Speaker
Mrs
L. Ma
(INSTITUTE OF HIGH ENERGY PHYSICS)
Description
Network security at IHEP is becoming one of the most important issues
of computing environment. To protect its computing and network
resources against attacks and viruses from outside of the institute,
security measures to combat these are implemented. To enforce
security policy the network infrastructure was re-configured
to one intranet and two DMZ areas. New rules to control the access
between intranet and DMZ areas are applied. All hosts at IHEP are
divided into three types according to their security levels. Hosts of
the first type are isolated in the institute and can just access the
hosts inside of IHEP. The second type hosts access Internet
through NAT. The third type hosts will directly connect to outside.
An intrusion detection system works with firewall so that all packets
from outside IHEP are checked and filtered. Access from outside will
go through firewall or VPN. In order to prevent virus spread at IHEP
and reduce the number of spam mail we installed a virus filter and
spam filter system. All of these measures make the network at IHEP
more secure. Attacks, virus and spam mails decrease dramatically.
Primary author
Mrs
L. Ma
(INSTITUTE OF HIGH ENERGY PHYSICS)
Co-authors
Mr
B. Liu
(Institute of High Energy Physics)
Mrs
C. Wu
(Institute of High Energy Physics)
Prof.
C. Yu
(Institute of High Energy Physics)
Mr
D. An
(Institute of High Energy Physics)
Prof.
G. Chen
(Institute of High Energy Physics)
Mrs
R. Liu
(Institute of High Energy Physics)
Prof.
R. Xu
(Institute of High Energy Physics)
