Neteye's application in a power plant's Network

Customer Profile

A power plant is a large-scale thermal power generation enterprise. As early as 1993, it established a 10 Gigabit network of computers covering the entire plant. This year, it was transformed into a Gigabit Ethernet network, and the core of the power plant adopted a 9000 enterprise-level switch of CoreBuilder of 3COM, it has a layer-3 Switch, Department switches use SuperStackII3900/1100, and dial-up routers use 3COM's RAS1500. The total number of ports is: 10/100 M, a total of 280. The center switch has 12 high-speed ports (Gigabit Ethernet ports.

Currently, four servers are running on the Internet, including file server, database server, Web server, and OA server. The network operating system uses Windows2000, the database uses Oracle 8I, And the Firewall uses NetEye.

Key challenges

Because the power plant uses Internet technology, resource sharing and openness are the characteristics of the Internet, but the security mechanism of the Internet is loose. Therefore, designing and developing a security mechanism to ensure the security of various internal information is the key to realizing the application of the Transaction Network. Security Technologies on the Internet mainly include system security, information security and network security technologies. Among them, network security is particularly important, and it is also a technical difficulty. The main technology of network security is Firewall. The core idea of Firewall technology is to construct a relatively secure subnet environment in an insecure inter-network environment. Currently, there are two implementation methods: Packet Filter-based firewall and Proxy-based firewall.

Solution

To ensure network security, we chose NetEye Firewall System of netesoft to fundamentally ensure that it will not be subject to human beings in the future. In the local area network, we also set up a PROXY server. On the one hand, we can manage users accessing the INTERNET and effectively save IP Address resources. On the other hand, we can work with the packet filtering firewall, improve the overall security of the network.

NetEye is Neusoft's comprehensive analysis of foreign Firewall Products, targeting our country's specific application environment, combined with the latest developments in the firewall field at home and abroad, A secure and reliable private firewall software with information analysis, efficient transparent packet filtering, and multiple anti-electronic spoofing methods is proposed. The NetEye application is equivalent to a transparent bridge between the Intranet and External Internet networks that require security protection.

Firewall Products outside China are complicated and difficult to configure. The NetEye software can flexibly manage and configure the monitoring host, as follows:

Manage different monitoring hosts at the same time

The implementation of the NetEye host monitoring function depends largely on the user's reasonable configuration of the host monitoring. The management host can easily manage any firewall monitoring host connected to the current LAN, so that one management host can monitor multiple monitoring hosts. In this way, the management of Multiple Firewall monitoring hosts is placed under one management host for centralized management, saving users money and management costs.

Allow/Deny Network Data

We have been discussing whether to allow or deny network data outside the firewall's monitoring scope. This is closely related to users' security requirements for internal networks. The basic principle of firewall is

. Anything that is not allowed is forbidden. Based on this rule, the firewall blocks all information flows through the firewall, and then gradually releases the desired services. This is a very practical method that can create a very secure environment, because only carefully selected services are allowed. At this time, the security is higher than the convenience of the user, and the scope of service that the user can use is limited.

What is not prohibited is allowed. Based on this rule, the firewall forwards all information flows through the firewall and gradually blocks potentially harmful services. This method forms a more flexible application environment and provides more services for users. However, in the face of an increasing number of network services, firewall administrators are exhausted, especially when the scope of protected networks increases, it is difficult to provide reliable security protection. To meet the requirements of different users, NetEye can set different user requirements, that is, whether to allow or deny data that is not under monitoring in the network, it is entirely determined by the user.

Network Log File Configuration

A network log file is a file that provides you with network data flow for a period of time. However, you can choose the following methods to provide network log files: 1. Record all filtering conditions. 2. Only rejected records are recorded. 3. only permitted records are recorded. 4. No record is required. Users can select one of the above four options to flexibly understand different data passing conditions in the network. Based on the TCP/IP protocol, the system records the information of each packet in the network according to the user's requirements.

Network data tracking record

Network data tracking is a function that allows you to understand the content of network data. Users can view network data that meets their requirements at any time (for example, data of one or more specific IP addresses, a specific network segment, or all data ), such network data is stored as files. The tracking and record of network data files is based on the TCP/IP protocol. network data packets are analyzed according to different communication protocols (such as FTP, TELNET, HTTP, WWW,) and reorganized, it is then stored as a file for your use.

Current Firewall Status

NetEye provides the status of the currently monitored firewall host to help you understand the monitoring host. For example, the IP address of the host monitored by the current firewall, the uploaded rule set, and the monitoring status of the firewall. The following is the suspension of the NETEYE Firewall:

IP address filtering based on network packets

Filtering IP addresses of network packets based on TCP/IP protocol is a function of most firewall systems. NetEye provides convenient and flexible IP packet filtering rules for editing and uploading. Inter-network transmission based on TCP/IP network data depends on the IP address of the data packet, filter (allow/Deny) network data based on the source address, Destination Address, port number, input, and output of network data packets to effectively manage data flow in the network, to monitor network data.

Packet Filtering Based on Network Data IP address and MAC address

To prevent unauthorized IP address theft, NetEye provides the function of binding the IP address and MAC address of the internal network, allowing you to conveniently manage the IP address and MAC address of the internal network.

Real-time/post-event analysis and processing of Network Data

Currently, most firewall products outside China cannot provide real-time/post-event analysis and processing of network data. NetEye provides users with the function of real-time analysis of flow data packets in the network. You can view the status and content of data packets containing the keyword in a certain period of time in the network by using a keyword, so that you can develop corresponding measures for some characteristics of the data packet. At the same time, some data packets that the user deems illegal can be recorded so that the parties can be held accountable afterwards. Likewise, post-event analysis of network data refers to the analysis and restructuring of different types of data packets (HTTP, WWW, E_MAIL, etc.) over a period of time, for user analysis and processing.

Monitoring and Analysis of Network Data Flow

The flow of data in the network is dynamic and difficult to grasp, and there are many types of data in the network (such as HTTP, FTP, TELNET, WWW, etc ). In this case, NetEye records the transmission of various packets in the network at any time. According to the TCP/IP protocol, data packets in the network are analyzed to classify data packets, and the data flow in the network is drawn into a column chart and pie chart in a short period of time, in this way, you can understand the data passing through the network in real time.

Customer rating

NetEye firewall of NetEye is fully functional, easy to use, easy to configure, and cost-effective. After practical use, NetEye has been well received by users.