CPU366MHz are still using the old machines, friends, can save memory, speed up the start-up speed:
1, disable compressed folder function
If you open the zip file, then use winzip or winrar software, the following optimization is a very good optimization, Windows XP built-in the ZIP file, we can zip files as folders here. However, the system should use some of the resources to achieve this, so disabling this feature can improve system performance. Method is very simple, simply cancel the registration of zipfldr.dll it.
→ started running: regsvr32 / u zipfldr.dll
2, boot disk scanning to reduce waiting time to restart the time you will see the results immediately.
→ started running: chkntfs / t: 0
3, delete the backup files, in various hardware and software properly installed after the fact, XP need to update the document when few.
→ started running: sfc.exe / purgecache
And then return to be able to reduce the 100M.
If worried about the case, from time to implement, this approach will only save space, rather than accelerating.
4, began running →: services.msc into the XP Service to amend its own list
In the list of attributes for each service in the optional "closed" and "manual" and "automatic."
Alerter - erroneous alarms. (Off)
application layer gateway service - to give third party network sharing / firewall support services, some firewall / network-sharing software needs. Occupation 1. 5 mb of memory. (Off)
application management-used to configure, publish and delete software and services.
Automatic updates-windows update automatically. (Off)
background intelligent transfer service - the service was originally used to achieve http1.1 transmission of information between servers, Microsoft said support for windows updates breakpoint Xuchuan
clipbook - using computers and local area network to share paste / clip content. (Off)
Com + Event system-some COM + software needs. (Check your c: \ program files \ ComPlus Applications directory, things can not shut down the service)
COM + Event system application-ditto (off)
COmputer browser - used to visit the local area network computer services, but does not affect the customs here! (Off)
cryptographic services-windows update windows document used to identify the fingerprints, when I opened the update. (Off)
DHCP client-static IP needs (xDSL, etc.).
Distributed link tracking client-LAN for connection to update the information, for example, in computer files are A, B done in the connections, if the move, this service will be updated information. Occupy 4 trillion memory. (Off)
Distributed Transaction coordinator-silly things. (Off)
DNS Client-DNS analytical services. (Off)
Error reporting service - an error report, the windows of the error report to Microsoft. (Off)
* Event Log-system log records, the system is used to search for defects.
Fast user switching compatibility-more users to quickly switch service. (Off)
Help and support - to help. (Off)
Human interface device access-support "mentally handicapped" computer accessories. For example, increase the volume of the keyboard buttons and so on. (Off)
IMAPI CD-burning COM service-xp carved Die, do not have the software. Occupation of 1.6 trillion memory (closed)
Indexing service - the terrorist xp slowdown…… (to close)
Internet Connection Firewall (ICF)…… - xp firewall. (The words do not have to be closed)
IPSEC Services-the public even while users are not on James. (Off)
Logical Disk manager-disk management services. It will be necessary to inform you, the general customs. (Off)
Logical Disk manager administrative service-Ibid. (Off)
messenger - not msn, do not want to be on the harassment of the Commissioner. Note: The use of this monster is the thorn. (Off)
MS software shadow copy provider-useless, is said to be the backup. But…… useless. (Off)
Net Logon-Domain Controller with the landing. (Off)
Netmeeting remote desktop sharing-sharing computer use netmeeting achieve. (Off)
Network Connections - Internet / LAN to use the.
Network DDE-and to use the clipbook. (Off)
Network DDE DSDM-ditto (off)
Network Location Awareness-sharing network or if ICS / ICF may be required. (Server) (closed)
NT LM Security support provider-telnet service use. (Off)
NVIDIA Driver Helper service-nvidia graphics help. (Off)
PDEngine - perfectdisk engine
PDScheduler-perfectdisk planning services
PerFORMance logs and alerts-recording machines and the operation of the log or write regularly warned that the content might be too professional, so his decision.
* Plug and Play-automatic check-lift measurement hardware, plug-and-play.
Portable media serial number-absolutely useless. (Off)
Print Spooler - with the printer. (No printer can be closed)
Protected Storage-stored password and local Internet service password services, including guidance when the "auto-complete" feature.
QoS RSVP - is said to reduce net speed 20%…… (to close)
Remote access auto connection manager-broadband / network sharing.
Remote desktop help session manager-to long-distance services, occupying 4 trillion memory. (Off)
* Remote Procedure Call (RPC) - System core services.
Remote Procedure Call LOCATOR-the inverted are useless, RPC database management services, the occupation of one trillion memory. (Off)
remote registry - long-distance running registry / edit. Microsoft's vulnerability…… (to close)
removable storage-not under normal circumstances, use the tape backup. (Off)
routing and remote access-I do not know who the Commissioner, I do not know. (Off)
secondary logon-other than the administrator to give users the right to allocate designated operation. (off)
security accounts manager-like Protected Storage, IIS Admin only needs.
server - LAN file / print sharing needs. (Can not print off)
shell hardware detection-configured to automatically start some, like the Memory Stick, and some cd drive, and so on
Smart card - it accounted for 1.4 trillion memory (closed)
Smart card helper - customs. (Off)
SSDP Discovery service-no hardware take advantage of this service. (Available off)
system event notification-record user login / cancellation / re-starting / shutdown information. (Off)
system restore service - System Restore services, resources and the memory of eating monster. Although sometimes used, to decide. (Off)
Task scheduler-windows planning services. (Off)
TCP / IP NetBIOS helper-if you do not have the network or Netbios WINS words. (Off)
Telephony - dial-up service, if you do not have broadband dial-up, then closed it.
Telnet - or Microsoft's vulnerability. This Gen-dos in the telnet command It does not matter. 2 megabits of memory. (Off)
Remote terminal services-sign the local computer, fast user switching and Remote Desktop features necessary, do not have these features on the closed bar. (Off)
Themes-XP theme. XP is the closure of the classical style. (Off)
uninterruptible power supply-power failures to protect the equipment. (Off)
universal plug and play device host-with the SSDP Discovery Service. (Off)
upload manager-used to achieve server and client service delivery documents, simple file transfers do not need this. (Off)
volume shadow copy-with MS Software Shadow Copy Provider, is useless. (Off)
webclient-be and the future. net associated technology. (Off)
Windows Audio - in control of you have heard the voices. (Like silent can be closed)
Windows Installer-windows of the MSI installation services. (Recommendation for a manual)
windows image acquisition (WIA) - Some digital cameras and scanners used, feel useless. (Off)
* Windows Management Instrumentation - important service, the Commissioner will appear strange question .
XP how to save memory speed up the start-up speed
On these moves the breakdown which repairs XP not to be able to renew
Have heard some people recommend for WindowsXP 10 times faster software, which is a German people to do the optimization of procedures to stop some services to optimize the purpose, but in accordance with the requirements of optimizing the future, many more useful services can not be used, Including firewalls, security center, automatic updates.God other, if the machine can not automatically update, it is one of the things people worry about. This afternoon I met on this issue.
Windows UPDAte or visit the Microsoft Update site, the page prompted an error code 0 × 80070422 (displayed on the upper right corner of the screen) to the effect that prompted Windows Update service is disabled, the need to activate the corresponding Group Policy services. However, in view of this was done before the optimization, before conducting operations that must be optimized to use the restore process, which is in operation the first four elections. However, in operation when there is a problem.
Activated automatically update when prompted dialog, saying that with this service-related components failed to start, start failure. This obviously is that optimize the results of the programme. Baidu went for a look and found a need to re-register the dll file.
Registration qmgr.dll and qmgrproxy.dll
Regsvr32 qmgr.dll
Regsvr32 qmgrproxy.dll
When the registration qmgrproxy.dll Click "OK" after prompted module that can not find, after testing does not affect the resumption.
Done after we returned to the Group Policy window, all started to launch the service. Will not do it again to once again from start to finish.
All work is completed, the issue is resolved.
Similar problems encountered friends can make reference to this solution.
Below the windows update operation encountered an error when the solutions are summarized below, followed when they encounter problems can try:
1, ensure that the IE, not firefox or opera (cb to the vast number of opera fans reminded, not a natural habit ^_^), not recommend using IE tab.
2, to prohibit the current browser pop-up blocking, in other words to allow pop-up window (the same is very simple, but easily overlooked).
3, Show hosts file has been modified and restore the status quo. hosts documents in general
$ WINDIR $ \ system32 \ drivers \ etc.
4, Clear IE cache, temporary files, history.
5, is to ensure that their current system administrator, or "control panel" - "user accounts" do not have to delete all the account, then restart. This is the most important one, not even if the administrator account can be updated, but may be unpredictable mistakes.
6, appropriate adjustments ie the activex, javascript restrictions in internet options "safe" option Cary adjustment. If the fear of impact on security, can only http://update.microsoft.com/ to adjust.
7, registration URLMON. dll, MSXML3. dll, jscript. dll, qmgr. dll and qmgrproxy. dll:
Regsvr32 dll name. dll
8, and will WUAUSERV BITS added to the SvcHost process: Open REGEDIT, browse to
HKEY_Local_Machine \ Software \ Microsoft \ WindowsNT \ CurrentVersion \ SvcHost
Open "netsvcs" items. "Numerical data", "BITS" and "WUAUSERV" added to the list of services. Laws after the restart. [Apply to the error code 0 × 8007043B]
9, if the DataStore folder does not match the content, [apply to the error code 0 × 80070002] can consider deleting
% Windir% \ SoftwareDistribution \ DataStore
All contents of the folder, can not be deleted automatically update on the first service disabled.
10, do not use agents. Inspection is not the Windowsupdate site in the list of restricted inside and if yes, it deleted.
11, set a reasonable system date and time.
12, to ensure that related services start. Services: Automatic update (or "automatic update"), BITS (or "Background Intelligent Transfer Service"). Method: running serviCES. msc, and then start the corresponding services, if we do not know which should be launched, they are able to initiate the start, one by one later ruled out.
The XP operating system to play dead three move of ingenious plans
Using Windows XP after a long time, and sometimes will run very smoothly, and even the mouse will not respond to the keyboard in the operation. Very often the system is Jiasi. And the Dead really different, Jia Si can be "saved." Jia Si is the root cause explorer.exe (the graphical interface of the drive). Since the Council Jia Si, it must have a solution, following on as a friend introduced a number of rescue system Jia Si approach.
