Three major network security categories: Microsoft network access protection

Three major network security categories: Microsoft's network access protection and Microsoft's network access protection. How to recover it becomes the problem of Microsoft's network access protection, the steps of network security construction are explained in depth during the testing process.

The importance of network security construction in the informatization construction of enterprises is growing. In network security construction, terminal security has always been the key and difficult point of construction. Terminal management features a large number of features, complex situations, and frequent changes, it is not uncommon for a terminal to cause network security threats to the entire enterprise due to potential terminal security risks: A terminal is accidentally infected with a virus, thus becoming a virus source and rapidly infecting other terminals and servers, and the office network is blocked.

Network security includes the following networks:
◆ Enterprise office network
◆ Business system network, such as Finance Department network environment
◆ Enterprise VPN Network

The Microsoft Network access protection system provided by the Microsoft consulting service is a protection system for enterprise terminal access to the network. On the one hand, it prohibits non-enterprise terminals from connecting to and using the local network. On the other hand, it performs security checks on Enterprise terminals. When the terminal check results comply with the enterprise security policy, it allows terminals to access the enterprise network, otherwise, the terminal remains in the control area isolated from the enterprise network and is repaired.

Enterprise security policies are set based on enterprise security requirements, including terminal patch installation, terminal anti-virus software installation and version updates, virus code library updates, and personal firewall configurations, the configuration of Screen Protection, the running status of specific services, the computer or user group, and access time control. These security policies are formulated by the Security Department of Enterprise Informatization construction. The system supports online update policies and refresh the security policies before the terminal access check starts.

By implementing the Microsoft network access protection system, enterprise information construction can improve the overall security level of the network:

Microsoft Network Access protects enterprise network resources. Prevent external terminals from accessing the enterprise network. Microsoft Network Access protects enterprise servers from being accessed by external terminals. On the one hand, it eliminates the potential virus risks of external terminals against network security threats, on the other hand, it is impossible for external terminals to obtain enterprise data.

Microsoft Network Access protects enterprise network security. Before the terminal is connected to the enterprise network, the security of the enterprise terminal is checked. After the terminal is found to have security risks, the enterprise terminal is isolated in the control area. This process can prevent potential security risks of Enterprise terminals from threatening the enterprise network.

Improve the efficiency of enterprise network services. When the possibility of security threats reaches the lowest level, the quality of enterprise network services can be improved: the network operation efficiency is improved, the cost of network support is reduced, and enterprise information applications can better serve users. In the Microsoft network access protection system, the control server, Health authentication server, policy server, and repair server constitute a security control mechanism.

Control Server: control the network device through the port of the network switch. Health authentication server: process the health check and send port control commands to the control server: provides policy configuration tools to synchronize policies with clients and Health Check servers.