Network security should begin with two aspects
First, management layer. Including the establishment, implementation and supervision of various network security rules and regulations
2. technical level. Including implementation of various security devices and application of security technical measures
Security is about spending money. If you don't want to spend money, you can use these devices.
I think we should start from the following points:
1. Formulate and implement the network security management system, including server and personal host security management, including permission management, etc.
2. Develop and implement routine network security work procedures, including online behavior monitoring, including intrusion monitoring
3. In terms of technology, it is estimated that you use a vswitch or wireless router DHCP to allocate IP addresses for Internet access after a leased line is connected. In this way, you cannot manage internet behavior, you need a firewall for packet filtering and logging, or a proxy server for online behavior management and logging.
4. LAN computer system management, including operating system anti-virus updates, and other work bastion hosts, often take the initiative to send data from internal computer viruses, it is already very common to cause leaks, so it is important to do a good job of host protection.
Of course, if you have money, black hole system, intrusion detection, vulnerability scanning, multi-level firewall audit system, you can say hello.
The last note is that no absolute security is relative.
What level of security do you need?
Management is always better than technical technology, but only auxiliary means
This article is from the blog "don't go forward, leave-minshao", declined to repost!