First move: When using Explorer open a new folder or use the browser to open a new page does not respond, with "Win D" or click Quick Start column Show Desktop button, and then press F5 on your desktop or right - To refresh. General set 3-5, then the Explorer browser window or reduction will be a return to normal.
The second move: this trick very Ling, the majority of Jiasi can deal with the situation. When the task manager are trying to open, the first drive after the shells into the pop (Do not put in the drive, CD-ROM), the mouse pointer will appear next to a small CD logo, then the system will arouse the consciousness, But amounts of bills!
Tip 3: reach the final of the killer, using combinations of keys "Ctrl Alt Del" launch Task Manager, then the "process" tab in the end explorer.exe, only an entire desktop wallpapers, desktop icons and task bar are No shadow, and then in the Task Manager "document → new task" in the importation of explorer.exe, to return to normal. This move can also release memory resources, Yijuliangde.
As the following method can be decreased significantly Jiasi possibilities:
Can not pop-up menu of as much as possible, do not have to make use of hotkey such as F2 to rename, with F5 to refresh, and so on. Windows MediaPlayer do not have the best visual effects, often using the card machine. Really want to use the case, particles are the most difficult card machines, the proposed "particulate" visual effects. Do not use memory finishing software, often the more the slower the speed of finishing system. If really want to release system resources, the cancellation of the current user to re-sign is the best way. Said so much, you may also wish to try these methods.
Five strokes get Win Vista system custom
You want to let the new operating system with its own personality Mody? Vista provides a way to make a lot of your custom. Here are five running Vista when the first thing to do, this is just the beginning ~
1, add small accessories
Windows tools, and its small accessories (in the desktop with the right help and entertainment of the small accessories) Vista is one of the great characteristics. Therefore, you need to do the first step is to let the toolbar is always visible and add some new accessories.
Double-click the system tray icon on the toolbar visible to Windows. You can see already have some default accessories. Click on the toolbar to add labels to your favorite accessories dragged into a toolbar. Click on the bottom right window "on-line for more accessories" link, you can get more accessories.
I downloaded from the Internet's favorite accessory is ipconfig, it can be real-time display your IP address and MAC address. If you have multiple Web links (for example, Wi-Fi and Ethernet link), it also showed that the two information.
Up to now, the accessories for Vista is still relatively small, but Microsoft recently announced with a number of major media cooperation, including the times, the people, Sports Illustrated and other companies, they will be for Vista to provide more accessories.
Custom accessories, it moved to the top of the mouse, click float the icon, select the display items. Move to the top of their mouse, click the X can delete parts. Right-click through accessories, not transparency in the menu item you want to select the values (from 20% to 100%), can not change parts of transparency.
2, free access to higher security
Windows Vista than any previous versions of Windows must be safe, but he overlooked an important safety features - anti-virus software. Although there are a lot of pay for anti-virus software, but the fact is, you do not need to pay for virus protection.
Some common with the Vista operating a non-profit nature of the anti-virus program, including AVG Anti-Virus and Avast. I have used Avast for Vista and the final version of the trial, is very practical. It will not take up too much memory and system resources to provide customized protection, also provides real-time monitoring and virus scanning.
3, change the settings files and folders
Vista, files and folders the default display of people rather hinder flu, and very annoying. Default settings, you can not see system files and hidden files and folders. To make matters worse, most of the extensions are hidden.
Very easy to swap all this can be amended. Open your browser, select Folder Options. Then in the menu that appears, select "folder and search options", click on the file folder settings dialog. Click the "Advanced Settings", the "hidden files and folders" select group "Show hidden files and folders." Then abolish the "hide known file types of extension" and "Hide protected system files." Then click OK, you can see the original of all documents on the show.
4, with ReadyBoost speed vista
Use of the new features of Vista ReadyBoost, using a USB flash drive can easily upgrade Vista operating speed. ReadyBoost is usually used to store the documents in order to protect depositors to read. Read documents from the flash memory than to read documents from the hard drive much faster, so as to enhance the operating speed of the computer.
ReadyBoost 256 MB-4GB available as a virtual memory. In order to achieve the best results, Microsoft recommends flash memory and system memory for the ratio between 1:1 to 2.5:1. In other words, if you have 512 MB of memory, you can use 512 MB capacity to 1.25 GB of memory. If it is 2 GB of system memory, the use of 2 GB to 4 GB of memory capacity of the best results.
Note that not all of the USB flash drive with ReadyBoost is the use of standards. It must support USB2.0, and transmission rates of up to read 3.5 MB / sec (4 KB block), write speed of 2.5 MB / sec (512 KB block). So before buying flash drive to confirm whether or not consistent with the standards.
But so far there is no certification process to tell you which flash drive which can not, though Microsoft said the final would be such a certification process. But now there are some third-party evaluation report to resolve this issue. Of course, the direct use ReadyBoost test also very convenient.
ReadyBoost very convenient to use. Insert the USB flash drive, the display on the options, select "sped up my system." If the flash drive does not apply, will appear on the display tips. If applicable, you will see a window. Accept the default settings, or move the slider to change the use of capacity. Confirmed that "the use of this equipment" was selected, then click to confirm. This set up!
5, since the definition of your desktop
Through the Vista desktop, you will start to a very wonderful computer career. So spend some time to develop its own desktop bar. There are many ways to customize the Windows desktop, including changes in the background, screensavers, and so on.
Right-click the desktop, select individuals, the emergence of a control panel for the definition of any details of the desktop, and other Vista features, including voice and the mouse icon.
Remove custom window color and less transparency, the other set is very simple. Click the "window color and appearance." The following window appears. On the part of the window to your window click your favorite color. If you want to create a custom color, click on the "color mixer" and then used to create a slider.
If you want translucent window, check "of semi-transparent." Change the window transparency, the mobile "color of" slider. Left more transparent. A good set, click OK .
The most practical application of skills and Vista FAQ
1. How do I turn off UAC?
User Accounts control panel → → open or closed user account control → abolish the use of user account control (UAC) to help protect your computer.
2. How to shut down the system backup and restore ?
Control Panel → backup and restore center → create restore points or more this setting → → automatic protection system restore points → cancellation has been selected on the disk restore points.
3. Why, in a fixed time will drive the phenomenon of mad Reading ?
This is because the Vista disk defragmentation automatically because of plans to close the way through the start menu is → Annex → System Tools → disk defragmentation process → cancelled, "according to plan operations (recommended)"
4. How do I turn off the computer into the dormant ?
Right-→ personalized desktop screen saver → → change power settings → changes the computer's sleep → to set the computer to sleep never.
5. Default start menu power button is set to "dormant" How to "shut down" ?
Kongzhimianban → Power Options → selected "preferred plan" → change the plan to change settings → advanced power settings, set up in the pop-up window to find "the power button and the lid" → "Start" menu power button → set → Commissioner Machine, determine to complete the set.
6. Per boot in the Security Center will be tips, how to close the prompt information?
→ Security Center control panel changes → Security Center informed me of the way → choose not to notice me, but the show icon.
7. How in non-traditional start menu running show in order?
The task bar and start menu attribute → start menu → custom → check "operation order."
8. How do I cancel the default start-up of each share ?
The following contents into the registry, to restart (the premise is to turn off UAC).
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesLanmanserverParameters]
AutoShareWks = dword00000000
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
Restrictanonymous = dword00000001
9. How to achieve automatic landing ?
→ start running → enter "rundll32 netplwiz.dll, UsersRunDll" orders to open accounts window, select the first automatic landing to the accounts, to choose "to use this machine, the user must enter a user name password" box, enter the account Households password (prerequisite is to close UAC).
10. How can I change the use of WMP media outside the players play ?
Right-selected media files → menu → Open → select the default choice player procedures → → check the "Always use the selected program to open this document" .
Familiar with the use of Vista in the built-in firewall
Network security has been more and more people pay attention to it, and in ensuring their own computer security, the most important is a means to install antivirus software, network firewalls and anti-spyware, and other procedures.
As early as the era of Windows XP, Microsoft in the system by adding a built-in firewall, this is what we initially saw the Internet Connection Firewall (ICF), it can provide basic packet filtering function. To the XP SP2, this built-in firewall was officially renamed Windows Firewall, and a marked improvement, such as providing start-up and shutdown of the protection capacity, but still is one-way protection, that is the only access to a computer The review of data interception. So many computer users have chosen a third-party personal firewall products, such as Kaspersky or ZoneAlarm.
Demand for different uses two types of interface
In Windows Vista, Windows Firewall have been making considerable progress, it will not only like XP SP2, as the control panel access through the firewall user interface, but also to provide technical personnel through the MMC console configuration of the firewall via advanced features.
Vista's firewall with two separate configuration interface: the basic configuration interface can control panel to open the Security Center, advanced configuration interface requires users to create customized MMC. This configuration independent primary user interface design can be avoided because of improper allocation lead to reduced security of the system, but also provides for the advanced user more control the inflow and outflow of data capacity. In addition, users can also netsh advfirewall in the order in the command line configuration Vista's firewall, or through the creation of the script the way in more than one computer for automatic firewall configuration. In addition, users can also group policy to control the Vista firewall configuration.
The control panel's basic configuration
With XP, users can "General" tab directly turned on or off the firewall and can block all proceedings, without the need to consider the exceptions.
"Block All Programs" option is a very convenient option, especially when the user in a public Wi-Fi network. It allows system temporary prohibition of "exceptional" any procedure provided for in the access network, and when a user in a relatively secure network environment, to shut down this option, the restoration of previous settings.
And XP, Vista firewall in the basic settings, is an exception in the "Exceptions" tab in the set. Users can check the programs or services to lift their block on the firewall.
If you wish to cancel a stop the process and the process is not to stop the list, the user can click on "Add Program" button to add. Add in the dialog process, the user can program from the list or through the file browser choice of the program. Through the "Change Scope" option, the user can only allow in a range of procedures for access to the network. The scope includes:
Any computer, including on the Internet computer.
I am the only local area network (subnet).
Since the definition of IP address or sub-net.
In addition, users can also choose a firewall blocking software is to be issued after the alarm.
"Advanced" tab allows users to choose needs to be a firewall to protect the network connection.
In this tab, users can configure the log (or packet loss record of successful connections), set the maximum capacity of the log. The system set up ICMP how to respond to the request. By default, the only response to the ICMP request packets will be receiving, the rest of the ICMP request are prohibited.
