Shulou(Shulou.com)06/02 Report--

Network *:

As mentioned earlier, AAA adopts Cramp S structure, and user information is managed centrally on the AAA server.

The user wants to access the network resources to establish a connection with the gateway. The gateway transmits the user's authentication, authorization and billing information to the radius server for audit and billing.

Fortress mainframe adopts AAAA technology to provide users with security management platform solution.

Fortress host combines routing switch packet filtering, firewall policy to protect internal network equipment security, Password mode (two-factor authentication)

Fortress mainframe structure

General fortress mainframe is divided into two systems: linux and Windows

Linux system: provides a database to store user names, passwords, user groups, resource groups, tables and other basic elements

Windows system: mainly provides third-party software interfaces to access resources without the need for users to install plug-ins (our clients use Windows, and some services are built using Windows Server)

There are different words in the market. There are popular names such as C _ pact S and B _ max S (Browser/Server). In fact, they are collectively referred to as C _ pact S.

Fortress host working mechanism: (release port for user policy)

Functions of the fortress host:

Internal network behavior management, command control technology, fine-grained policy control function, accurate log query and retrieval function, menu operation playback audit function, account password security management, FTP/SFTP file security transfer, support for standard SYSLOG log, real-time operation "live broadcast" monitoring function, program reuse and control technology, logic command automatic identification technology, distributed processing technology, real-time monitoring technology, Log secondary backup technology, multi-process / thread and synchronization technology, automatic report generation technology, continuous jump login technology, multi-channel login technology, data encryption function, audit query retrieval function, operation recovery technology, audit two-way backup technology.

Fortress mainframe is best combined with two-factor authentication

Single-factor authentication based on password authentication technology

Two-factor authentication is a time synchronization system, which uses an one-time password based on time, event and key variables to replace the traditional static password.

As long as there is static password protection, two-factor authentication protection can be used.

Authentication devices usually refer to two-factor authentication tokens, such as hardware tokens, SMS passwords, USBKEY, hybrid tokens (USBKEY+ OTP).

At present, two-factor authentication is commonly used in the following scenarios:

1. Protection of wireless network

2. Two-factor authentication of network devices such as routers, switches and firewalls.

3. For all kinds of dual-factor identity authentication

4. Protection of operating systems such as UNIX, Linux and Windows

5. Protection of different Web servers

6. Protect all kinds of Cramp S application system

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.