 |
 |
|
 |
|
 |
|
| Due to growing public concern surrounding problems such as customer data leakage from companies and online offenses committed through improper use of computers at universities and other public institutions, the issue of how to strengthen the internal access control of enterprise networks is receiving a great deal of attention. |
|
| Hitachi Cable's L2 switches, the Apresia®2000 series, have a browser-based network authentication mechanism using IDs and passwords, enabling the use of log records to identify which IP address was used when, by whom, and from which terminal (under which switch). However, this type of security control cannot prevent &spoofing,& which may occur if IDs and passwords are leaked to unauthorized users. |
|
| As a means of addressing this problem, Hitachi Cable has introduced a network authentication system that uses a fingerprint-authentication sensor. Once registered, the user need only slide his/her finger over the reader; as authentication is ensured through this single step, the user can instantly log into the NA server and the Windows Domain Controller (single sign-on). We offer this system to financial institutions and business users who require more rigorous network authentication procedures to handle confidential and personal-information databases. |
|
| For users who do not need fingerprint authentication, as a more moderate measure we propose a single sign-on authentication system using convenient USB keys or non-contact IC cards. In addition to their use in employee and student ID cards, non-contact IC cards have many other potential applications in areas such as commuter passes and electronic money. |
|
|
 |
 |
 |
|
| In trying to prevent the unauthorized use of networks at companies and universities, it is possible to produce a deterrent effect by carrying out strict system-management procedures - for example, controlling access through NA and identifying users by tracing logs. Conventionally, however, to keep track of network usage, the administrator has to manually check an enormous amount of log information, which in turn causes delays in the implementation of countermeasures against unauthorized access. Hitachi Cable's "NALogManager" centrally manages the collection and analysis of the massive system logs created by Apresia®2000 switches. This ensures higher reliability and security in network management by allowing for quick consolidation and monitoring of important log information such as histories of successful/failed attempts at user authentication. |
|
|
 |
|
 |
|
| The recent widespread use of laptop computers poses the problem of viruses being brought in from outside the network by infected machines. Even if network administrators take adequate measures against viruses from outside their company or university, they cannot eliminate the risk of infection from inside the network because someone might unknowingly connect a private PC that has been infected elsewhere, such as at home or at a wireless LAN hot spot. |
|
| The Virus Quarantine LAN System, however, can deal with this threat. This system links a user authentication function of Hitachi Cable's Apresia®2000 series with the &NOSiDE® Inventory Sub System 2004*11& by NTT Data IntelliLink Corporation. If a private PC is connected to the LAN, the NOSiDE® Configuration Management Server located in the network quarantine area will first perform a security inspection. A detailed check is performed to search for viruses and known security holes, and only PCs considered safe are permitted subsequent access to the internal network. Since PCs with inadequate security measures will be blocked out of the network by Apresia®2000, this ensures that effective antivirus measures are enforced. |
|
| *11 Integrated operating management system that centrally manages computer system. NOSiDE® is a registered trademark of NTT Data Corporation. |
|
|
 |
|