Return to the default settings through the button, the user can cancel all changes to the firewall will be set up to restore the system installed by default.
Vista Firewall Advanced Settings
Since the establishment of the definition of MMC
To Show Advanced Settings, users need to create a custom MMC. Following is the establishment of methods:
1. Click Start Programs Accessories and select Run.
2. In the run column type mmc.exe. Users may need to import certificate or click on the management of operational procedures for certification.
3. Enter the MMC, click File Add / Remove Snap-in.
4. Available Snap-ins moving down the list and select Windows Firewall With Advanced Security. Double-click or select it and click the Add button.
5. Select Computer dialog box, choose the default (Local Computer) and then click Finish.
6. Add / Remove Snap-ins dialog click OK.
Now users to expand the tree left of the list, we will see Vista firewall to the right of the Advanced Settings page.
Vista can be customized multiple configurations
In Vista, users can customize the firewall for a variety of configurations, such as enterprise domain for the network configuration (notebook users can log in the company domain or out), or for the family network configuration (for example, the family point-to-point network ), Or the public network environment is suitable for the configuration (for example, in the airport hotel to connect to the public WI-FI network). Each configuration are independent of each other. Therefore, when a user in a corporate network, or even shut down Vista's firewall, because basically in the enterprise network with more advanced firewall, and connect to home networks or public wireless network, the firewall can be opened in time.
To change the variety of configurations, users can set Windows Firewall Properties. In the Domain, Private, and Public Profile tab, the user can turn on or off the firewall, can also send and receive requests for the connection or through the shielding. In this three configurations, are sent by default can connect, connect to receive the request was refused (to allow exceptions). Users can also connect all of shielding are located, including the list of exceptions to the procedure. (Each card configuration options in the same content)
Through the Customize button, the user can configure more of each individual adjustments. For example, users can set to receive when the connection request was refused, issued a warning information system, can also set it to receive multicast or broadcast when the unicast response. In addition, users can also set up projects in the log configuration options (or packet loss can be successfully connected, and so on a recorded).
Once users set up and configure IPSec attributes of each, you can connect to the next step on computer security settings, this set used to determine when and how the two computers (or a group of computer companies) to establish a secure connection. To carry out the relevant settings, users will need to right-click on the left side of the console panel Computer Connections Security and select New Rule. This step will open the New Connection Security Rule Wizard, the new safety rules connection wizard, the user can select categories in the following types of rules:
Isol ATI on: Based on the domain of health status or system of standards such as restricted connection.
Authentication exemption: you can specify certain computer and the machine does not necessarily certification.
Server to server: to designate certain link between the computer does not require certification.
Tunnel: The Rules for the Gateway system to connect between the certification.
Custom: If the above rules do not suitable, users can customize the rules.
The next step is to provide the conditions necessary for the rules. For example, when users set up a custom rules, it is necessary to specify the end, the end contains a computer or a group. Users via IP address or address range of one and to set up multiple computers, users can also be a pre-determined location as the end of one, such as the default gateway, DNS server, DHCP server or local sub-net.
For some types of rules, users need to establish rules conditions. For example:
Users can request to send and receive all the connections to verify, which means that under no circumstances should the use of certification, it is not necessary.
Users can send requests to authenticate the connection or the connection to receive requests for certification. Not certified to receive the request will be shielded, and send connection requests will be verified.
At the same time, users can request to receive and send the link to certification. No links have been refused accreditation.
Users can also choose to connect not need any certification.
Next, users need to select certification, and above this point on the IPSec configuration item attributes are very similar (depending on the type of users to create rules).
Finally, users need to select the current rules which apply to the firewall configuration, and named for the rules, and fill out the introduction (optional). User-created rules will appear in the central part of pages.
Users can configure or state (enabled / disabled) filtering rules. Therefore, the user can only display the current configuration of the safety rules, or only show that the rules be disabled. Users can also through the View menu to select among the region shown by the contents out.
Users can right-click at any time by the middle of the rules, then select Disable Rule or Delete disable or delete the rules. When application of the rules, the same method can enable rules. In addition, right-click on the rules, choose Properties, users can also modify the rules of the various.
In order to create a program or a corresponding port security rules, the need for users to receive and send rules. Vista has its own built-in a series of rules, or by clicking on the Inbound Rules Outbound Rules, the user can see that these built-in rules.
To disable or delete these prefabricated rules, or create a rule, users can right-click on the corresponding rules, or click on the right side of the corresponding function. By choosing the rules Properties, the user can modify the rules.
To create a new receive and send rules, the user can from the drop-down menu or right-click on the console panel, select New Rule. After the new rules will open a wizard.
Wizard dialog in the first screen, the user can choose the computer through an application and the establishment of a firewall port, or select a service windows (default), Furthermore, users can customize the rules.
Here, we think that a program to connect to explain the rules as an example. We chose Program and click Next.
In the next screen, users will need to select all the procedures or rules applied only for a program. If you choose a program, users will need to open your browser, positioning the program.
Next, when users need to select the program when trying to establish a connection (in this case, because we receive is established by the rules, the procedure is here to receive connection requests), firewall action. The user can choose the following firewall actions:
The procedure allows all the connections, including security and insecurity.
Only allow secure connection. If the user has the choice, then can also choose to connect the data encryption to protect data security. If users do not choose this feature, the link will require authentication and data integrity testing, but no data encryption. Users can also select the connection priority in Block rules, and it is easy to administrators through remote management tools for computer management.
Block all connections. If you wish to block all access to the connection, P2P software such as the connection request, can choose this.
In the next screen, the user can choose the rules applied to all firewall configuration or a firewall configuration. At the same time, but also the rules of naming.
The port for a set of rules, and the above mentioned basic similar, the only difference is that the user must enter a TCP or UDP port number, location rather than procedures. Users can for a software or a client of some kind of agreement to develop the rules, and rules can also be applied to a certain destination (computer or computer group).
Surveillance
Senior firewall configuration one of the most useful function, as well as the establishment of a firewall Advanced Security MMC console the most important reason is that surveillance functions. In monitoring capabilities, users can view the rules and their property status.
Through the right side of the console features available list, the user can be derived firewall rules for txt text file, or a comma delimited database files (. Csv).
Aggregate
Although Vista's firewall on the surface and Windows XP SP2 firewall there is no difference between, but once the user through the firewall console access to the advanced configuration, you will find Vista's firewall functions and configuration parameters far more than XP SP2. Vista firewall can not only send and receive data and to intercept and review, but also allows users to customize the rules, completely satisfy the various needs of users.
Latest topics: how to optimize Windows Vista system
Starting from today I started to say how to optimize the Windows Vista system, the VISTA who is interested to see my blog !
Then I started to say how to optimize Windows Vista system the way !
Please pay attention to my friends !
The use of Windows vista friends all know, when you try to document some (particularly some system files) coverage, shear and other operations, the system will prompt you do not have the authority has refused to operate (see diagram below). To address this issue, Zhongguancun Vista online channel has been given the appropriate solution to obtain the corresponding administrative privileges. Windows Vista refused to operate the corresponding
Please refer to specific "teach you full control of access to Vista authority," a text.
Although the use of these methods can obtain full control authority, but the process operate more and relatively cumbersome and error-prone. If we can have a simple and direct way like, such as access control will be placed directly in the Explorer's right-menu, a user-friendly system files directly to the title.
According to this view, we can add to the registry in the corresponding right-menu command. First of all let us in the notebook enter the following code:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT \ * \ shell \ runas]
@ = "Administrator ownership"
"NoWorkingDirectory" = ""
[HKEY_CLASSES_ROOT \ * \ shell \ runas \ command]
@ = "cmd.exe / c takeown / f \"% 1 \ "& & icacls \"% 1 \ "/ grant administrators: F"
"IsolatedCommand" = "cmd.exe / c takeown / f \"% 1 \ "& & icacls \"% 1 \ "/ grant administrators: F"
[HKEY_CLASSES_ROOT \ exefile \ shell \ runas2]
@ = "Administrator ownership"
"NoWorkingDirectory" = ""
[HKEY_CLASSES_ROOT \ exefile \ shell \ runas2 \ command]
@ = "cmd.exe / c takeown / f \"% 1 \ "& & icacls \"% 1 \ "/ grant administrators: F"
"IsolatedCommand" = "cmd.exe / c takeown / f \"% 1 \ "& & icacls \"% 1 \ "/ grant administrators: F"
[HKEY_CLASSES_ROOT \ Directory \ shell \ runas]
@ = "Administrator ownership"
"NoWorkingDirectory" = ""
[HKEY_CLASSES_ROOT \ Directory \ shell \ runas \ command]
@ = "cmd.exe / c takeown / f \"% 1 \ "/ r / dy & & icacls \"% 1 \ "/ grant administrators: F / t"
"IsolatedCommand" = "cmd.exe / c takeown / f \"% 1 \ "/ r / dy & & icacls \"% 1 \ "/ grant administrators: F / t"
After the importation, please save for the reg file formats, such as "zol_quan.reg", and then double-click the Save the reg files, import into the registry.
Now sure there are many netizens there is a doubt: the right way to modify the registry menu changes brought Mody ?
More of a "administrator want to" pop-up menu. This means that if you are an administrator account login Windos Vista system, when you need to file or folder system to operate, as long as the corresponding right-click on the document, and then you can get in a matter of seconds All rights!
Six strokes of the Windows XP allows you to the rapid shutdown
The use of old machines and laptop computers friends, I am afraid difficult to tolerate the crazy people in the slow start-up process it. Even if the trial over a variety of questions, optimize the use of all the optimization software, but Windows XP or the boot Manyou You, Man Tengteng the shutdown,'s disappointing not.
The use of old machines and laptop computers friends, I am afraid people are crazy tolerate the slow start-up process it. Even if the trial over a variety of questions, optimize the use of all the optimization software, but Windows XP or the boot Manyou You, Man Tengteng the shutdown,'s disappointing not. In fact, Windows XP have you ready for a quick switch of the shortcut, it is the standby and hibernation.
First, speed up the shutdown of a key standby
Open "control panel" → "Power Options" and select the "Advanced" tab, set up here "in the computer press the power button when the" drop-down menu, in which Gouxuan "dormant" or "standby." Application settings, you can use one of the key standby. For example, in the work before going to be a tomorrow to continue the work, then just click on the chassis of the power button, you can leave the work. The next day, press the button on the boot quickly into the system, yesterday to continue the unfinished work.
