Terminal security access control method

• Main Authors: ZHANG SUXIN, ZHOU DONGQING, ZHANG WEI, CHENG ZHENKAI, RUAN ZHAOWEN
• Format: Patent
• Language: English
• Published: 18.02.2015
• Subjects: ELECTRIC COMMUNICATION TECHNIQUE; ELECTRICITY; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

Disclosed is a terminal security access control method. A system which comprises a database module, an ARP table scanning module, a terminal isolation module, a VRV system communication module and a dangerous equipment recognition module is firstly built. The method comprises the steps that firstly, an known equipment table and a switch table are manually built, and stored in the database module; secondly, an ARP state table is obtained, wherein the ARP state table is composed of ARP information composed of MAC address-IP address pairs; thirdly, a question equipment table is obtained by the VRV system communication module from an external VRV system and stored in the database module; fourthly, a dangerous equipment table is obtained; fifthly, an isolation equipment table is read by the terminal isolation module, and dangerous equipment in the dangerous equipment table is isolated. The network application function of a terminal can be limited through a client program deployed on the terminal, or the network access behavior of the terminal is controlled by deploying a firewall, and terminal equipment can be automatically isolated from a network in time.