Similar to ARP viruses, it is usually manifested in direct attacks on Internet cafes, which causes users to frequently disconnect from the Internet. Solving Network Attacks has become a hot topic in Internet cafes, internet cafe switches can identify, block, limit, and record ARP and DDOS attacks. When purchasing a vswitch in an Internet cafe, you must purchase a product that can defend against network attacks.
In the opinion of most network administrators and technicians, a switch is simply used to expand the number of computers on the Internet and provide more LAN ports. It is regarded as a device that only forwards the data packets at the wire speed but never analyzes the data packets, in fact, in order to identify various malicious data traffic, the Internet cafe switch must use an Intelligent Chip to provide certain analysis and processing capabilities, it can accurately determine the problems of ARP and DDOS attacks.
Vrouters and firewalls cannot comprehensively solve the security problem of the local network. In terms of vswitches, such a security switch should have the following features:
Supports access control lists (ACLs) based on Ip addresses, Mac addresses, and applications)
Port Filtering for common diseases and viruses
Supports speed limits based on ports, Ip addresses, Mac addresses, and applications
Supports priority control (QOS) based on ports, ip addresses, mac, 802.1p, and applications)
Supports binding Based on mac + ip + vlan + port (ARP defense)
Supports logging ARP and DDOS attack events
To solve the security problem of the LAN, the switch can no longer simply complete the forwarding, but also need to determine the number of Blocked ports used by some common viruses, as well as the port speed limit.
Malicious websites are rampant, and virus transmission methods are tricky. LAN security must be valued by Internet administrators of Internet cafes.