From standby resume, there may be others peeping into the computer information. In response, in the "advanced" tab, Gouxuan "in the computer resume from standby when asked to enter your password", to stand together with a security protection.
Second, create "Sleep" button dormancy
First of all in "Power Options" dialog "dormant" tab, Gouxuan "the opening of dormancy" feature. Then right-click on the desktop, pop-up menu, select "New" → "shortcut" and "create a shortcut" dialog box, enter "rundll32.exe powrprof.dll, SetSuspendState" order. Click "Next" in the "selection process heading" dialog box, enter "dormant." "Finish", right-click on the Desktop "dormant" shortcut to open dialog select "shortcut" tab, the "shortcut" by pressing their favorite shortcuts, such as the "F8". Set up, simply press the "F8" key to achieving one of the key dormancy.
Third, a reasonable set standby power
In many cases, is only a temporary leave the computer, then there's no need to shut down most of the power of the hardware devices, such as USB ports, Ethernet, mouse, and other equipment, this will restore the speed enhancement.
The card as an example, open the "Device Manager", right click on the card, in the pop-up menu, select "Properties" orders, set up the properties dialog. Select "power management" tab, where lifting of the "closed to allow the computer equipment to conserve power" of choice, click the application can be. Use the same method, disable the mouse and USB devices, such as the power-down features.
4, standby power can be shut down
General of the standby power is not closed, because the data is stored in memory, once the shutdown, it would cause data loss. To shut down, only the use of dormancy, but dormant start time or longer. If using the STR motherboard power technology, can also be closed when the standby power supply, and restore the computer to work with state and only a few seconds.
Most motherboards support the STR technique. Meijie SY-I5PRLE to the Main Board as an example, the boot into the CMOS settings page, select "Power Management Setup" power management settings. After entering to find "ACPI Suspend Type" items, to set it as "S3 (STR)" mode, the CMOS settings can be saved. After the use of standby, the chassis power will automatically shut down the power button when the press box, high-speed system can be restored to the preservation of standby status.
STR standby in the use of technology, not cut off the power supply board, otherwise save data will be lost. Also, in standby mode by waking up the mouse and keyboard, then set up in CMOS, "PS / S KB / MS Wake up From S3-S5" set to "Enable" can be.
5, to resolve the issue standby automatically resume
Some of the standby system, from time to time from the automatic restoration of standby status, automatically go into standby status. Most of this card is due to the power caused by improper settings. The times, in the "Device Manager" in a "network adapter", double-click card attributes of the open window, "Power Management" tab, uncheck "Allow this device to the computer out of standby" Gouxuan can.
6, Dormant waiting for the re-acceleration
In the use of sleep and standby time, we must pay attention to some of the issues. For example, long-term use of dormant system, the data in the memory not empty the address, so that Windows XP will run slower. At this time, may wish to use "Freemem" such as memory tools for the finishing operation.
If the dormant before the work is the preservation of the documents, then the temporary files and data will be released, thereby greatly increasing the speed of dormancy and resume and strengthen the recovery of data security. In addition, due to increase system capacity disk space, open disk DMA channels, in hibernation and standby for the former, such as an external USB devices, can effectively improve sleep and standby the speed and stability.
To restore a Windows XP system of file
If the Windows XP system files are viruses or other causes of damage, and we can from the Windows XP installation after the resumption of those documents had been destroyed.
Specific methods:
Windows XP installed in the search after the destruction of documents, is to be noted that the final document of a character with the bottom line "-" instead of, for example: If you want to search "Notepad.exe" the need for "Notepad.ex_" to Search.
Search required documents
After the search, open the command line (in the "Run" type "cmd"), then enter: "EXPAND source of the full path of the target file a complete path." For example: EXPAND D: \ SETUP \ NOTEPAD.EX_ C: \ Windows \ NOTEPAD.EXE. One thing to note is that, if there are spaces in the path, then the path need to use double quotes (English quotes), including up.
Of course, is to find the best, but sometimes we search in Windows XP after the time we need to find the documents. Produced one of the reasons for this situation is to find a document in the "CAB" in the document. Since Windows XP to "CAB" as a folder, the Windows XP system, need only to "CAB" right drag and copy documents to the appropriate directory can be.
If you are using the other Windows platform, search to include the goal of the file name "CAB" document. And open the command line, type: "EXTRACT / L target location CAB file a complete path", such as: EXTRACT / LC: \ Windows D: \ I386 \ Driver.cab Notepad.exe. With the same front, as there are spaces in the path, then the need to use double quotes, including the path up.
Network: Smart wiring to improve network security
Construction of the new network systems, network security is the vast number of users of the primary consideration. Under normal circumstances, users are willing to invest huge amounts of money to buy advanced firewall and software. However, the vast majority of users it has the network infrastructure that know little about the safety of wiring systems. In fact, a lot of survey data show that a large number of network security incidents come from within the network.
At present, the smart wiring system is being more and more users concern. However, there are many smart wiring systems for users with a wait and see attitude. Although these users see a smart wiring system to facilitate the management of cabling infrastructure, but it can not be smart wiring system for their network security the number of active role. In this, we have some specific examples to point out that the smart wiring system to improve network security a major role.
A smart wiring system on the use of network equipment for real-time monitoring, network assets to ensure security.
In the absence of intelligent cabling system installed, users generally use a separate database to record their own network equipment, if the number of laptops, desktops and servers. However, these databases only to users of network equipment for the management of static and could not understand a particular time in the number of network equipment is connected to the network or on how to connect on the web. In other words, users of their network assets and can not do well known. If a user installed a smart wiring system, such as the United States Simon's MapIT intelligent cabling system, they will be able to make use of the smart wiring system of management information real-time monitoring each port connector and the connected network equipment, So that they could greatly enhance the security of its network assets.
Second, smart wiring system wiring timely warning against the illegal operation, reducing the network against unlawful invasion.
When outsiders from entering the telecommunications between the blocks and pulled out on a jumper, the traditional cabling system users can only be unreasonable in the network received the report before the corresponding to the telecommunications between the inspection, but also it is very difficult Who found a disconnect jumper. And the installation of the U.S. Simon's MapIT intelligent cabling system, as the intelligent cabling system will support the surveillance cameras installed and in the event of illegal intrusion, can be done:
1. Automatic shooting illegal invaders and their operation;
2. Or send automatic SMS alerts to inform the relevant network management network against.
Third, smart wiring system can use the network to complete the archive records.
Smart wiring system can complete record of the use of network equipment, automatic monitoring and recording real-time connections, so that from the internal network of harm to the minimum. A 11 documents have been engaged in the management of the system administrator in retaliation for the layoffs, the network host entered the DOS command line 6. The directive to delete the company's mainframe, many documents, causing more than 10 million dollars in damage. Surprisingly, the FBI spent a full four years before the collected enough evidence to charge the system administrator. If the company was a smart wiring management system, the system administrator of the illegal operation will be recorded and the company can promptly take remedial measures.
Application of more Shunshou Win XP five running skills
Application of more Shunshou Win XP five running skills
The computer has become the daily life of learning necessary, so that people will increasingly inseparable from it, for the novice, how to make your computer to use more Shuxin, let your computer more in line with your own habits? «We take a look at the following skills:
1. Notepad automatically recorded in the file open time
In Notepad, we can open the records of each time a text file, the method is as follows: the first in which the line ". LOG" (Note: must be capitalized!) And then wrapped the body began. This opens up every time the document after the closure of the document will be automatically inserted after the current open the text of the time.
2. Tour website offline
A need for offline browsing the website has been opened, the traditional way in accordance with the order to open an online link to a link to find and open this page. Faster way is to this page Add to Favorites, after the offline mode from one of your favorites to this page.
In fact, this page for the establishment of a shortcut is the fastest way. In the browser's address bar, has opened at the front page has a small icon, holding down the mouse with a small icon and drag it to the desktop, and the next on the desktop can quickly browse the website of the offline .
3. Quick e-mail
In "Start" menu, click the right mouse button, select "Open", in the open window, click the right mouse button, select "New "---" shortcut" and then "Please enter the location of the project "Box" mailto: ", click" Next "," type in the name of the shortcut "box, enter the name, click the" complete "button. After just click this shortcut will create a new e-mail.
If you frequent e-mail to a friend, it can be dedicated to this friend to create a shortcut. With the above method is similar to that. For example, your friend's email address is abc@gmail.com you as long as "Please enter the location of the project" box "mailto: abc@gmail.com" on the line, and the remaining unchanged.
4. Procedure will be the favorite at the start near the top of the menu
Do you love to a program and use it often «Well, should be placed in the top of the list of ways to enhance it in the menu at the beginning of priority. This can ensure that the procedures remain in the start menu, and other procedures without interference, even if other procedures with a higher frequency of use as well. At the beginning of right-click on the menu at your favorite program of the link, and then the quick menu, select "attached to the 'start' menu". Your procedures will be permanently moved to the top of the list, just in the browser and e-mail program below.
5. Capslock to increase the signal
When the importation of Chinese will become inadvertently activated the Capslock uppercase English, to this key and a "signal" to assure more. Is: Open the "control panel" of "supporting option" and the "keyboard" items, select "the use of switch button".
How to lose weight for Windows XP
(1) Delete the file back-up system
In the system in the document "system32 \ dllcache" directory, nearly 250 MB of documents, which are Windows? XP system files backup. When Windows XP system files were replaced, delete or modify when, Windows XP can automatically extracted from the corresponding reduction system files, thus ensuring stability of the system. The folder can not be deleted, but the command prompt, enter Sfc.exe / purgecache removal order.
(2) Delete the backup drive
Delete Windows XP system directory "driver cache \ i386" directory of Driver.cab document, the document maintains the backup hardware drivers, under normal circumstances without the use of. Even need to install new hardware, you can install the Windows XP CD-ROM drive can be inserted.
(3) to delete unwanted input method
In "Windows \ ime \" folder preservation input relevant documents, including the Chinese, Japanese, Korean input method for most of us are of no use, we can be "chtime", "imjp8_1", " imkr6_1 "delete the directory of the three, they are English, Japanese, Korean input method, so that we can save 80 MB of hard disk space.
