The LAN end is the line that is connected to the enterprise user. Some routers have LAN ports and can be connected to switches. Some network administrators connect the routers to the backbone switches and then to the General switches. Both of the above methods can be used. The latter is suitable for applications with high throughput. For general enterprise applications, the local port of the router can be forwarded based on bandwidth. In hardware configuration, this is relatively simple.
The experience of technical service personnel of xiaonuo points out that IP address management is very important for a good security network configuration. IP address is the IP address of the computer on the Internet. Therefore, you must be able to effectively manage the IP address to prevent attacks or control the problematic calculator. For network management, IP management should pay attention to the following four important items: using a fixed IP address for computers, issuing a fixed IP address for DHCP servers, and preventing unauthorized computer access and group management, the descriptions are as follows:
• The calculator uses a fixed IP Address:
The calculator uses a fixed IP address, which is the strictest configuration method. In this way, you must manually enter IP address-related data in the computer. The advantage of this operation is that the IP address of each machine must be specified in advance. If no IP address is specified in advance, the Internet cannot be accessed. external users or calculators cannot access the Internet easily through the enterprise network. However, for users, you must set a fixed IP address. In other cases, you must reset the IP address. For some users who often need to move, such as business personnel or senior executives, this may cause a lot of trouble.
• The DHCP server issues a fixed IP Address:
The advantage of the DHCP server is that you do not need to make any settings on the computer, which is more convenient for users. However, the disadvantage of DHCP is that, without any control, any user can access the enterprise's network, and it is easy to launch internal attacks, resulting in an impact. Therefore, an enterprise can issue an IP address through DHCP, but at the same time limit the IP address that can be obtained by the calculator for management. The IP/MAC binding function of the Qno xiaonuo router product allows you to identify the MAC address of the calculator through the network management configuration and issue a specific IP address, so that you can manage the IP address. At the same time, the IP/MAC binding function can also prevent users from modifying the IP address to obtain high permissions. The wrong MAC/IP combination will be blocked by the router "blocked wrong MAC address, this function can also prevent ARP attacks.
• Prevent Unauthorized computers from accessing the Internet:
For network administrators, uncontrolled computers often cause security problems. Some users bring their own computer into the computer, and even other users enter the company network through wireless networks. This problem can be solved by preventing unauthorized computers from accessing the Internet. Qno's IP/MAC binding function provides the function of "blocking MAC addresses not in the corresponding list" to achieve unconfigured MAC addresses of the network management and completely disable Internet access.
| Figure 1 |
| Figure 2 |
Related Articles]
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
