{"title":"企业网络安全系统的性能与可管理性设计","authors":"Jingsha He","doi":"10.1109/ENM.1997.596874","DOIUrl":null,"url":null,"abstract":"The design of an enterprise network security system presents a great challenge because of the complexity of networking environments and variation in design objectives. The design of a high performance and manageable enterprise network security system presents an even greater challenge. Such a system, however, would not only reduce the overall cost of system administration and user management, but also enhance the effectiveness of the security mechanisms due to the decrease in the number of mistakes that the security system administrators might make. Systems too complex and too cumbersome to manage achieves only part of the objectives for an enterprise network security system at best. We present the design of an enterprise network security system developed in MCI to protect network elements from user access in which performance and manageability are among the most important criteria that measure the success of the development. We describe the environment, the requirements and the design considerations as well as the mechanisms used in the design and development to achieve the objectives. A number of specific design decisions are discussed that help make the security system easier to manage and, at the same time, improve the performance of the security operations.","PeriodicalId":357045,"journal":{"name":"Proceedings of IEEE Enterprise Networking Mini-Conference (ENM-97) in conjunction with ICC 97","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Performance and manageability design in an enterprise network security system\",\"authors\":\"Jingsha He\",\"doi\":\"10.1109/ENM.1997.596874\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The design of an enterprise network security system presents a great challenge because of the complexity of networking environments and variation in design objectives. The design of a high performance and manageable enterprise network security system presents an even greater challenge. Such a system, however, would not only reduce the overall cost of system administration and user management, but also enhance the effectiveness of the security mechanisms due to the decrease in the number of mistakes that the security system administrators might make. Systems too complex and too cumbersome to manage achieves only part of the objectives for an enterprise network security system at best. We present the design of an enterprise network security system developed in MCI to protect network elements from user access in which performance and manageability are among the most important criteria that measure the success of the development. We describe the environment, the requirements and the design considerations as well as the mechanisms used in the design and development to achieve the objectives. A number of specific design decisions are discussed that help make the security system easier to manage and, at the same time, improve the performance of the security operations.\",\"PeriodicalId\":357045,\"journal\":{\"name\":\"Proceedings of IEEE Enterprise Networking Mini-Conference (ENM-97) in conjunction with ICC 97\",\"volume\":\"36 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1997-06-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of IEEE Enterprise Networking Mini-Conference (ENM-97) in conjunction with ICC 97\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ENM.1997.596874\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of IEEE Enterprise Networking Mini-Conference (ENM-97) in conjunction with ICC 97","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ENM.1997.596874","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Performance and manageability design in an enterprise network security system
The design of an enterprise network security system presents a great challenge because of the complexity of networking environments and variation in design objectives. The design of a high performance and manageable enterprise network security system presents an even greater challenge. Such a system, however, would not only reduce the overall cost of system administration and user management, but also enhance the effectiveness of the security mechanisms due to the decrease in the number of mistakes that the security system administrators might make. Systems too complex and too cumbersome to manage achieves only part of the objectives for an enterprise network security system at best. We present the design of an enterprise network security system developed in MCI to protect network elements from user access in which performance and manageability are among the most important criteria that measure the success of the development. We describe the environment, the requirements and the design considerations as well as the mechanisms used in the design and development to achieve the objectives. A number of specific design decisions are discussed that help make the security system easier to manage and, at the same time, improve the performance of the security operations.