(4) to delete files
In the use of Windows XP with the help of the initial system is very useful, but as more and more familiar with the system, the document will help more and more redundant, could be considered at this time to delete it. XP's help files are stored in the system installation directory under the Help folder, may be under the directory of all documents and deleted.
2. Systems to reduce the use of hard disk space
(1) Turn off System Restore
Computer System Restore can return to an earlier time (that restore points) and not lose our most recent work, but the use of the Shijianyizhang, it will use up a lot of hard disk space. There is a need to set up their hand to drive less overhead.
Open "System Properties" dialog box, select the dialog in the "System Restore" tab, select "in all drive on the Turn off System Restore" box to turn off System Restore. If we do not close the System Restore feature that only system where the disk or partition set reduction. The first choice of the district system, click the "targeted" button, the pop-up dialog abolish the "close this drive's System Restore" option, and set up systems for the reduction of disk space.
(2) support the closure of dormancy
Dormancy function will occupy a lot of hard disk space, if you use less may be a total closure of the closure is: open the "Control Panel", double-click on the "Power Options" in the pop-up "Power Options Properties" Dialog box, select "dormant" tab, abolish the "opening of dormancy" box.
(3) reduce or prohibit the virtual memory
The system's physical memory more, you can consider reducing the value of virtual memory or even cancel virtual memory, with 512 MB physical memory may be virtual memory set to half of physical memory, 256 MB, If you have a 1 GB physical memory you can cancel virtual Memory.
Virtual Memory settings see the way in front of a "reasonable set of virtual memory pages".
3. Remove temporary files
(1) removal of temporary file system
General System of temporary files stored in two locations: a Windows installation directory under the Temp folder and the other is the X: \ Documents and Settings \ "user name" \ Local Settings \ Temp folder (X: where the system is Division). The location of these two documents can be deleted.
(2) removal of temporary Internet files
Shijianyizhang the Internet will have a large number of temporary Internet files, delete a regular basis will save a lot of hard disk space.
Open IE browser, from the "Tools" menu, select "Internet Options" in the pop-up dialog box, select "General" tab, the "Internet temporary files" column click the "Delete Files" button and In the pop-up "Delete Files" dialog box, select "Delete all offline content" box, click "OK" button.
You can also take up the Temporary Internet files, disk installed in an acceptable range, in the "Internet temporary files" column click on "Settings" button and then "Settings" dialog (Figure) in the provision of temporary occupied by the document Of disk space, can also be Temporary Internet Files folder to another district, in order to reduce the system of the occupied area of the disk.
4.NTFS district in file compression
Windows XP NTFS Division of the document provides a file compression properties, to be effective in saving disk space.
NTFS in the district, choose to compress the file or folder, right-click the mouse, on the shortcut menu, select "Properties" order, and then "Properties" dialog "General" tab, click " Advanced "button, the new dialog" compression or encryption attribute "check the box" compression to save disk space content "box," OK, "you will find that document occupied by the disk space has been greatly reduced.
5. Removing Windows XP shared folder
"Shared folder", this folder in our use of the Working Group of useful, can not carry out any settings, directly to want to share the files on the shared folder on the line, but in practical applications, many people Do not need this function. We can modify the registry to prohibit this feature, to save disk space.
Open the Registry Editor, found: "HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ My Computer \ NameSpace \ DelegateFolders under the sub-key (59031 a47-3f72-44a7-89c5-5595fe6b30ee)", which will be the key to delete Can be. Before a good idea to delete the backup, or a note of this value, and when necessary in order to be immediately resumed.
Application of more Shunshou Win XP five running skills
The computer has become the daily life of learning necessary, so that people will increasingly inseparable from it, for the novice, how to make your computer to use more Shuxin, let your computer more in line with your own habits? «We take a look at the following skills:
1. Notepad automatically recorded in the file open time
In Notepad, we can open the records of each time a text file, the method is as follows: the first in which the line ". LOG" (Note: must be capitalized!) And then wrapped the body began. This opens up every time the document after the closure of the document will be automatically inserted after the current open the text of the time.
2. Tour website offline
A need for offline browsing the website has been opened, the traditional way in accordance with the order to open an online link to a link to find and open this page. Faster way is to this page Add to Favorites, after the offline mode from one of your favorites to this page.
In fact, this page for the establishment of a shortcut is the fastest way. In the browser's address bar, has opened at the front page has a small icon, holding down the mouse with a small icon and drag it to the desktop, and the next on the desktop can quickly browse the website of the offline .
You do not know the Win XP's five little secret
Windows XP has already launched nearly six years, we have been too familiar, then you know that the following five XP in secret? »Or, to know a few»
1.3D pellets Taiwan invincible Cheats
After launching the game in Jianpanshangqiao the "hidden test" (without the quotes), then you will find pellets will follow your mouse pointer and mobile, which would impact collision which, Xiangna issue is not more high. Also in the game press the "H" to be able to enter high score list, take a look at his scoring, wow 1 billion minutes! Press the "R" can be directly upgraded to "Navy second lieutenant."
2. Notepad strange phenomenon
Open notebook enter "Bush hid the facts" (Bush hide the truth), stored in reopening the text, if you use the Chinese version of XP you'll see a bunch of strange characters, "Liu Benren Mount Tiantou video seized Mongoose ", and in the English version of XP in the video was turned into a string of box. This should be compared more people know, there are several specific string Notepad will also appear this strange phenomenon.
3. Shortcut to shut down the computer
In the establishment of a new desktop shortcut, enter "shutdown-s-t 0", named after the preservation of the future as long as the double-click on the icon to quickly shut down the computer.
4.Windows XP hidden track
This music files in the location WINDOWS \ system32 \ oobe \ images, the need to Folder Options - View in check "Show all folders and files" and abolish the "Hide protected operating system files" to see. It is said to be Internet Explorer 3.0 CD to install the title of music.
5. "Solitaire air when" questions
After entering the game at the same time hold down the Ctrl + Shift + F10, in the pop-up menu tips, click the "termination" and then casually dragged a card in the above regions will be able to win immediately. In addition, the election of the importation of "-1", the licence will be obtained from small to large in the order, if you type "II", will be on the order of Congdadaoxiao.
Will how to choose suitable network firewall ?
Q: How to Select Network Firewall »
A: As for how to choose network firewall, I personally think we should select domestic brands. Domestic brands because of "localization" more thorough, to the domestic environment, the mainstream of the Trojans, worms, a good preventive role. Another point is the escalation, address fiber optic cable damage resulting from foreign software not be able to upgrade the incident, local firewall and antivirus software more secure .
Focus on network switches to an impenetrable security
How to filter user communications, safe and effective protection of data transmitted «how to stop the illegal users, network security protection of« how to conduct security network management, network to detect unauthorized users, illegal acts and remote network management of information security? »Here we sum up the 6 recent switch market on the security settings of some popular features, we want to help.
L2-L4-filtering
Now most of the new switches can be through the establishment of the rules the way to achieve various filter demand. There are two rules set pattern, a pattern is the MAC, according to user needs based on the source or destination MAC MAC effective data isolation, and the other is IP model, can be the source IP, purpose IP, agreement, the source of port And the purpose of port filtering data packets, establishing a good rule must be attached to the corresponding receive or send port, when the switch this port to receive or transmit data, according to the packet filtering rules to filter, the decision was transmitted or discarded . In addition, the switch hardware "logic and non-door" rules of filtering logic operation, and filtering rules established, do not affect data transmitting rate.
802.1X port-based access control
In order to prevent unauthorized users on the LAN access, protection of network security, port-based access control agreements 802.1 X in both wired LAN or WLAN in have been widely used. Such as Asus, such as the latest GigaX2024/2048 not support a new generation of switching products 802.1 X of the Local, RADIUS authentication methods, and support for the Dynamic VLAN 802.1 X access, that is, VLAN and 802.1 X on the basis of holding a user Account of both the users of the network where access will exceed the original 802.1 Q under the restrictions of Port-based VLAN, and this always access the account designated VLAN group, not only for this function within the network of mobile users The application of resources to provide the convenience and flexibility, while safeguarding the security of network resources; In addition, GigaX2024/2048 switches also support the 802.1 X Guest VLAN function, that is, 802.1 X applications, if the designated ports of the Guest VLAN This port of access if the user authentication failure or simply no user account, it will become a Guest VLAN members of the group can enjoy this group of the corresponding network resources, which can also function as a network application of certain groups Open the minimum resources, and for the whole network has provided one of the most external access security.
Traffic control (traffic control)
The flow-control switches can be prevented because the broadcast data packets, and multicast packet for the wrong purposes address unicast packet data flow caused by excessive bandwidth switch the abnormal load, and improve the overall system performance, maintain security and stability of the network run .
SNMP v3 and SSH
SNMP v3 security network management system to the new structure, the various versions of the SNMP standard concentrated together, thereby enhancing network management security. SNMP v3 the proposed security model is based on the user's security model, that is USM. USM news for the network management is based on encryption and authentication of users, specifically what agreements and key encryption and authentication by the user name (userNmae) authority engine identifier (EngineID) to decide (recommended encryption protocol CBCDES , Authentication protocol HMAC-MD5-96 and HMAC-SHA-96), through certification, encryption and time frames to provide data integrity, data source authentication, data confidentiality and time limits on news services, so as to effectively prevent non-authorized users in the management of information changes, Camouflage and eavesdropping.
As for the Telnet through the remote network management, Telnet services are due to a fatal weakness - it's clearly the way to transfer user name and password, so very easy to steal passwords of people with ulterior motives, has been attacked, but to use SSH Communications, Both user name and password is encrypted, effectively prevent the password of the eavesdropping, network management personnel for the security of remote network management.
Syslog and Watchdog
Switch Syslog logging can be a system error, system configuration, status changes, state periodic reports, the system set out the expectations of users, such as information transmitted to the log servers, network management staff based on the information grasp the operation of equipment, early detection of problems, Timely configuration settings and exclusive barrier to protect the security and stability of the network running.
Watchdog to set a timer, set at intervals of not restart the timer, then generate a resumption of internal CPU instructions to restart the equipment, this feature can switch failure or accidents in emergency situations when Intelligent automatic restart, the protection of the network running.
