The function of network management includes configuration management, performance management, security management, fault management and so on. Network security management has gradually become an important part of network management technology due to network Security's performance and management, and it is being widely concerned by computer users.
I. The unsafe factors in the Enterprise computer network system
1, the network inside. That is, for enterprises or internal employees of the workstation, we can not guarantee that every operation is correct and safe, in most cases, they only know how to use the computer in front of their own to complete their own job. And for other, such as viruses, trojans, spyware, download or run an unreliable program, the use of mobile devices to replicate files with viruses, and other seemingly ordinary operations, often through the internal network in a workstation misoperation and access to the network and quickly spread.
2, hardware failure. Computer hardware such as disk, memory, network card, power supply, motherboard, etc., network equipment such as routers, switches, transmission equipment, and so on, any one of the above hardware failures, can cause information loss, and even lead to the entire system paralysis.
3, each kind of security mechanism has certain application scope and the application environment. The firewall is an effective security tool, it can conceal the internal network structure, restrict the external network to the internal network access. However, firewalls are often powerless to access the internal network. Therefore, the firewall is difficult to detect and guard against intrusion behavior between internal network and inside and outside collusion.
4. The use of safety tools is influenced by human factors. Whether a security tool can achieve the desired effect depends largely on the user, including system managers and ordinary users, and improper settings can create unsafe factors.
The back door of the system is where traditional security tools are difficult to take into account. Firewalls are hard to take into account, and in most cases, such intrusions can be very difficult to detect through firewalls. For example, the well-known. 89 source problem, it is the 338 service designers left behind a backdoor, anyone can use the browser from the network to easily pull out the source of the 89 program, which can collect system information, and then the system to attack. Firewalls are not detectable for this type of intrusion, because for firewalls the access process is similar to normal access, except that intrusion access adds a suffix to the request link.
5, as long as there is a program, there may be bugs, even the security tool itself may have security vulnerabilities. Today's popular operating systems have a large number of vulnerabilities and flaws, and new vulnerabilities and the use of various vulnerabilities of worm variants, the rapid development of the network also provides such threats a high-speed breeding medium.
6, hackers, although a wide range of attacks, but the main use of the following two types of vulnerabilities: one is the TCP/IP protocol itself, because the original design of TCP/IP protocol based on mutual trust network, so lack of security considerations; the other is operating system vulnerabilities, many The operating system emphasizes the convenience of the system in its structure design and code design, which leads to the security vulnerabilities in remote access, privilege control, password management and other aspects. Hacker attacks are constantly being updated, with different system security problems appearing almost every day. However, security tools are too slow to update, and most situations require human involvement to discover previously unknown security issues, which makes them too slow to react to emerging security issues. Other security issues arise when security tools have just discovered and are trying to correct a security problem in one area. Therefore, hackers can always use advanced, security tools do not know the means to attack.