Domestic hot: "How to better strengthen intranet security and management"
I trust the firewall very much, because that rule is I personally set, I just want to say, firewall, first shut open again----first all shut down, with what service again open what service.
This management model can be used for border management, but not for the intranet, the total can not let all business to stop first, intranet management or to use isolation, access control, AAA (user authentication and authorization) and so on. Boundary management is restricted, while intranet management is oriented to control, and the management measures are added gradually without affecting the application.
Use them as long as you can apply existing firewall standards, and make new firewall rules when the existing standards are not enough, and be prepared to use new firewall rules as long as the new standards are available and the equivalence features are improved.
In the protection aspect, the traditional firewall's packet filtering only matches with the rule table, to deal with the rules of the packet processing, does not conform to the rule of discard, we also use this method, but our policy configuration to be more flexible, can be based on manageable objects to form a variety of random combinations of configuration, attacks, intrusion behavior, We use pattern matching methods and preset thresholds to control.
Everyone is ignoring one thing, now the enterprise many use firewall is not to prevent hackers, but in VLAN, VPN, address conversion on the application. A good firewall if it is really used to prevent hackers is the best and IDs linkage.
Foreign hot: "Network management personnel in the mail server need to isolate 16 kinds of files"
These files, basically each if carry a virus or worm, are recruit fatal, so it is better to isolate the good. Because as long as a person can not resist their own curiosity to see the mail, the use of security vulnerabilities to attack the virus in a short period of time to wreak havoc. The consequences could result in user lists, passwords, and network structures being stolen by spyware or hackers.
1.vbe--VBScript encoded File
2.vbs--VBScript Script File
3.js--JScript File
4.jse--JScript encoded Script File
5.bat--Batch File
6.shs--Shell Script Object
7.pif--shortcut to MS-DOS program
8.chm--Compiled HTML Help File
9.wsf--Windows Script File
10.wsh--Windows Scripting Host File
11.scr--Screen Saver
12.lnk--shortcut
13.com--ms-dos Application
14.exe--Application
15.dll--Application Extension
16.cpl--control Panel
However, many times the virus is not directly in the above form, but compressed into packets, such as ZIP, RAR, and so on, but also need to increase the filter conditions:
A. Attachments are zip and other compressed formats
B. The size of the entire letter is less than 150KB
C. The compression package contains the above 16 kinds (optional)
This technique is not only to network management, to everyone is also very helpful, see the above rules of the mail, we have to filter their brains, do not open, directly delete the good.