Two-image file
Some of the latest switch, like ASU SGigaX2024/2048 also has dual image files. This feature of protective equipment in exceptional circumstances (firmware upgrade failure, etc.) can still start the normal operation. File system and the mirror at majoy two parts preserved, if a file system damage or disruption, and a rewrite of its file system will, if the two documents systems are damaged, the equipment will remove the file system and to rewrite the factory The default settings to ensure that the security system up and running.
In fact, the recent emergence of some switching products in the security design of most of the work under the foot - layers of security, steadily filtering, try every means possible to the greatest extent possible insecurity excluded. If the majority of business users to take full advantage of these network security set up functions, a reasonable mix with, you can maximize the network to prevent the spread of the growing variety of attacks and abuse, is willing to your corporate network can be more solid since then security.
Win XP no longer appear to read and write memory errors
When we run the computer system in some capacity or larger game procedures, the system will automatically pop up often "xx memory can not be read or written" the errors, failures encountered such information, how can we be it Effectively ruled out, while ensuring that the next operating capacity of the larger program or game, the system will not happen again? System memory to read and write errors «In fact, when we encountered the unfortunate failure of the above information, we can try the following steps were Investigation:
Remove the invalid plug-ins
In the process of surfing the Internet, many plug-ins will be secretly installed on computer systems, and many plug-ins often have to delete the anti-function, these very easily with other plug-in application conflicts, thus indirectly System memory to read and write error caused the phenomenon. To those large-capacity applications or games to provide a clean, stable working environment, we have the best regular use similar security guardian of the 360 procedures, to see whether the system was secretly installed a variety of plug-ins to refuse invalid, Once found, it can direct them in a timely manner unloaded from the system clean.
Manual repair service
And operate the system memory to read and write the Windows Management Instrumentation service if the error occurred, it would also lead to system memory to read and write the wrong pop-up tips, so when we encountered such a mistake from time to time, you can try to repair manual Windows Management Instrumentation service The following is the specific steps to fix it:
First right-click the desktop systems in the "My Computer" icon, from the pop-up menu speedy implementation of "management" order to open the local system of computer management window, the window to the left of the display area, Followed by a "services and applications" / "service" option, the corresponding "service" option on the right side of the display area, find the Windows Management Instrumentation service, and right click on the service options, from bombs Quick menu to the implementation of the "attributes" order and opened the service as shown attributes set interface;
In the second set of interface "General" tab page, click "stop" button, Windows Management Instrumentation service will be temporarily suspended operations. , Open the computer systems of resource management window, the window were launched "Windows", "ssystem32", "wbem", "repository" folder, then "repository" folder window all the documents to back up , After the completion of the backup folder of all the contents of all removed;
Next, restart the computer system, the system started to be successful, the operation opened in front of Windows Management Instrumentation service attribute settings, click on the interface of the "start" button, I believe That way Windows Management Instrumentation service will be able to normal operation The.
If the computer system does not care or infected with the virus have taken place in Wushan Chu operation, and system memory to read and write to operate the system files are likely to be damaged, and once these system files were damaged, then we experience it is easy to read and write memory fault Tip of the. Therefore, once we met the wrong memory read and write when prompted, in accordance with the following steps may wish to repair the system and see whether there is damage to the system files:
The first to use the latest version of the antivirus software to the computer system to conduct a thorough virus killing operation, because the computer system once infected with the virus without the removal, even if we repair a system file, the virus may still continue to undermine the system file, so The timely use of anti-virus software to computer viruses in the removal of all clean, you can ensure that the system files will not continue to be the threat of the virus.
This was followed by using the system's own "sfc" orders, to try to damage the system files restored to its normal state. To repair the damaged system files, as long as the then click "Start" / "Run" commands, the system is running in the pop-up dialog box, enter the string order "sfc / scannow", click the enter key, the order The system will process every corner of the scanning system to search documents, found that once the system is not the correct version of the document or file system has been damaged, it can automatically pop-up tips interface requires us to insert the Windows installation CD-ROM system, to which Extraction of the normal system file is not normal to replace the system files, to achieve the purpose of repair system files. If the system repair operation to be successful, we believe that we restart the computer system, will not see what is a normal phenomenon.
The timely release of system memory
We know that in some operating procedures or the capacity of larger game, it needs to consume considerable resources of the system memory, if memory space is insufficient at this time, then read and write the wrong system memory failures prompted most likely will take place. In order to effectively avoid such an error, we run the best in the capacity of the larger program or game before, we should first restart the computer system so that system memory space can be fully released if the computer's memory space itself is relatively small, then , Then we suggest that the best time to upgrade memory, in order to expand the effective use of memory space, to prevent the system memory as a result of system memory to read and write the wrong occurred.
Of course, the system memory space of their own circumstances, we should start the first of those random antivirus software and related monitoring procedures for immediate temporary closure of swaps and then tried to run larger capacity applications or online games, because antivirus software and Related monitoring program will be to a certain extent, some of system memory consumption of resources, they will be shut down to save a lot of memory space, which can effectively avoid the phenomenon of memory read and write error occurred. Of course, it is worth noting that, we run End large-capacity, or after the game, we must also remember that in time will be related to the monitoring of all procedures to open.
How to Win XP slimming Ten Cool strokes
Is not that Windows XP is very cumbersome «do not have to worry about, in accordance with the following method allows you to become Slender some of the XP.
1. Delete system files backup sfc.exe / purgecache.
2. Delete drive backup windows / driver cache/i386 directory of Driver.cab documents (73 mb).
3. Cancellation System Restore.
4. Delete the Help file (cut more than 40 mb).
5. Delete / WINDOWS/system32/dllcache lower (minus 200 - 300 mb), which is a backup dll file, as long as you have already installed copy of the document is entirely possible to do so.
6. To my files, IE's temporary folder are transferred to other drives (district).
7. Virtual memory also go to the other drives.
8. Application software will be installed in the other hard drive (this is also good for heavy equipment systems).
9. Delete / windows / ime under no input method! (Japanese, Korean, Simplified Chinese input method, 84.5 MB)
10. Such as ntfs installed xp, save hard drive itself.
XP users to achieve more with a computer on the way
Step 1: The first is the Windows XP SP2 installed on the official version, according to conventional methods can be installed, will not repeat them here.
Step 2: prepare a version of SP2 earlier terminal server software (Build 2082 allegedly from the beginning of the function was prohibited, so the best use of previous versions), the Chinese test version of SP2 more difficult to find, I use the English version Build 2055, after the operation did not find any problems. You can http://www.msfn.org/board/index.php?s = 85a71ca2987c89886c99733154ae685f & act "target =" _blank "> http://www.msfn.org/board/index.php?s=8 .. . C99733154ae685f & act= Attach & type = post & id = 161513 download Build 2055 terminal server implementation document TermSrv.DLL. From this link to download the extension is a. DL_ the paper, you can put it into the extension ZIP file, and then use WinRAR untie it.
Step 3: Next, a security model launched Windows XP, if there are multiple operating systems, you can start to visit another area of the Windows XP system (unless the installation of a third-party software tools, otherwise not have access to NTFS Windows 98 points , Windows 98 may therefore useless). Then, inside the Windows XP SP2 version of the backup TermSrv.DLL all in all TermSrv.DLL document the location, with Build 2055 version of the TermSrv.DLL coverage. Usually, TermSrv.DLL appear in at least two locations, namely: \ Windows \ system32, \ Windows \ system32 \ dllcache. TermSrv.DLL have all the original places, using Build 2055 version of the TermSrv.DLL coverage.
Step 4: start with a normal mode of Windows XP, if the system of document protection tips that TermSrv.DLL document has been amended and asked if you want to recover, whether the choice.
Step 5: The last to modify the registry and increase the terminal server multi-user license. Given the relatively trouble modify the registry and prone to error, you can use the following approved an order amending the registry:
@ echo off
setlocal
set regkey = "HKLM \ SYSTEM \ CurrentControlSet \ Control \ Terminal Server \ Licensing Core"
reg add% regkey% / v EnableConcurrentSessions / T REG_DWORD / D 1 / f
endlocal
The above information will be awarded an order for the preservation of documents, such as AA.BAT, the implementation of the Double-click on it.
I do not recommend this practice, too bored lock, but also to allow resumption of the system. We can write a batch file do not have to re-starting the system to achieve more XP users landing, we first of all to understand one pair of first operation of the registry order parameters:
REG ADD KeyName [/ v ValueName / ve] [/ t Type] [/ s Separator] [/ d Data] [/ f]
KeyName [\ \ Machine \] FullKey
Machine remote machine name - ignore the default to the current machines. Remote machine
Only HKLM and HKU.
FullKey ROOTKEY \ SubKey
ROOTKEY [HKLM HKCU HKCR HKU HKCC]
SubKey selected ROOTKEY registry entries under the full name.
/ v under the option to add the value of.
/ ve added to the registry of the blank value (default).
/ t RegKey data types
[REG_SZ REG_MULTI_SZ REG_EXPAND_SZ
REG_DWORD REG_BINARY REG_NONE]
If ignored, the use of REG_SZ.
/ s designation of a string of data in the REG_MULTI_SZ for the separator characters
If ignored, they will be "\ 0" used as separator.
/ d should be allocated to add the registry ValueName data.
/ f tips on the force do not have to cover the existing registry entries.
For example:
REG ADD \ \ ABC \ HKLM \ Software \ MyCo
Add a remote machine ABC on a registry of HKLM \ Software \ MyCo
REG ADD HKLM \ Software \ MyCo / v Data / t REG_BINARY / d fe340ead
Add a value (name: Data, type: REG_BINARY, data: fe340ead)
REG ADD HKLM \ Software \ MyCo / v MRU / t REG_MULTI_SZ / d fax \ 0mail
Add a value (name: MRU, type: REG_MUTLI_SZ, data: fax \ 0mail \ 0 \ 0)
REG ADD HKLM \ Software \ MyCo / v Path / t REG_EXPAND_SZ / d ^% systemroot ^%
Add a value (name: Path, type: REG_EXPAND_SZ, data:% systemroot%)
Note: The expansion of the use of string insert symbols (^_^)
To enable system is not heavy, we can use this command shutdown-a.
According to the information found above, we can prepare a batch, and XP system more user-landing and not from the system.
