| Hillstone Security Solution for School System Metropolitan Area Network |
| |
| |
|
|
| |
|
| 一、Public Education System |
The public education system in China mainly consists of primary and high schools. They are all managed by the education department at district, county and city levels. As usage of multimedia computers is becoming increasingly prevalent in education process, primary and high schools throughout the country build campus network of their own. This enables teachers to provide rich multi-media online education for students and reaching more education resources on the Internet.
The public education system MAN interconnects all the schools and educational institutions in the region, also it is also connected to the CERNET and the Internet. This provides a reliable, high-speed, and manageable network environment for local schools, offers extensive resource sharing as well as rich and convenient network application for users. This network is part of “Campus Communication Program” for local schools.
The general education MAN mainly has following security risks and vulnerabilities:
- Lack of effective defense against a variety of attacks
Attacks based on application vulnerabilities and applications with evasive techniques challenge traditional firewalls.
Widespread of computer and network viruses threaten network security and stability at any time.
ARP flood attacks cause access paralysis of the entire network.
- P2P traffic consumes network bandwidth
P2P traffic accounts for more than 60 percent of the total traffic, seriously affect the normal business.
P2P software is becoming the main channel through which computer viruses and Trojans are spreaded.
Need to provide flow control for users and selected applications.
- Remote security access
Need to provide secure and fast VPN access for working from remote offices and at home
- Internal network monitor and user behavior control
Need to monitor network operation status and user network behavior through analysis and statistics gathering of traffic, protocol and sessions
Need to record the network behavior and BBS posting content to provide strict network control and complete network auditing
- Unified and centralized management system
Need a unified and centralized management platform when deploying the whole network
Need statistics reports on traffic status, session status, and attack statistics from the management platform
|
|
|
|
