Saturday, October 23, 2010

On the implementation of financial knowledge in the use of



At present, due to legal factors and social factors, resulting in the implementation of a number of cases is difficult. "Implementation of the difficult" is not only the focus of people's attention is also very concerned about the issue of the CPC Central Committee. To this end, the CPC Central Committee issued a document only, and in the Party Congress report expressly propose solutions to implementation difficulties, people's courts at all levels are actively exploring effective ways to solve this problem. Recently, the Central Political and Law Commission has issued a notice, the Supreme Court has also held a teleconference to require centralized clearing backlog, and earnestly safeguard the legitimate rights and interests of judicial authority. Although the author is a Court of accountants, but several times with the participation in the implementation, well aware of accounting expertise in the implementation of the role, therefore, their accountants from a court perspective, talk about the implementation of the case in the query, frozen , seizure of property during the parties, the use of financial expertise, analysis of individual cases, identify the debtor's funds in the banking activities, improve the implementation of effective case.

First, analysis of debtor bank deposit account, underlines a "living" character.

For those in the implementation of the ability to fulfill obligations to perform or attempt to evade the parties, the first task is to find out the status of their property. In particular, find out their bank account, through the identification of debtor's bank deposits, bank conditions, for prompt. Due to "local protection," and the impact of administrative intervention, a number of local banks to keep a debtor and inextricably linked, man-made barriers for implementation. Therefore, the implementation of the other executive officers, other than master the art of things, the use of financial and auditing expertise to check status of debtor bank deposits is especially important.

Two types of bank accounts of enterprises. One is the basic account, and the other is a special account.鍩烘湰鎴锋槸浼佷笟渚涖?浜с?閿?笓鎴凤紝鏄紒涓氳祫閲戞祦杩涘拰娴佸嚭鐨勪富瑕佽处鎴凤紝涔熸槸浼佷笟鍞竴鎻愬彇鐜伴噾鐨勮处鎴凤紝鏌ユ竻浜嗚鎵ц浜虹殑鍩烘湰璐︽埛锛屽氨鍙栧緱浜嗘墽琛屽伐浣滅殑涓诲姩鏉冦?涓撴埛鏄紒涓氱殑涓撻」璧勯噾鐨勮处鎴凤紝鍦ㄦ煡璇㈠伐浣滀腑瑕佸涓撴埛杩涜鍒嗘瀽锛屼綔鍑烘纭垽鏂紝鎽告竻涓撻」璧勯噾鐨勬潵榫欏幓鑴夛紝鏃㈤伩鍏嶇洸鐩喕缁撲紒涓氳处鎴烽?鎴愪笉鍒╁奖鍝嶏紝鍚屾椂鍙堣兘鍑嗙‘鎺屾彙琚墽琛屼汉鐨勮祫閲戠姸鍐碉紝閫傛椂閲囧彇鍐荤粨锛屼负鎵ц宸ヤ綔鎵撲笅鍩虹銆?br />
聽聽聽 渚嬪锛氬湪閰嶅悎鎴戦櫌鎵ц涓浗寤鸿鏌愬崟浣嶆嫋娆犻拱娼槻鑵愭潗鏂欏巶鏉愭枡娆句竴妗堜腑锛岃鎵ц鍗曚綅鎷掍笉閰嶅悎鎵ц宸ヤ綔锛屾垜闄緷娉曟悳鏌ヤ簡琚墽琛屼汉璐㈠姟瀹わ紝瑕佹眰璇ュ崟浣嶈储鍔′汉鍛樻彁渚涢摱琛屾棩璁板笎銆佺幇閲戞棩璁板笎鍜屽叾缁忔祹涓氬姟寰?潵鐩稿叧鐨勮储鍔″師濮嬪嚟璇侊紝浠ヤ究鎽告竻琚墽琛屽崟浣嶇殑璧勯噾鏉ュ線鎯呭喌鍜岀浉鍏抽摱琛屽笎鎴枫?缁忚繃鎴戜滑璁ょ湡鏍稿琚墽琛屽崟浣嶉摱琛屾棩璁板笎銆佺幇閲戞棩璁板笎鍜屽線鏉ヨ处鎴风殑鍘熷鍑瘉锛屾煡鍑鸿鎵ц浜虹殑閾惰璐︽埛鍗佸嚑涓紝涓旇澶氬師濮嬪嚟璇侀兘涓庡叾涓竴涓摱琛岃处鍙疯仈绯诲瘑鍒囷紝骞舵湁澶ч噺鐜伴噾杩涘嚭銆備簬鏄紝鎴戜滑纭畾璇ヨ处鎴蜂负琚墽琛屽崟浣嶅熀鏈处鎴枫?鎴戜滑浠ユ璐︽埛涓虹獊鐮村彛锛屼緷娉曞璇ヨ处鎴疯繘琛屾煡璇紝骞惰閾惰鎵撳嵃璇ヨ处鎴峰甯愬崟锛岄?杩囧闃呴摱琛屽甯愬崟锛屽彂鐜拌閾惰甯愬彿璧勯噾鏉ュ線棰戠箒锛岀敱浜庤璐︽埛褰撴棩瀛樻閲戦杈冨皯锛屼笌鎵ц鏍囩殑鐩稿樊寰堝ぇ锛屼负浜嗙ǔ浣忚鎵ц浜猴紝鎴戜滑娆叉搾鏁呯旱锛屾殏鏈喕缁撹璐︽埛銆傚嚑澶╁悗锛屾垜浠張涓?鏌ヨ璇ヨ处鎴凤紝缁撴灉锛岃璐︽埛鏂拌繘璧勯噾涓?櫨澶氫竾鍏冿紝鎵ц浜哄憳绔嬪嵆渚濇硶瀵硅璐︽埛杩涜浜嗗喕缁擄紝姝や妇浣挎湰妗堥『鍒╂墽缁擄紝