Code is as follows:
@ echo off
@ net stop sharedaccess
@ ntsd-c q-p "pid"
@ reg add HKLM \ SOFTWARE \ Microsoft \ Windows "" NT \ CurrentVersion \ Winlogon / v KeepRASConnections / t REG_SZ / d 1 / f
@ reg add HKLM \ SYSTEM \ CurrentControlSet \ Control \ Terminal "" Server / v fDenyTSConnections / t REG_DWORD / d 00000000 / f
@ reg add HKLM \ SYSTEM \ CurrentControlSet \ control \ terminal "" server \ Licensing "" Core / v EnableConcurrentSessions / t REG_DWORD / d 00000001 / f
@ reg add HKLM \ SYSTEM \ CurrentControlSet \ Services \ TermService \ Parameters / v serviceDll / t REG_EXPAND_SZ / d% SystemRoot% \ system32 \ termsrvhack.dll / f
@ copy c: \ termsrvhack.dll c: \ windows \ system32 \ dllcache \ termsrvhack.dll
@ attrib + h + s + rc: \ windows \ system32 \ dllcache \ termsrvhack.dll
@ copy c: \ termsrvhack.dll c: \ windows \ system32 \ termsrvhack.dll
@ attrib + h + s + rc: \ windows \ system32 \ termsrvhack.dll
@ shutdown-a
@ del c: \ termsrvhack.dll
@ net start termservice
@ del c: \ 3389.bat
One "pid" is Yaoti TermService services into the PID, can be ordered tasklist / svc orders received. Of course win2000 and the following system is not tasklist orders.
Specific methods of operation are: first by the other side of a SHELL, then under the shell open with third-party software Terminal Services, the first not to change the default port of 3389, or to re-starting after the landing, to build a clone or a super-management Members of the user.
Next to download and good termsrvhack.dll batch reached the top of each other's C Pan-gen directory, and then run in the shell of this batch. Tip success!
Finally open landers, 3389 terminal landing!
Help to get you after landing inside the operation and the computer's owner is Hubuyingxiang the operation, he played his, you play you, Oh, cool cutting ?!
7 techniques to improve wireless network security settings
The use of a large number of wireless networks, it has also brought a wireless network security issues. As wireless networks different from the cable network node physical access control, wireless network security issues more worthy of our attention.
For those using the wireless network, we can click through several aspects of the wireless network set up to improve the security.
1. Close unauthorized access
Guarantee the safety of wireless access points, the key is to prohibit unauthorized users access the network. In other words, the safety of access points to non-authorized users are closed.
2. Where to place the antenna
Wireless access points so that the first step in maintaining the closure is the right place the antenna, thus limiting the scope to reach the effective antenna signal of. Do not place the antenna near a window, because the glass can not stop the wireless signal. Antenna placement is the ideal goal of covering the central region, and leaked to the wall as far as possible the signal less. However, the full control of the wireless signal is almost impossible, therefore, need to take other measures to ensure network security.
3. The use of wireless encryption protocol
Wireless encryption protocol (WEP) wireless network is encrypted information on a standard method.
4. Change the service set identifier and SSID broadcasting ban
Service Set Identifier (SSID) is the identity of wireless access identifier, users and use it to establish a link between access points. This is the identifier as communications equipment manufacturers settings and each manufacturers have used their default values. You need to give you every wireless access point to set up a unique and difficult to speculate the SSID.
5. Disable Dynamic Host Configuration Protocol
This is like a strange security strategy, but the wireless network, it is justified. Through this strategy, you will force the hacker to crack your IP address, subnet mask, and other necessary TCP / IP parameters. Even if hackers can use your wireless access point, he will also need to know your IP address.
6. SNMP settings to disable or modify
If you have a wireless access point support SNMP, then you need to disable it or change the default public and private identifiers. If you do not do so, hackers will be able to use SNMP on your network access to important information.
7. The use of a list
To better protect your network, as far as possible to set up a visit to the list. However, not all wireless access points support this feature. If you can do so, you can specify a certain machine has access to access points. Support the function of access points sometimes use TFTP (simple file transfer protocol) to download updated regularly visit the list, thus avoiding the need to list all the equipment to keep pace on the management of the enormous trouble.
Wireless network optimization of the four typical cases
1. Gigabit Ethernet technology advantages
In LAN in order to maintain a diameter of 200 m the greatest regional impact, the smallest CSMA / CD-carrier, Ethernet-time from the current 512-bit extended to 512 bytes (4096 bits), the smallest packet size at 64 characters Festival. Expansion of the carrier does not modify the minimum size of the package solution under the conditions of the CSMA / CD inherent in the timing issue. Although these changes may affect the performance of small packets, but this impact has been CSM / CD algorithm called packet sudden offset by the transfer of properties. Gigabit Ethernet the biggest advantages is that its existing Ethernet compatibility.
With 100 M Ethernet, Gigabit Ethernet and 10 M using the same Ethernet frame format and frame size, and the same CSMA / CD agreement. This means that the majority of the Ethernet users of the existing Ethernet smooth, without interruption of the upgrade, but without adding additional protocol stack or middleware. At the same time, Gigabit Ethernet also inherited the Ethernet other advantages, such as high reliability and easy management.
Compared to other Gigabit Ethernet technology has the advantages of large bandwidth, and still has room for development, the standards body is developing 10 G Ethernet technical specifications and standards. At the same time frame based on Ethernet and IP-layer priority control mechanism and protocol standards and various support QoS technologies matured, to implement the requirements of a better quality of service provided the basis for the application. With fiber optic transmission manufacturing and technological progress, Gigabit Ethernet transmission distance up to 100 kilometers, which makes its construction of MAN and has gradually become a wide-area network technology options.
The main advantage of using Gigabit Ethernet is: Gigabit Ethernet will provide 10 times the performance of Fast Ethernet and 10/100 Ethernet with the existing standards-compliant. At the same time 10/100/1000 Mbps for the development of the virtual network standards 802.1 Q and 802.1 p priority standards have been promoting, Gigabit network backbone network has become a mainstream technology.
June 1998 have been developed to complete the first Gigabit Ethernet standard 802.3 to use optical fiber cable and copper cable short-range target of full-duplex link. For half-duplex and long-range copper cable standards 802.3 ab introduced in 1999.
Gigabit Ethernet will provide the perfect way to transfer the full protection of the existing network infrastructure investment. Gigabit Ethernet will retain 802.3 and 802.3 Ethernet frame format and the management of the target specifications, which will enable enterprises to upgrade to Gigabit performance, while retaining the existing cable, the operating system, the agreement, desktop Applications and network management strategies and tools.
Gigabit Ethernet compared to the original Fast Ethernet, FDDI, ATM and other network solutions, providing an alternative to improve exchanges between the backbone and switches and connections between switches and servers connected to a reliable and economic way . Web designers will be able to establish an effective use of high-speed, mission-critical applications and file backup of high-speed infrastructure. Network management will provide users with the Internet, Intranet, metro and wide area network of more rapid access.
Gigabit products provider, has a complete line of Gigabit Ethernet products, can fit user needs to provide a complete solution. From the core network backbone switches to the edge of the client server Gigabit access, a user needs for the design of high-performance products. Gigabit Ethernet switch deployment, is a very impressive technology. At present, many manufacturers switch to Level 2 and Level 3 exchanged exchange into one, regardless of the exchange or routing, will provide at least 10 million pps the forward rate, and even some products can reach 20 million pps. These high-performance characteristics of the Intranet has been speaking it is very important, because the traditional law of nature LAN traffic 80/20 (80% of the working group in the local traffic network and 20 percent of the traffic flows backbone network) is already outdated.
Gigabit Ethernet high-speed multi-packet forwarding capability is Gigabit Ethernet technology can provide the best example of the strong price performance. In addition, Gigabit Ethernet networking technology to reduce the long-term cost of ownership is also of great benefit.
2. Gigabit network switching technology
From the beginning of the end of 1996, some companies have introduced integrated Layer 2 switching and routing of Layer 3 switching products, the technology called "multi-layer exchange (multilayer switching)". It Layer 2 switching technology to increase the routing of services and support the choice of broadcast and multicast suppression, and VLAN support VLAN between the transmitted data packets and firewall features full support for TCP / IP and IPX routing.
After nearly four years of development, these features have been constantly improved and strengthened, making multi-layer switch router than the traditional price-performance than the 8-16 times. The switch to a new generation of multi-Gigabit Ethernet switching technology as the core, can provide a more attractive price-performance, is the sector-level network and data center network to replace traditional routers can provide the ideal of multi-exchange Switches. At the same time, its direct transmission distance has now reached 130 km, can achieve a Gigabit Ethernet as the backbone of the enterprise LAN backbone transmission rate to 2 Gbps (full-duplex mode).
Promoting technological development of the main factors to promote the exchange of high-speed multi-technology development is the biggest factor used cheap 10/100 M adaptive card of the large number of Internet and Intranet deployment. At present the network has been away from the traditional c / s calculations from the more hierarchical structure, the traditional c / s model of the 80/20 rule has become the flow of the past. In the network design, the traditional router and Hub Layer 2 switches or the network deployment model will also become history.
In addition, Intranet support more complex and bandwidth-sensitive multimedia data streams, such as data, documents, images, animation, sound and video. An Intranet end-users at least the bandwidth requirements of non-Intranet users and more than 50% to 100%. At the same time, broadband access has become a trend.
Another noteworthy problem is, to provide users with Fast Ethernet connections can provide more bandwidth cushion to deal with unexpected traffic, it is 10 BASE-T technologies second to none. IP sudden flow is one of the characteristics of network applications. Low-cost and high-bandwidth makes Fast Ethernet regardless of the client or the server side have been widely used.
In order to non-blocking traffic flow and the ability to handle unexpected strike a balance between the need to provide next-generation switch platform above the request of users connected to 8 to 16 times the rate of the trunk link, and to Gigabit Ethernet is to meet the trunk Client's Fast Ethernet connectivity service requests. This is sufficient to handle unexpected flow is very important.
At the same time, the campus network or MAN, whether across several network layer, the random Intranet traffic required to provide end-to-end, high-performance continued unchanged. To achieve this, in a switch from a high-performance level 2 and 3 of the transponder capacity is the only solution.
