Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

Port isolation of Network Security Technology

2025-02-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Port isolation technology is a technology that achieves sufficient isolation between the ports of a client to ensure that one client will not receive traffic from another. Through the port isolation technology, users can add the ports that need to be controlled into an isolation group, and realize the isolation of layer 2 and layer 3 data between the ports in the isolation group, which not only enhances the security of the network, but also provides a flexible networking scheme for users. After using isolation technology, unicast, broadcast and multicast will not occur between isolated ports, and viruses will not spread among isolated computers, especially for headache ARP viruses. Port isolation is to achieve the isolation between messages, different ports can be added to different VLAN, but it will waste limited VLAN resources. By using the port isolation feature, the isolation between ports in the same VLAN can be realized. Users only need to add ports to the isolation group to achieve layer 2 data isolation between ports in the isolation group. The port isolation function provides users with a more secure and flexible networking solution.

The port isolation feature is independent of the VLAN to which the port belongs. For ports belonging to different VLAN, only the layer 2 messages from the ordinary port to the uplink port of the same isolation group can pass through one way, and the layer 2 data of the port in other cases are isolated from each other. For ports belonging to the same VLAN, isolate the interworking of layer 2 data between the ports within and outside the group.

[experimental Topology]

[switch configuration]

[Quidway] dis cu

#

Sysname Quidway

#

Radius scheme system

#

Domain system

#

Vlan 1

#

Interface Aux1/0/0

#

Interface Ethernet1/0/1

Port isolate

#

Interface Ethernet1/0/2

Port isolate

#

Interface Ethernet1/0/3

#

Interface Ethernet1/0/4

#

Interface Ethernet1/0/5

#

Interface Ethernet1/0/6

#

Interface Ethernet1/0/7

#

Interface Ethernet1/0/8

#

Interface Ethernet1/0/9

#

Interface Ethernet1/0/10

#

Interface Ethernet1/0/11

#

Interface Ethernet1/0/12

#

Interface Ethernet1/0/13

#

Interface Ethernet1/0/14

#

Interface Ethernet1/0/15

#

Interface Ethernet1/0/16

#

Interface Ethernet1/0/17

#

Interface Ethernet1/0/18

#

Interface Ethernet1/0/19

#

Interface Ethernet1/0/20

#

Interface Ethernet1/0/21

#

Interface Ethernet1/0/22

#

Interface Ethernet1/0/23

#

Interface Ethernet1/0/24

#

Interface NULL0

#

User-interface aux 0

User-interface vty 0 4

#

Return

[verify]

Before changing:

After change:

[experimental Topology]

Layer 3 switch

Switch configuration:

Quidway > dis cu

#

Sysname Quidway

#

Radius scheme system

Server-type huawei

Primary authentication 127.0.0.1 1645

Primary accounting 127.0.0.1 1646

User-name-format without-domain

Domain system

Radius-scheme system

Access-limit disable

State active

Idle-cut disable

Domain default enable system

#

Local-server nas-ip 127.0.0.1 key huawei

#

Am enable

#

Vlan 1

#

Interface Aux0/0

#

Interface Ethernet0/1

Am isolate Ethernet0/2

#

Interface Ethernet0/2

Am isolate Ethernet0/1

#

Interface Ethernet0/3

#

Interface Ethernet0/4

#

Interface Ethernet0/5

#

Interface Ethernet0/6

#

Interface Ethernet0/7

#

Interface Ethernet0/8

#

Interface Ethernet0/9

#

Interface Ethernet0/10

#

Interface Ethernet0/11

#

Interface Ethernet0/12

#

Interface Ethernet0/13

#

Interface Ethernet0/14

#

Interface Ethernet0/15

#

Interface Ethernet0/16

#

Interface Ethernet0/17

#

Interface Ethernet0/18

#

Interface Ethernet0/19

#

Interface Ethernet0/20

#

Interface Ethernet0/21

#

Interface Ethernet0/22

#

Interface Ethernet0/23

#

Interface Ethernet0/24

#

Interface NULL0

#

User-interface aux 0

User-interface vty 0 4

#

Return

[verify]

Before modification:

After modification:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Port isolation inter layer 2 technology data user different switch customer security situation message topology scheme feature virus end experiment configuration vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple Apple Xiaomi MariaDB Shulou Information Shulou Technology NVidia Microsoft MySQL Docker vpn Redmi Shulou Tech Info Huawei Linux OPPO Reno macOS Apple Xiaomi MariaDB Shulou Information Shulou Technology NVidia Microsoft MySQL Docker vpn Redmi Shulou Tech Info Huawei Linux OPPO Reno macOS

Share To

Related

Network Security

More Network Security >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report