Design And Research Of Dynamic Network Control Based On The Improved Trusted Network Connect

Network access control is to check the terminal in according with the security policy is specified when the terminal connected to the existing network.If the terminal security requirements compliance with security policy, the system will allow the terminal access to the existing network.With the computer network information secuirity issues become increasingly complex, faced the computer network security platform framework situation, this paper conducts a design and research on the security implementation of network access control based on Trusted Network Connection (TNC) architecture.This paper analyzes the current existing trusted network connection architecture technology and trusted computing, TNC has one-way measurement, static port control and lack of security protocol support potential risks.This paper presents an improved model of the TNC, Using802.1X port authentication protocol and the RADIUS protocol to achieve the system authentication and management, hierarchical control is realized by using dynamic VLAN technology.By implementing bidirectional measures,an improved system realizes the network and terminal mutual trust; Through the design of security network protocols, and satisfy the communication between terminals and network security;Through the dynamic network system design, hierarchical network system is established, According to the different security status of the terminal, the division of different trusted levels, and give different access privileges.Tests show that the system can adjust the terminal trusted level dynamically according to the safety of the terminal state changes, also have certain self-healing ability, realizes the dynamic network access control on the system.The idea of the traditional network security mainly gives priority to prevention, defense focused on the protection of the server and passive isolation of viruses and trojans,while ignoring the safety of terminal itself and the active control of security threats. The improved architecture of TNC and the security design of network access control evaluate the safety of the access terminal and adjust the trusted levels, on the basis of the traditional network control,the system control the security threat actively, provides the guarantee for the security of network access.