Non-blocking ability and have a choice of forwarding is the main user demand. And all kinds of very effective network management tool enables network administrators to effectively and efficiently into their business strategy forward in the engine, its performance through real-time monitoring network management software. This will fundamentally help users under the company's short-and long-term business development need to identify and deliver the necessary services. A new generation of Gigabit Ethernet switches to support these features and services, but also support a common routing protocol, such as IP / RIP or IP / OSPF, and so on. This greatly reduced the complexity of network equipment.
3. Network design objectives and principles
The high-performance network systems meet the requirements of the core network switches Centre massive data exchange requirements, even the center of communication link bandwidth of the network to meet the performance requirements. Whether the enterprise network or MAN, WAN, the information on its applications are at an unprecedented pace, with new multimedia applications and new data applications on a higher bandwidth requirements. To corporate Intranet network commonly used model, its WWW server, FTP server, Lotus Notes groupware application server, Novell Server and other server group supports the entire enterprise information service environment. Enterprise customers all departments client application software, network access through the centre servers, application requests, query the database. The network traffic load from the brink of major equipment to the core data exchange, with corporate business development, size of network expansion, and the application of the exchange of information increased, making the corporate network usually occur first in the core communication bottlenecks. Improve enterprise campus LAN network performance data exchange, is often the first to expand the exchange of core switches, equipment to increase the edge of the core data communication bandwidth, in order to reduce the bottleneck of the network, making application performance and efficiency is improved. So in designing enterprise campus LAN principle, it should first meet to consider the scale of network equipment required by the core data exchange capacity and equipment to the edge of the core link bandwidth.
3.1 reliability and availability
Network system design of equipment and high-reliability high-availability systems; asked all the key components of the core switches can achieve redundancy, online replacement (plug), the fault recovery time interval in the second grade to be completed. Multi-level fault-tolerant design is based on a single high-reliability equipment on the basis of further improve system availability.
On enterprise applications, through its advanced computer, networking and other information technology, production process automation, paperless office automation and improve the company's production, management efficiency and level. Support for enterprise application infrastructure is the business park network, it will directly affect the working conditions of office applications to the corporate environment, trade, production, development, design and other business environment, financial management, parts management, environment, information retrieval and database query , Internet browsing and other business support services necessary to the normal operation of the facilities function. Network reliability requirement is to protect the enterprise application environment of the primary condition for normal operation, reliability of the network requirements for high-availability network. The choice of network equipment, especially the core chassis of equipment, should be able to configure redundant components, key components of a single point of failure does not exist, that is, like power switches, fans, the exchange of engine management module of these components can be redundant backup One of the components of any damage will not affect the normal operation of equipment, will not affect network connectivity. To provide network equipment reliability, fault-tolerant Another requirement is the replacement of equipment damaged parts, do not need downtime, does not require replacement parts after the restart, which means the replacement parts operations can be conducted online, this can reduce the time to shutdown To the minimum. In the design of the principle of enterprise campus networks to improve network reliability, high availability principle is essential, not only requires the components redundant equipment, also urged the network link redundancy, can combine the physical layer, and link layer The third layer technology to ensure that the network may at any time and any place to provide access to information services.
3.2 scalability
The scalable network design requirements, including the switching hardware and network capacity expansion of the implementation of the new application capabilities. Core switches flexible scalability requirements: core switches should have the flexibility to expand port capacity expansion module capacity to meet the network expansion of the scale, while improving performance and meet more high-performance requirements. The ability to support new applications: products with new applications to support the technical preparation, the structure can be quickly and easily implement new applications.
3.3 scale with users
In the design of the network programme, the first is the size of the existing network to meet the needs of users, taking into account future business development, the expansion of the scale, the network should be designed with a flexible user port expansion capability. Core equipment is the hub of the network, users of the port expansion, the need for additional wiring between the edge of the Working Group of equipment, increase the edge of the equipment at the same time, the equipment required to connect the core backbone of the corresponding increase in the number of ports, the core equipment should be able to increase module To increase flexibility in the number of ports. Core of the chassis design should have a strong backplane bandwidth, more than enough slots load capacity. The switch, the core of the exchange of engine configuration should be able to meet the largest, non-blocking the port for the exchange of data packets, the expansion module does not affect the exchange of properties. Distributed by the exchange structure is to achieve the best solution to this principle, distributed switch structure to achieve the exchange of data switches parallel processing, optimizing the performance of the network, the local exchange and the exchange of the overall integration of distributed architecture to reduce the exchange of core engine The pressure. So in the design of large-scale complex network of distributed widely adopted in principle to achieve a flexible, modular switches, expansion of port capacity.
3.4 Security
Network security of the network design is very important, reasonable network security control, so that the information in the application of environmental resources and effective protection can effectively control network access and flexible implementation of network security control strategy. In the enterprise campus network, the key application servers, core network equipment, system administrators can only operate, control the power. Application client only permission to visit the sharing of resources, the network should be able to prevent any illegal operations. Network equipment in the park should be based on the agreement, based on the Mac address, based on the IP address of the packet filter control. Large-scale network in the design of the park, the son of virtual network, on the one hand can be effective isolation of the large number of broadcast network, on the other hand isolation between the sub-network communications, control access to resources, improve network security Sexual. Net in the design of the park must be stressed that the principle of network security control, so that network can be connected, but also from the second tier, third tier control network access.
3.5 manageability
Network manageability requirements: any equipment in the network can be adopted to control network management platform, network equipment, and failure by the police and so on network management platform to monitor, through the network management platform to simplify management, improve network management Efficiency.
In network design, select advanced network management software is essential. Network management software for network equipment configuration, network topology, the status of network equipment, network equipment failure incident alarm, as well as statistical analysis of network traffic, such as billing. Network management software applications can improve the efficiency of network management, network management staff to reduce the burden. Network management objective is to achieve zero-management, policy-based management, network management is through the development of a unified strategy by the management strategy for the overall control of the server. Web-based network management interface, is the development trend of network management software, flexible way to streamline the operation of the management staff. In the design of the park on the choice of network equipment for network equipment to support standard network management protocol SNMP, while supporting RMON / RMONII agreement, the core equipment requirements to support RAP (long-range analysis of port) agreement, the full implementation of the network management capabilities. In the design of the park on the principle of network equipment should be required to management, while advanced network management software can support network maintenance, monitoring, configuration, and other functions.
3.6 of the standard agreement
The adoption of network equipment technology and support standard protocol: a standard agreement to protect the user's investment, improve the interoperability of equipment. Network design used by the equipment require the use of mainstream technology, development of standard protocols, has good interoperability, the same manufacturers can support the different products, different manufacturers of products between the connected and seamless communication. In the design of the park network in principle, play different manufacturers products for advanced technology at the same time, we must emphasize the technical inspection equipment, the standard agreement, to reduce the problem of interconnection equipment, network maintenance costs, so that the user's investment has been effectively protected.
Consideration should be given the choice of whether the equipment can be upgraded, the new standards in the future, the system should be able to upgrade to the new standards. Thus focus on product manufacturers in the corresponding products and technologies in the field position and the ability to participate in standardization.
In today's world, communication technology and the rapid development of computer technology. Network design it is necessary to adapt to the trend of development of new technologies to ensure that the advanced nature of the system, we must take into account the technical maturity and lower because of new technologies and new products brought about by the premature risk factors.
4. Campus Network Solutions
Gigabit Ethernet the biggest advantages is that its existing Ethernet compatibility. With 100 M Ethernet, Gigabit Ethernet and 10 M using the same Ethernet frame format and frame size, and the same CSMA / CD agreement. This means that the majority of the Ethernet users of the existing Ethernet smooth, without interruption of the upgrade, but without adding additional protocol stack or middleware. At the same time, Gigabit Ethernet also inherited the Ethernet other advantages, such as high reliability and easy management. Backbone network in the park, now gradually occupy a major position.
Application of the campus network as a feature of most of the delay and bandwidth less sensitive, through TCP / IP "slow start" mechanism for automatic identification delay the changes, and dynamically adapt to the bandwidth provided by the TCP, and some business applications require real-time transmission Support, QoS service guarantee. This part of the current proportion of small, with teaching methods to speed up the process of modernization, multimedia courseware tools gradually universal, the gradual rich multimedia courseware, the proportion is expected to gradually increase. IP network transmission of real-time business is the main bottleneck routers used to identify routing software, computing and packet forwarding, routing due recognition, slow the speed of data transmitted, delay and delay jitter, can not guarantee quality of service (QoS ). Since the second half of 1997, some companies have launched a dedicated hardware circuit (ASIC) for routing identification, calculation and forwarding the new wire-speed routing switches. This wire-speed routing switches with the structure similar to L2 switches, routers both L3 and L2 packet forwarding function of the exchange, some of which include some manufacturers are still L4 application-level functions.
In the packet-switched IP network to provide QoS, the service must be classified, exercise classified service (CoS). Equipment manufacturers ensure that the general use of congestion management network performance, for a number of special operations to provide the bandwidth. One approach is to use RED (Random Early loss) detection and identification smart flow of transient surge, and its real distinction between the network congestion, so as to avoid network congestion. IP through from Baotou in the IPv4 services classification logo (TOS) to identify type of service (802.1 P), established that the data flow of priority, and in accordance with a priority queue algorithm to ensure that the QoS capabilities. You can also use Access Control List (ACL) definition of strategy, determine the priority of data flow. With advances in technology, predictable, high-speed IP network QoS on the ability to reach FR / ATM network similar level.
Comparative analysis of the market in a variety of L2/L3/L4 wire-speed routing switch performance, price, service on the basis of choice of the United States Lucent (Lucent)'s Cajun P550R Routing Switch a total of 11, as the campus network backbone switches. Its main technical, performance indicators are:
Backplane capacity of 45.76 Gbps
The exchange of 22.88 Gbps throughput capacity
No. 2-exchange capacity of 33,000,000 pps
Article 3 of the exchange capacity of 18,000,000 pps
A variety of L2/L3 interface module
Redundant fans, power
OpenTrunk / VLAN interoperability
CoS / QoS / RSVP support
In network design, the switch between the trunk through the Gigabit Ethernet interconnect. All switches are configuration exchange L3 engine, the implementation of distributed routing strategies, thereby reducing the Centre switches L3 routing analysis, the packets transmitted pressure and control the scope of broadcasting domain. Network design and equipment in the distribution of careful consideration of the lines and routing equipment and the physical and logical redundancy, network server group Center firewall settings and security policies.
