of the 802.1x protocol may easily cause a device under the hub to pass authentication and open the switch port, and all devices in the same hub broadcast domain will directly access the network without authentication. Network Security Vulnerabilities and Potential Risks

Images