| Since the size of enterprises and organizations’network keeps expanding and access points in branches/mobile offices/visitors increases, network vulnerabilities in each level is multiplying correspondingly. Driven by illegal profit, professional hackers usually aim at enterprise terminal, take advantage of security bugs to get access permission of valuable resources and then make security accidents such as attacking core business system, eavesdropping/breaching data, severing core business or spreading malicious codes, so as to harm business and reputation of target enterprises. In the information age, information can help groups or individuals so that they benefit from, the same information can also be used to pose a threat to them, caused damage. Therefore terminal security, including the composition of network hardware, software and network transmission of information security, so that they do not because of accidental or malicious destruction of the attacks, terminal security not only the technical aspects, but also management issues, both complement each other, are indispensable.In this paper, the author introduces methods to enhance security precaution ability, strictly monitor end-host access to controlled network, and initiatively strengthen end-host security and network connection control management in case unauthorized/insecure end-user connect into controlled network. Management of end-host has to comply with security policy, and the end-host security must be verified before connection to controlled network completed. Establishment of access permission management mechanism (i.e. distribute various access permission according to end-users’specific work demand) can be helpful to protect core network resources of enterprises, and strong behavior management of end-users can ensure proper use of network resources. To set up security precaution mechanism, end-hosts need to be reinforced ahead and found security bugs should be well fixed.TSM (Terminal Security Management) system is designed to assess security status initiatively before points connecting into network, establish access mechanism in accordance with users role and fix system bugs that fail to conform security underline, in order to shield network from viruses and construct an integrated, brief and manageable terminal security environment for enterprises and organizations. |
PDF Full Text Request