Professional Documents
Culture Documents
2004/12
IBM
OA
-
-
-
-
-
- (SUN SOLARIS/IBM AIX/HP UX /WIN 2000)
- Oracle/ DB2/ Sql Server / Domino/ Exchange
- (WebSphere Portal/ BEA WebLogic/ Sun One Portal/ Oracle AS
Portal/ MS SharePoint)
- DNS,FTP, VPN
1
31
2
- WEB VPN
IIS, Apache) - CheckPoint VPN
- DNS - Nortel VPN
windows DNS, Unix Bind)
- FTP
- IBM VPN
IIS, WU-ftp)
-
Domino, Exchange)
-
-
- CISCO
Solaris, win2000, HP UX, AIX)
- Oracle - CISCO PIX
- DB2 - Netscreen
- Domino
- CheckPoint
- SQL Server
- Websphere Portal
- BEA Weblogic - Symantec
- SUN One Portal -
- Oracle AS Portal -
- MS Sharepoint
- 5
IBM
- 25
IBM
IBM
IBM
- - - - -
- - - - -
- - - -
- -
-VPN
-
- -
- -
-
-
-
Oracle
VPN
DB2 Checkpoint
Domino
Nortel
SQL Server
IBM
Websphere Portal Sun Solaris
BEA WebLogic
Sun One Portal IBM AIX
Oracle AS Portal CISCO Win 2000
MS SharePoint
HP UX
CISCO PIX
Netscreen
Domino
Exchange Checkpoint
WEB
IIS
Apache
DNS
Windows DNS
UNIX BIND
(BIND9)
FTP
IIS
Wu-Ftpd
(1)
/
- - - - -
- - - - -
- - - -
- -
-VPN
-
- -
- -
-
-
-
2
-
-
-
-
-
-
-
-
-
-
3
19
-
/
-
/ 1
/ 2
PDCA
1 1
2 2
3 3
3 4
3A
- - - -
- -VPN - -
- - - -
- - -
-
-
- - (, , )
- PKI/ -
- -
- -
- - Provisioning
- - -
Internet
(SOC)
( )
( )
- TELNET HTTP FTP SMTP POP3
-
DoS
-
Internal Zone,
Admin Zone, Interconnection Zone ISS
UNIX
IDS
-
-
-
/
IT
(
)
-
-
- Internet
-
- /
User Provisioning
-
-
Something you
know
Something you
have
Something you
are
Something you do
-
SSO
-
-
-
- Why?
- What?
- How?
(role)
(responsibility) (liability)
-
-
-
-
-
-
-
-
- /
-
-
-
-
-
-
-
Web, FTP, SMTP
-
-
/
-
-
-
-
-
-
-
-
Web
FTP
/
-
-
-
-
Web FTP
/
/
-
/
/
- /
- /
/
-
-
-
-
-
-
-
-
- /
- /
- /
/
-
-
-
-
-
- /
-
- /
-
-
/
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
" "
-
-
-
1.
2.
3.
-
SQL
-
SQL
- VPN
-
-
-
-
-
-
-
-
-
-
-
- CPU
-
-
-
-
-
-
-
-
-
-
-
-
-
PKI
Packet Filter
Proxy
Circuit Proxy
Dynamic Packet Filter
Stateful Inspection
Adaptive Proxy
Deep Packet Inspection
NAT
Screening Router
Dual Homed Gateway
Screened Host Gateway
Screened Subnet
VPN IPsec SSL
802.1Q
IP
IP
(1)
isp
Router
External DMZ
Main FW
External
Web Server External
DNS Server
Internal
Web Server Internal Desktop
Internal Email Server
DNS Server
(2)
isp
Router
External DMZ
External
External Main FW
Web Server DNS Server
Internal DMZ
Internal Internal
Web Server Email Server Internal FW
Internal
DNS Server
Desktop Desktop
OA
MIS
MIS
BOSS
OA OA
OA
PSTN
CMNET VPN
FireWall
NETScreen 204
Internet Access Zone
Cisco3662
DMZ Zone
Su n S un S un
IntrusionFirewall
EN T E R PR ISE E N T E RP RI S E E N T E RP RI S E
60 00 6000 6000
SC SC Detection
Web-mail Reverse connection Zone CMNet GPRS
Proxy
WAP&SMS Mail-Relay/Proxy
Server/anti-virus
Sun E450 NETScreen 25 Cisco 3662
Intrusion S un
E N T ER PR I SE
60 00
Detection VPN
Admin Zone Cisco 7204 IBM 6000
Interconnection Zone
Sun Sun Sun
FireWall
Sun E N TE R P R I S E
60 0 0
&
Cisco3662
ISSConsole
Internet Scanner
Intrusion Sun
PSTN
Detection
ERP
BD6816
Sun Sun User Zone
Internal SMTP MTA
Zone FAX SERVER
Sun E N TE R P R IS E
6 000 Su n EN T E R P R IS E
600 0
ERP ERP
S un
EN T E RP R IS E
6 0 00
DNS/DHCP SUN
SC OA HP LC2000 E250
Training
SUN E250
Su n
Intrusion
EN TE RP R IS E
60 00
SC
Su n
SC
Su n
Detection SC
S un
SC
Sun
SC
S un
SC
Su n
CMNet
BOSS
CMNet
DCN
1
SOC
MIS
/ISP MIS OAOA
Copyright IBM Corporation 2004
77 Bank of China 2004
IBM China Company Ltd.
e-learning
OA
DMZ
DMZ
DMZ
DMZ
DMZ
DMZ
1 1 1 1 1 5
2 2 1 2 2 9
3 2 2 3 3 13
3 3 3 3 3 15