Network Management: three major disciplines of server security

With the rise of e-commerce, many small and medium-sized enterprises have their own servers. It is used to establish local networks internally to improve office efficiency. It also establishes external websites to publicize enterprise products and images more extensively and win more customers. However, as the core product of the network, server technology is relatively complex, especially in the network era where viruses are raging, security issues become more prominent. I have been in the company to manage servers and check their security for some time. I have accumulated some experience in my work and hope to share it with you.
I. enhanced overall network security

Many network administrators often have such misunderstandings in maintaining network security. They believe that they can be well prepared by patching a single server and installing protective walls and regular upgrade of operating systems. In fact, many hackers and viruses attack the entire network instead of directly attacking the server, but intrude into other computers as a springboard. Currently, many networks are managed in the form of domains. Once a hacker or virus successfully intrude into a computer that has a trust relationship with the server, attacking the server from this computer will become very simple. Therefore, the security of the entire network must be taken into consideration.

The first is security management. From the management perspective, we should use rules and regulations and other textual material specifications to restrict various behaviors against computer networks, such as prohibiting employees from downloading illegal programs at will, personnel other than the network administrator are prohibited from entering the central data center, and the network administrator's duty system is improved.

The second is security technology. From a technical perspective, we should use various software and hardware, various techniques and methods to manage the entire computer network. anti-virus software and firewall work together to ensure network security.

These two aspects are indispensable. Imagine that if there is only security technical support and there are no restrictions on the rules and regulations, even if the security work is in place at the beginning, employees can download illegal software at will, if anti-virus software protection is disabled, the entire network security is virtually empty. However, if only strict rules are not supported by technology, viruses and hackers can easily intrude into the system through Network Vulnerabilities. Therefore, security management and security technologies complement each other. network administrators must work hard on both aspects.

Ii. Enhance the security level of local file formats on the server

Currently, all servers use Windows or later versions. Therefore, to enhance the security level, you must use the user permission function provided by Windows server, according to the characteristics of each user, the special permissions for accessing the server are independently set for each user, so as to avoid security risks arising from the use of unified server access permissions.

To ensure server security, you must first make a fuss about the local file format, that is, convert the FAT format to the NTFS file format with a higher security factor. After all, the data stored in the FAT format disk partition is easier to access and damage than the data stored in the NTFS format disk partition, in addition, all the security software and encryption software are also for the NTFS format, and the protection for the FAT format is very weak.

In addition, it is best to use specialized network detection software to continuously monitor the running status of the entire network, pay special attention to reports on illegal intrusion and server operations, I am working in a company that uses IISLOCK to monitor the normal operation of web servers and MRTG to detect the traffic of the entire network.

Iii. Regular data backup

Data protection is a very important issue. Maybe the server's system has not crashed, but the data stored in the server has been lost. This situation causes more losses, especially for database servers, precious data may be stored for several years. How can we effectively protect data? Backup is the only option. In the past, data backup was performed by creating a backup folder or even a backup zone in another zone on the server. However, this backup method has a major drawback, that is, once the server's hard disk encounters a problem, data in all partitions will be lost, so that backup is not guaranteed. According to the theory that "don't put all the eggs in the same basket", we should use dedicated devices to save the precious data.

Server B is used to save data of server A and files of server B at the same time. This cross-backup method is very popular for A period of time. Another effective method is to use tape to store valuable data, but such investment will be relatively large.

At present, my company adopts the network storage device NAS to save the backup method, and connects individual NAS devices to the network, tools are regularly used to write precious data to the NAS hard disk. NAS devices use RAID to ensure data redundancy.

However, there are also huge security vulnerabilities in data backup, because the backed up data may also be stolen, so the backup media should be effectively protected by passwords during Backup, if necessary, you also need to use encryption software to encrypt the data, so that even if the data is stolen, data leakage will not occur.