Wired and wireless integration to save Security (1)

Is there any more hot spot than wireless networks and green environment protection? Security and savings are also the key points. This article introduces the integrated security and saving content in detail from the perspective of wired and wireless integration. Hope to help you.

Integrated Security Technology

WLAN is gradually becoming an essential access method for office networks and enterprise networks. In most cases, wireless networks are managed separately from existing networks (primarily wired networks) as independent networks. This leads to the need for separate management systems and security policies for wireless networks, so that their management costs remain high. In addition, the existing wireless security technology is basically designed for physical and link layer security issues, and attacks from the network layer to the application layer are often insufficient, for example, the wireless intrusion detection system can effectively detect and defend against attacks based on the 802.11 management protocol, but it is powerless to defend against virus attacks.

With the large-scale deployment of wireless networks, how to combine wireless security technology with existing mature wired security technology to form an integrated security system has become the focus of network builders. From the perspective of network development, wired and wireless network convergence will be the trend of network development in the future. Wireless Network Security will gradually evolve from the original emphasis on the security of wireless networks to the focus on wired and wireless integrated security.

The wired and wireless integrated security solution has the following features:
◆ Wired and wireless networks share a security architecture;
◆ Wired and wireless networks share a set of endpoint access solutions;
◆ Unified management of wired and wireless user access control.

Perform the following analysis:

1. Integrated Security Architecture

More and more manufacturers have integrated wireless switching, firewall, intrusion detection, and VPN functions on existing wired switching devices. By installing different security service plug-in cards on rack-mounted devices, you can seamlessly integrate security services and switching devices to detect multi-layer protocols from the wired and WLAN Access layers to the application layer, achieve a highly integrated wired and wireless integrated security solution.

These security business plug-in cards often use telecom-level hardware platforms to implement the linear processing capability of security devices for core enterprise users through multi-core systems, so as to implement in-depth network security protection for users.

Based on the integrated security architecture, it can be supported at the application layer and IP layer:

◆ Enhanced State Security Filtering: supports the Application Specific Packet Filter protocol of ASPF, maintains and monitors each connection status information, and dynamically filters data packets, monitors the status of FTP, HTTP, SMTP, RTSP, and H.323 (including Q.931, H.245, RTP/RTCP, etc.) application layer protocols, and monitors the status of TCP/UDP applications.
◆ Defense against attacks: including various DoS/DDoS attacks (CC, SYN flood, DNS Query Flood, etc) ARP spoofing attack prevention, ARP active reverse query, TCP packet flag illegal attack prevention, ultra-large ICMP Packet Attack prevention, address/Port Scan prevention, ICMP redirection or inaccessibility Packet control functions; supports intelligent worm prevention technology.
◆ Content filtering at the application layer: it can effectively identify and control various P2P applications in the network and take throttling measures for these applications to effectively protect network bandwidth. It can identify and control IM protocols, such as QQ and MSN; supports mail filtering; provides SMTP mail addresses, titles, attachments, and content filtering; supports webpage filtering; provides http url and content filtering; supports application layer filtering, provides protection against Java/ActiveX Blocking and SQL injection attacks.
◆ Centralized management and audit: provides various log functions, traffic statistics and analysis functions, various event monitoring and statistics functions, and mail alarm functions.

Once security threats (such as viruses) are detected at the IP layer and application layer and these attacks come from wireless users, the system will automatically notify the intrusion detection system (module) to add these users to the blacklist list, implements unified control between the wired and WLAN Access layers and the application layer.