2. Security protection of the computer room of the pre-press publishing network system

The security protection of the computer room is mainly to do some basic security protection work in the computer room, such as: install and configure fire protection, lightning protection, anti-theft and other facilities, but also install the power system of the computer room, configure the ground wire device, it is best to configure the USP power supply for all computers and so on. The equipment room security protection mainly includes the following aspects:

 

1. Physical security protection for the main control equipment room.

 

2. Electrical safety of the main control room.

 

3. Workstation security protection in network system.

 

4. Prepress publishing network system room specific security protection measures.

 

1. Location where the antivirus software is installed.

Network workstations are the main way viruses enter the network, so it is reasonable to install anti-virus software on the workstation. Because the task of virus removal is shared by all workstations on the network, which makes the task of each workstation very easy, if each workstation is installed with the latest anti-virus software, so that virus scanning can be added to the daily work of the workstation, the performance may be slightly reduced, but there is no need to add new equipment.

The mail server is the second focus of anti-virus software.

Email is an important source of viruses. Emails enter the mail server and are stored in the mailbox before being sent to their destination. Therefore, it is very effective to install anti-virus software at this time. You don't need to install a mail server if the prepress network doesn't have one installed.

 

The network system backup server is used to store important data, if the backup server also crashed, then the entire system will be completely paralyzed. Corrupted files on the backup server cannot be recovered and may even infect the system. To protect the backup server from virus infection is an important part of network security. Therefore, good antivirus software must be able to resolve this conflict and work with the backup system to provide virus-free real-time backup and recovery.

 

 

2. Deploy and manage antivirus software.

① Make a plan. First, understand what type of data and information is stored on the managed network, so as to develop an anti-virus operation plan.

 

 

 

 

 

(1) The host that uses teinet, ftp, etc. to transmit important confidential information of passwords should set up a separate network segment to avoid a certain computer being breached and the attacker being sniffer, resulting in the entire network segment communication being exposed. If possible, the key host must be installed on the switch to prevent the sniffer from eavesdropping on the password.

 

(2) Dedicated hosts only set up special functions, for example, the host running the network management, database important processes should not run the program with more security vulnerabilities. The access control in the network segment router should be limited to a minimum, and the necessary process port number of various processes should be studied and unnecessary ports should be closed.

 

(3) The log files of each host open to users are all directed to a syslogdserver for centralized management. The server can be supported by a uni* or WindowsNT host with a large capacity storage device, and the data on the backup log host is regularly checked.

 

(4) The network management shall not access the Internet, and should set up a special computer to download tools and materials using ftp or WWW.

 

(5) Hosts that provide email, www, and DNS functions do not install any development tools to avoid attackers compiling attack programs.

(6) The principle of network configuration should be "user rights minimization", such as shutting down unnecessary or unknown network services, and sending passwords without email.

 

(7) Download and install the latest operating system and other application software security and upgrade, install several necessary and necessary security strengthening tools, restrict access to the host, strengthen logging, check the integrity of the system, regularly check the user's fragile password and notify the user to modify as soon as possible. The passwords of important users should be changed periodically. Different hosts use different passwords.

 

(8) Regularly check the system log files, back up in time on the backup device, formulate a complete system backup plan, and strictly implement it.

 

(9) Periodically check key configuration files in the network system.

 

(10) Formulate detailed invasion emergency measures and river report system. Find signs of intrusion, immediately open the process recording function, while saving the process list in memory and network connection status, minamata current important log files, in the case of conditions, immediately open another host on the network segment to monitor network traffic, and try to locate the location of the intruder; You can also disconnect from the Internet; In the event that the service host cannot continue service, it should be able to restore service from the backup reserve to the backup host.

 

Taking some preventive measures to prevent hackers can greatly weaken the attack ability of hackers and play a good role in protecting network security. Of course, the same software can be used to prevent hacker attacks as anti-network viruses.

 

In addition, the use of anti-black software can greatly strengthen the ability to defend against hackers in the network system, of course, this is also one of the most convenient network system security protection methods, after the installation of anti-black software packages in the network system, generally do not need to carry out a large number of protective operations, just often check. For the choice of anti-black software, you can use the online anti-virus software with anti-black function, special anti-black software and firewall software.