Immune network is the most fundamental solution to ARP (2)

Part II: immune network is the most fundamental solution to ARP

The network problem must be solved. At present, the immune network promoted by Xin Quan is the most practical method to completely solve the ARP problem.

In terms of technical principles, there are three key technical points for completely solving ARP spoofing and attacks.

1. the binding of the terminal to the gateway should be solid and reliable. This binding can resist the destruction of viruses.

2, access router or gateway to the following terminal IP-MAC identification always ensure unique and accurate.

3, the network should have a most reliable mechanism, to provide the most powerful protection of the gateway IP-MAC. It not only distributes the correct gateway information, but also immediately blocks false gateway information.

Immune networks have dedicated technical solutions to these three problems, and these technologies are the technical patents of the manufacturers. The following is a detailed description. Now, we will give a brief introduction to the structure and implementation of the immune network.

Immune Network is a security and management solution based on a common exchange network consisting of existing routers, switches, network cards, and network cables. In this way, in general network communication, security and management mechanisms are integrated to ensure security control in the network communication process, blocks the inherent security vulnerabilities of normal networks.

498) this. style. width = 498; ">

Structure of immune network

Implementing an immune network is not complicated and costly. All it has to do is replace the existing broadband access device with an immune wall router or an immune gateway. Under the immune wall router, you need to bring your own server to run the immune Operation Center 24 hours a day. The immune gateway is not required and has its own server. This is the hardware adjustment measures required by the solution. The hardware price ranges from 1000 yuan to 0.1 million yuan. large, medium, small, and micro-enterprises can choose from each other based on their needs.

Flexible network adjustment is the configuration and installation of IP address planning, grouping policies, and automatic installation of Internet access drivers on terminals to ensure the effective operation of the entire security management function. In fact, this part of work is not much different from the daily management of the network.

498) this. style. width = 498; ">

Immune Network Monitoring Center

Immune network has powerful basic network security and management functions, and its defense against ARP is only less than a tenth. However, this article is about ARP, so we need to look back and explain in detail the mechanisms of immune networks to prevent ARP spoofing and attacks. As for the more powerful immune networks, you can continue to study.

The above three technical points for ARP management, terminal binding, gateway, and organization, respectively, immune networks adopt special technical means.

1. terminal binding adopts the guard binding technology. The immune network requires that the driver be automatically installed on each terminal. the Internet cannot be accessed without installation or uninstallation. The guard binding in the driver is to store the correct gateway information in a non-public location for protection. Any changes to the gateway information cannot be successful due to the strict monitoring of the guard program, this completes the requirement for strong and reliable terminal binding.

2. ARP innate immune technology of the immune wall router or the immune gateway. In the process of NAT forwarding, due to the addition of a special mechanism, the immune wall router simply ignores any ARP statements on the terminal IP-MAC, that is to say, no one can cheat the gateway. Unlike other routers, the immune wall Router does not use the list of IP-MAC to work, of course, do not need to cumbersome router IP-MAC table binding and maintenance operations. Innate immunity, that is, this capability is also available without any need.

3, to ensure that the gateway IP-MAC is always the correct mechanism, in the immune network is a set of security mechanisms. First, it can distribute the real gateway information obtained from the vro to each internal network terminal, while the terminal with a driver can only accept such information. Other information is unacceptable, the unique correctness of the gateway is ensured. Secondly, on each terminal, the immune driver will intercept the gateway from virus errors so that it does not flow into the network and cut ARP spoofing and attacks from the root.

From the above three measures, the immune network does solve the long-standing ARP problem, technically rigorous, practical, and low cost. Therefore, compared with the four common ARP defense methods, immune network is the most fundamental solution to ARP.

Xin omnidirectional has been promoting immune networks and has successfully solved ARP problems for tens of thousands of users. Thanks to its superb technology, Xin Quan received the approval of many users. Now more and more users have accepted the immune network, and the prospect of immune network is bright.