【正文】 ............................................................................................................. 1 1. 需求分析 ......................................................................................................................... 2 項(xiàng)目背景 ................................................................................................................ 2 設(shè)計(jì)目標(biāo) ................................................................................................................ 2 用戶現(xiàn)實(shí)需求 ........................................................................................................ 3 2. 網(wǎng)絡(luò)整體設(shè)計(jì) ................................................................................................................. 4 網(wǎng)絡(luò)拓?fù)? ................................................................................................................ 4 網(wǎng)路層次化設(shè)計(jì) .................................................................................................... 4 核心層設(shè)計(jì) ................................................................................................. 5 匯聚層設(shè)計(jì) ................................................................................................. 5 接入層設(shè)計(jì) ................................................................................................. 6 路由協(xié)議選擇 ............................................................................................. 6 VLAN 的劃分及 IP 地址規(guī)劃和設(shè)備命名規(guī)則 ..................................................... 7 服務(wù)器群組 ............................................................................................................ 9 DHCP 服務(wù)器 ................................................................................................ 9 郵件服務(wù)器 ................................................................................................10 WEB 服務(wù)器 ................................................................................................. 11 3. 安全策略 ........................................................................................................................12 網(wǎng)絡(luò)威脅因素分析 ...............................................................................................12 安全要求 ...............................................................................................................12 安全規(guī)劃 ..............................................................................................................12 安全產(chǎn)品選型原則 ...............................................................................................13 安全策略部署 .......................................................................................................14 VLAN 技術(shù) ...................................................................................................14 訪問(wèn)控制列表 ............................................................................................14 4. 防火墻配置 ....................................................................................................................17 防火墻網(wǎng)絡(luò)安全策略 ...........................................................................................17 防火墻的基本配置 ...............................................................................................19 基于內(nèi)網(wǎng)的防火墻功能及配置 ...........................................................................21 東華理工大學(xué)國(guó)際學(xué)院畢業(yè)設(shè)計(jì)（論文） 目錄 IV IP 與 MAC（用戶）綁定功能 ....................................................................21 MAP（端口映射）功能 ..............................................................................22 NAT（地址轉(zhuǎn)換）功能 ..............................................................................22 基于外網(wǎng)的防火墻功能及配置 ...........................................................................23 DOS 攻擊防范 .............................................................................................23 訪問(wèn)控制功能 ............................................................................................24 結(jié) 論 ..................................................................................................................................25 致 謝 ..................................................................................................................................27 參考文獻(xiàn) ..............................................................................................................................28 東華理工大學(xué)軟件學(xué)院畢業(yè)設(shè)計(jì)（論文） 緒論 1 緒 論 信息化浪潮風(fēng)起云涌的今天，企業(yè)的業(yè)務(wù)已經(jīng)全面電子化，與 Inter 的聯(lián)系相當(dāng)緊密，所以他們需要良好的信息平臺(tái)去支撐業(yè)務(wù)的高速發(fā)展。 Vlan。 關(guān)鍵詞 ：網(wǎng)絡(luò)層次化； 熱備份； 虛擬局域網(wǎng)； 控制列表； 防火墻東華理工 大學(xué)軟件學(xué)院畢業(yè)設(shè)計(jì)（論文） ABSTRACT II ABSTRACT As the highspeed development of the work technique, the quality of enterprise work has already bee one of the standards that measure the petition ability of the enterprise. Aiming at the characteristics of the certificate profession, this paper will introduce an overall design of professional work applying for enterprise. Seriously Considering the load balance and stability of the work, we adopt three layers structure in the design. Core Layer adopts two equipments to master slave scratching and duplicate copy with the protocol of Cisco HSRP. Convergence layer adopts double link and the core is connected, to improve link stability and dual link bundling improves the work link bandwidth utilization, all gateway in convergence layer avoid broadcasting arrived at the core, improve the utilization rate of core routing to achieve high speed data forwarding routing protocol chooses the protocol of OSPF, which has high security and rapidly converging. The server applications set the point on introducing the method of creation and software selection for the mon enterprise server applications, such as DHCP, the mail server and the FTP server etc. In order to set up a safety, fuelefficient and reliable enterprise work, we put forward the VLAN technique, the fire wall technique for the different n