Network authentication system on basis of switchboards and authentication method for network authentication system

Abstract

The invention discloses a network authentication system on the basis of switchboards. The network authentication system comprises the security access control switchboards, a security management server, an address allocation server, a Web access authentication server and user terminals. The invention further discloses an authentication method applied to the network authentication system on the basis of the switchboards. The authentication method includes steps that 1, the security management server configures security strategies; 2, the user terminals access a network, and the security access control switchboards learn relevant information of the user terminals; 3, the security access control switchboards determine whether the user terminals need Web authentication to surf the network or not according to the relevant information of the user terminals and the security strategies; 4, the Web authentication server authenticates users if the user terminals need the Web authentication; 5, the security access control switchboards allow the user terminals to surf the network if the users are successfully authenticated. The network authentication system and the authentication method have the advantages that the Web authentication bound with multiple elements can be performed on the network access users, so that the network authentication security is improved, the network reliability is enhanced, and the like.

Description

technical field [0001] The invention relates to a network access authentication technology, in particular to an exchange-based network authentication system and an authentication method thereof. Background technique [0002] With the rapid increase in the number of network users, network management and security issues are becoming more and more severe. Considering the characteristics of the campus network, which has many and scattered users and users have different network requirements, it is becoming more and more difficult for the traditional access authentication system to adapt to the increasing network scale and The requirements of diverse user needs make the disadvantages of traditional authentication increasingly prominent. [0003] Web authentication is a method widely used at present. It relies on a Web browser to perform interactive authentication with a Web authentication server through HTTP and HTTPS protocols. Compared with traditional access authentication met...

AI Technical Summary

Problems solved by technology

Traditional web authentication often implements quasi-exit control of network traffic on the egress gateway device, which poses a security risk in the intranet; while the existing web authentication scheme based on network access devices, although network traffic access control is implemented on the network access device The access control improves the security of the intranet to a certain extent, but because there is no legality check of the source MAC address and source IP address for all user data packets that pass the Web authentication, false address spoofing may occur and related network attacks, and such network deception and attacks are difficult to track, making it increasingly difficult for network managers to effectively manage the network

Images