Enterprise network security management method

Abstract

The invention discloses an enterprise network security management method, which comprises the following steps of: constructing a DMZ firewall between an enterprise network and an extranet to realize the functions of real IP hiding and access control, and establishing an IPSecVPN between a head office and a branch company to realize security information transmission of intranets in different regions, so that the risk is reduced, and the security is improved. Port security is configured on a two-layer switch, a data packet threshold value through which the port passes is preset, or MAC addresses allowed to be connected to the switch port are recorded through an MAC address table, a specific number or specific MAC addresses are allowed to use the port for communication, illegal equipment is prevented from accessing a network, MAC address table overflow caused by MAC address flooding can also be prevented, and by dividing vlan, the broadcast storm is reduced, and the pressure of the two-layer switch is fully shared; and in addition, link binding aggregation is used, the transmission bandwidth between the switches is increased, bidirectional authentication is carried out by configuring a PPP protocol and adopting chap, connection of illegal users is prevented, and the safety is further improved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to an enterprise network security management method. Background technique [0002] In recent years, enterprises have begun to adapt to the information age, and now the daily operations of enterprises rely on the Internet; enterprises all over the world are increasing the intensity of information construction, the development of the network has made network applications more and more extensive, and enterprises have begun to pay attention to Informatization construction, establishment of its own enterprise network, many businesses and management of enterprises rely on the network to operate; the degree of enterprise informatization has become a standard for measuring the strength of an enterprise; due to the initial stage of enterprise network construction, the overall network design is not clear enough and lacks a system Planning and long-term planning, insufficient network ...

AI Technical Summary

Problems solved by technology

[0002] In recent years, enterprises have begun to adapt to the information age, and now the daily operations of enterprises rely on the Internet; enterprises all over the world are increasing the intensity of information construction, the development of the network has made network applications more and more extensive, and enterprises have begun to pay attention to Informatization construction, establishment of its own enterprise network, many businesses and management of enterprises rely on the network to operate; the degree of enterprise informati

Images