Virtual network technology

虚拟网技术主要基于近年发展的局域网交换技术(ATM和以太网交换）。交换技术将传统的基于广播的局域网技术发展为面向连接的技术。因此，网管系统有能力限制局域网通讯的范围而无需通过开销很大的路由器。

Virtual network technology is mainly based on the LAN Switching Technology (ATM and Ethernet switching) developed in recent years. The switching technology develops the traditional LAN technology based on broadcasting into a connection oriented technology. Therefore, the network management system has the ability to limit the range of LAN communication without passing through expensive routers.

由以上运行机制带来的网络安全的好处是显而易见的：信息只到达应该到达的地点。因此防止了大部分基于网络监听的入侵手段。通过虚拟网设置的访问控制，使在虚拟网外的网络节点不能直接访问虚拟网内节点。但是，虚拟网技术也带来了新的安全问题：执行虚拟网交换的设备越来越复杂，从而成为被攻击的对象；基于网络广播原理的入侵监控技术在高速交换网络内需要特殊的设置；基于MAC的VLAN不能防止MAC欺骗攻击。

The benefits of network security brought by the above operation mechanism are obvious: information only reaches the place where it should arrive. Therefore, most intrusion means based on network monitoring are prevented. Through the access control set by the virtual network, the network nodes outside the virtual network can not directly access the nodes in the virtual network. However, the virtual network technology also brings a new security problem: executing virtual network The equipment of network switching is becoming more and more complex, so it has become the object of attack; the intrusion monitoring technology based on the principle of network broadcasting needs special settings in the high-speed switching network; the VLAN based on Mac can not prevent MAC spoofing attack.

防火墙技术

Firewall technology

防火墙可以说是网络安全的代名词。网络中的防火墙（包括安全网关）是一种用来加强网络之间访问控制，防止外部网络用户以非法手段通过外部网络进入内部网络，访问内部网络资源，保护内部网络操作环境的特殊网络互联设备及相关技术。它对两个或多个网络之间传输的数据包如链接方式按照一定的安全策略来实施检查，以决定网络之间的通信是否被允许，并监视网络运行状态。

Firewall is synonymous with network security. Firewall in network (including security gateway) It is a special network interconnection device and related technology used to strengthen the access control between networks, prevent external network users from entering the internal network through the external network by illegal means, access internal network resources, and protect the internal network operating environment. It checks the data packets transmitted between two or more networks, such as the link mode, according to a certain security policy to decide Whether the communication between networks is allowed, and monitor the operation status of the network.

防火墙产品主要有堡垒主机，包过滤路由器，应用层网关(代理服务器)以及电路层网关，屏蔽主机防火墙，双宿主机等类型。

Firewall products mainly include fortress host, packet filter router, application layer gateway (proxy server), circuit layer gateway, shielding host firewall, dual host and so on.

作为内部网络与外部公共网络之间的道屏障，防火墙是先受到人们重视的网络安全产品之一。虽然从理论上看，防火墙处于网络安全的底层，负责网络间的安全认证与传输，但随着网络安全技术的整体发展和网络应用的不断变化，现代防火墙技术已经逐步走向网络层之外的其他安全层次，不仅要完成传统防火墙的过滤任务，同时还能为各种网络应用提供相应的安全服务。另外还有多种防火墙产品正朝着数据安全与用户认证，防止病毒与黑客侵入等方向发展。

As the first barrier between internal network and external public network, firewall is one of the first network security products to be paid attention to. Although theoretically, firewall is at the bottom of network security and is responsible for security authentication and transmission between networks, with the overall development of network security technology and the continuous change of network application, modern firewall technology has gradually changed To move to other security levels outside the network layer, we should not only complete the filtering task of the traditional firewall, but also provide corresponding security services for various network applications. In addition, a variety of firewall products are developing towards data security and user authentication, preventing virus and hacker intrusion and so on.

病毒防护技术

Virus protection technology

计算机病毒（包括木马，恶意软件）历来是信息系统安全的主要问题之一。由于网络的广泛互联，病毒的传播途径和速度大大加快。

Computer viruses (including Trojans and malware) have always been one of the main problems of information system security. Due to the wide interconnection of networks, the transmission path and speed of viruses have been greatly accelerated.

病毒的传播途径包括：

The routes of transmission of the virus include:

(1) 通过移动存储设备进行病毒传播：如U盘、CD、软盘、移动硬盘等。

(1) Virus transmission through mobile storage devices: such as USB flash disk, CD, floppy disk, mobile hard disk, etc.

(2) 通过网络来传播：网页、电子邮件、即时通信、FTP。

(2) Spread through the network: Web page, e-mail, instant messaging, FTP.

(3) 利用计算机系统和应用软件的漏洞传播。

(3) Exploit the vulnerability propagation of computer system and application software.

在实际应用中，病毒通常时同时借助上述多种途径进行传播。

In practical application, the virus usually spreads through the above multiple ways at the same time.

以上的精彩内容来自：济南网站建设公司更多的精彩内容请关注我们的网站：http://www.jnzyjz.cn

The above wonderful content comes from Jinan website construction company. For more wonderful content, please pay attention to our website: http://www.jnzyjz.cn