Terminal access office network security control method and authentication server

Abstract

This application discloses a terminal access office network security control method and an authentication server. The method includes: receiving a RADIUS protocol authentication request sent by a switch, and the RADIUS protocol authentication request carries the terminal's user name, password, MAC address, switch address and The name of the access port where the terminal is connected to the switch; check whether there is the second network access information of the terminal with the same MAC address in the white list of the terminal; if it does not exist, send an authentication failure notification to the switch; if it exists, compare the first network access information one by one Whether the terminal user name, password, switch address, and access port name in the terminal are the same as the corresponding information in the second network access information; if they are the same, a notification of successful authentication is sent to the switch; if they are not the same, a notification of authentication failure is sent to the switch. This application can strengthen the security management and control of the office network.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a terminal access office network security control method and an authentication server. Background technique [0002] This section is intended to provide a background or context to embodiments of the invention that are recited in the claims. The descriptions herein are not admitted to be prior art by inclusion in this section. [0003] Large-scale enterprise groups generally have their own dedicated internal office network systems to provide voice calls, high-fidelity video conferencing and other office application services for enterprise employees. Such as figure 1 As shown, the logical structure of the office network system can be divided into: 1) business platform, which mainly includes business management systems of various terminals, such as production management system or office management system; 2) media processing layer, which mainly provides multimed...

AI Technical Summary

Problems solved by technology

Large-scale enterprises have many branches, scattered regions, and high complexity of physical space. Various terminals are distributed and deployed in multiple office areas across regions, making intensive management difficult.

[0006] 2. Safety compliance risk

The network real-name system is the basic requirement of the national network security regulations. Large enterprises have many employees and strong mobility. The management and control methods at the terminal level are insufficient, and there is a greater risk of security responsibility audits.

[0007] 3. Information confidentiality risk

The office network will inevitably involve some sensitive information and confidential information. However, under normal circumstances, all types of access terminals do not enable the mandatory security authentication mode, and the anti-monitoring ability is weak. Once a leak occurs, it will bring great harm to the administrator. Passive, or even seriously damage national security

Images