A new blocking method for network security

within a network if you enable the ARP spoofing interrupts, serious ARP spoofing occurs , the consequences will be catastrophic. Users will not be able to distinguish between active ARP spoofing blocking and real ARP spoofing, which will bring great difficulties to the user's troubleshooting and seriously affect the user's business. On the other hand, in most ARP spoofing blocking implementations, the target computer is often spoofed by all the computers in the subnet, and if the target computer does not have to be deceived, all computers are required to stop spoofing, and if the individual computers do not receive instructions to stop spoofing, Will cause the target computer to continue to be unable to access the network normally, resulting in user operation and maintenance incidents. Therefore, the intranet security should be used in a dialectical way, the network security Risk management and audit system put forward different ideas.

1. Avoid single, use a variety of blocking methods

intranet security Risk management and audit system in terminal access boundary switch, can block illegal terminal access intranet through network admittance control, at the same time, in the background important server, through application admission control, realize blocking illegal terminal access important server and service resources. That is to say, from the intranet access boundary, background server resources and the client itself to achieve seamless access control. In the environment that does not support the two conditions of network access and application access, it also uses the blocking mode of ARP spoofing, however, this kind of blocking mode is greatly regulated and limited, especially in the personal firewall as long as the interception to ARP spoofing attacks, Will immediately stop the client from sending spoofing packets to other clients, thus radically altering the disadvantage of ARP spoofing. In addition, the intranet security system and the Tian Qing Hamma USG Integrated Security Gateway (UTM) Form a UTM square Unified security Suite that provides extranet border access control to block illegal terminal access to the Internet .

2. Active defense against ARP spoofing

Network security system through check IP packet header, which ensures that packet spoofing cannot occur. By monitoring the initiation process of network behavior, the Trojan is prevented from hiding the process of network access. Prevent intranet ARP spoofing by monitoring ARP request or reply packet, automatically binding gateway MAC, rejecting delay ARP reply packet, etc. Built-in powerful enterprise-class host firewall system, using access control, traffic control,ARP spoofing control, network behavior mode control, illegal external control and other means, to achieve the threat of computer terminal active defense and network behavior control, so as to ensure the computer terminal two-way access security, behavior controlled, Effective protection against suspected attacks and unknown viruses on the enterprise intranet.

3. Threat Active defense based on terminal network behavior mode

The Intranet security system has the threat active defense mechanism based on the terminal network behavior mode, through centralized control each computer terminal network behavior, limits the network behavior the main body, the goal and the service, and combined with the security state of computer terminal to control network access, can effectively cut off " Independent process type " worm transmission pathway and Trojan Horse and hacker attack route, make up anti-virus software " The number of concurrent connections. Restrict network access to the exception process by monitoring Udp

intranet security system closely around the " compliance ", including enterprise-class host firewall system, through the " Terminal access control, terminal security control, desktop compliance management, terminal leak control and terminal Audit " Five-dimensional management, Comprehensively improve the network security and compliance management level. Intranet security system leads the new change of intranet security management mode, while exercising terminal security management function, it is also composed of Hamma USG Integrated Security Gateway (UTM) with " network boundary, terminal boundary " the UTM Square Unified Security Suite, which is the main protection target , constructs a multi-level defense-in-depth system, changes the traditional intranet security management mode of " passive and event-driven ", and creates " Active defense, Compliance management " as the goal of the new era of intranet security management .

A new blocking method for network security