| To ensure bank's information system security is an important part of avoiding and eliminating financial risks,because the security of bank's information system is related to the security of entire financial architecture greatly. With the application of the financial network, a lot of security pitfalls are created in the bank's information system,how to construct an effective information security architecture of bank's network has been an actual and imminent problem. To construct bank's network information security architecture is a systematic project,we should conside from security policies, security techniques and security managements etc., we should think of the bank's network information security insurance from information protection ,detection,response and recovery etc.,the author will research the bank's network information security from the aspect of information protection on the basis of researching information security theories in-depth and the practice of acting bank's network information security work for a few years, the author will apply it in practice and hope which act as a reference and guidance in information security architecture of bank's network.The author spelled out the basic concept of information security and the network information security architecture in this dissertation. The author researched information security theories in-depth,analysed the threats of bank's network information security protection in-depth, gone into these key techniques which consist of encryption,firewall,anti_viras,IDS,Vlan,access_control,hot standby etc. in bank's network information security protection. Based on this, the author carefully thought of application encryption and digital signature,setup of Firewall hot standby,central array and auto update of anti_virus system,the array of IDS,the achievement of dynamic Vlan and Vlan hot standby,the scheme of access control and QOS,setup of Routers and Switches hot standby in combination with the threat characteristices in bank's network information security protection,reached achievement of bank's network information security protection by means of actual array,setup and execution. The author engaged in designing and coming into effect these techniques and systems in actual application,and these techniques and systems have not appeared any questions about security since these techniques and systems run so that the author had been rewarded by leaders and staffs.Finally, the author analysed emphasis about the objects protected,the risks and vulnerabilities confronted,the validity about existing security measures,the potential risks by quantitative and qualitative means, brought forward suggests about controling risks and strengthened bank's network information security protection by assessing security. |