Brief introduction and product characteristics of network guardian products
I. Product introduction
1, which solves the physical isolation of internal and external networks. By adding a "network guardian physical isolation card" to the original computer, the network channel isolation between the local area network and the Internet is realized. Any computer in the local area network will be completely isolated from the intranet (classified network) when accessing the Internet, so that it can surf the Internet freely and ensure the absolute security of the intranet.
2. This product is a kind of hardware controlled by software, which realizes the switching between internal and external networks. It is simple to operate, safe and reliable. It truly conforms to the provisions of Article 6 of the Measures for the Security Management of Internet Computer Information Systems issued by the State Secrecy Bureau.
3. Functionally equivalent to two independent computers. Internal and external network systems share all resources in a hard disk and a computer, saving a lot of investment and office space.
4. This product is divided into built-in and external. Built-in is directly fixed on the PCI slot of the motherboard, which does not occupy the resources of the computer, has no data communication with the computer motherboard, and has no compatibility problem; External equipment is placed outside the chassis, which is convenient for replacement, inspection and handling.
5. Support ADSL dial-up Internet access or government network users.
6. Independent research and development and patent design. It has independent intellectual property rights and applied for a national patent (patent number: 99257640.7). The product has passed the safety performance test of the Ministry of Public Security, with the inspection report No.99046 and the batch production license issued, with the approval certificateNo. XKC30213; ; The product has also obtained the product detection and certification certificate of the classified information system of the State Secrecy Bureau (No.:ISSTEC2003YT0049). It can ensure that the internal network and resources are not stolen and attacked by the external public network, and truly use the computer simply, reliably, credibly and safely.
Second, the main characteristics of the network guardian physical isolation card
Really achieve physical isolation.
All of them adopt contact relays. Under the control of MCU 205 1, three sets of relays trip, which ensures the real physical isolation between the internal and external networks.
Software control, simple and fast operation.
Just click the corresponding button on the control software of "Network Guard" with the mouse, and the network guard will send instructions through the serial port, and the system will automatically shut down the computer and restart it to another hard disk system.
Simple installation and convenient maintenance
The installation of the physical isolation card of the network guardian is not complicated. Select a PCI slot on the workstation PC and insert the isolation card. The control line on the card connects two hard disks. Personnel who have experience in installing network cards can install and maintain them smoothly after simple training.
Wide application range
This product is suitable for government agencies, financial institutions, military, enterprises, individuals and other personal computers that need to access the Internet and protect local operating systems and local data resources.
Widely used in Win98, win2000, WIN XP and other operating systems.
Product function and performance
The network guard isolation card is a relatively simple and economical isolation product. As an excellent series of double-disk physical isolation products, this product has the highest technology and performance among similar products.
This product is a PC hardware card inserted into PCI slot. There are three power interfaces on the card, which are respectively connected with the host power, the internal network hard disk power interface and the external network hard disk power interface. Independent operating systems are installed on the hard disks of the internal and external networks, corresponding to the internal and external networks respectively. There are also internal and external network cable interfaces on the card for connecting the internal and external network interfaces. At the same time, only one hard disk is powered on and connected to the corresponding network, and the other hard disk is not powered on, and its corresponding network is also cut off, thus achieving complete physical isolation between the internal and external networks.
Pure hardware design, real physical isolation. When the physical isolation card of the network guard switches to the external network in the internal network state, the network guard will automatically detect whether there is a floppy disk in the floppy drive. If there is a floppy disk in the drive, it will give a warning that you can't switch and return. You can't switch networks until you take out the floppy disk. This prevents the possibility that the data in the floppy disk is accessed by the external network in the internal network state.
The isolation card communicates with the computer through a serial port, and the control program is adapted to the serial port of the computer. You can choose any serial port to install and use, and you need to reconfigure it when replacing the serial port.
One computer can realize the functions of two computers, and the two systems can enjoy all the equipment except the hard disk, which can save a lot of investment and office space.
Network Guardian Security Isolation Solution
In view of the government's requirement that the internal and external networks must be physically isolated, we propose the following solutions: install a second hard disk on the original basis and use the network guardian isolation card, so that each hard disk is dedicated to a certain network, but completely physically isolated from the other hard disk and the network.
Product use refers to the South.
I. System requirements
1. Add a hard disk to a hard disk. These two hard disks need to be installed with their own independent operating systems, such as Win 98/2000 Professional Al/Win XP and software NetGuard.
2. When the network is switched, the system will send instructions to the physical isolation card of the network guardian through the serial port (COM 1/COM2). Therefore, in the system, it is necessary to ensure that the serial port COM 1 or COM2 connected to the physical isolation card of the network guard is not occupied.
Second, the installation
1, hardware installation
(1) Turn off the power and turn on the chassis;
(2) Insert the network guard isolation card into the PCI slot (it only plays the role of fixing the isolation card, does not take power from the PCI slot, does not occupy system interrupt resources, and does not affect the startup speed);
(3) Connect the internal and external network cables with the network cable interface of the control card (the internal network cable is a slot marked as LAN, the external network cable is a slot marked as INTRNET, and the card slot is connected to the network card with a blue network cable).
(4) Connect the serial port on the card with the communication serial port on the PC with a gray communication line.
(5) The internal and external network hard disks and PC power cords are connected with the corresponding power cords on the card in turn.
2. Software installation
Install the network protection switching software on two different hard disks.
The specific installation method is as follows:
● Double-click the drive letter of the CD-ROM drive in My Computer to find the switching software folder corresponding to the current system, double-click the SETUP.EXE file inside to start the installation, select the "Next" button continuously, and finally select "Finish" to complete the installation.
● When it is not needed, you can uninstall it from Add/Remove Programs in the control panel.
Three. instructions
Click the "Network Guard" icon on the desktop of Windows system to open the network guard switching software. Just double-click with the mouse to select the network button to switch to, and the system will automatically shut down and switch to the corresponding network state after restarting.
Comparison between physical isolation card of network guardian and other network security methods
Comparison of security isolation performance of methods to protect network security
1. It is equipped with two computers, which are connected to the internal LAN and the public network respectively, which is reliable and conforms to the relevant national networks.
Safety regulations 1. It is very inconvenient to use.
2. The investment cost is huge and resources are wasted.
3. The network setup is complicated and the maintenance is difficult.
4. Take up more office space.
2. It is unreliable to use proxy server and firewall technology, and it does not conform to the relevant national regulations.
The regulation of network security isolation is 1. The investment cost is high.
2. Even the firewall products independently developed by China, as long as
Both CPU and operating system are foreign, so it is difficult to guarantee the security.
3. The special computer for safety isolation is reliable and conforms to the relevant national network.
Safety isolation regulations 1. Buy computers again and increase investment.
2. The existing computers in this unit cause waste.
3. One box with two sets of equipment is technically unreasonable.
4. The compatibility machine has unstable performance and high price.
4. The physical isolation card of the network shall conform to the provisions of the state.
The isolation method is safe and reliable. 1. Introduce the original equipment without increasing too much investment.
2. You don't need to buy computer equipment, which takes up the original office space.
3. Pure hardware design, simple operation, safety and reliability. See http://forum.chinesehonker.org/thread-6486-1-1.html for details.