聽聽聽 浜屻?鏌ョ湅閾惰鎻愪緵鐨勫悇绉嶅崟鎹紝绐佸嚭涓?釜鈥滅粏鈥濆瓧銆傛墽琛屽伐浣滄槸鑹拌嫤缁嗚嚧鐨勫伐浣滐紝鐗瑰埆鏄湪鏌ョ湅閾惰鍗曟嵁鏃讹紝瑕佹兂鍙栧緱鏈?匠鎵ц鏁堟灉锛屽繀椤荤獊鍑轰竴涓?缁嗏?瀛椼?鐗瑰埆褰撴湁鐨勯摱琛屼笉浜堥厤鍚堟椂锛岃瀵硅鎵ц鍗曚綅鐨勫悇绉嶉摱琛屽師濮嬪嚟璇佽鐪熶粩缁嗘煡鐪嬶紝浠庝腑鍙戠幇闂锛屾壘鍒扮獊鐮村彛銆?br />
聽聽聽 渚嬪锛氬湪閰嶅悎鎴戦櫌鎵ц娴庢簮鏌愬崟浣嶆嫋娆犻儜宸炴煇鍏徃璐ф鏃讹紝鐢变簬鍦版柟淇濇姢涓讳箟涓ラ噸锛屽姞涔嬭鍗曚綅涓庨摱琛屽叧绯诲瘑鍒囷紝鍦ㄥ垝鎷ㄨ浼佷笟閾惰璧勯噾鏃讹紝閾惰鏋佷笉閰嶅悎锛岃嚧浣垮垝鎷ㄩ?鐭ヤ笅鍙戝崐涓湀锛岄摱琛屼粛鏈垝鎷ㄣ?鎴戜滑鍐嶆鍒伴摱琛屾煡璇㈠垝鎷ㄦ儏鍐垫椂锛岄摱琛屽0绉板凡鍒掓嫧锛屽苟鍚戞垜浠嚭绀轰簡鐢垫眹鍘熷鍑瘉銆傚埄鐢ㄨ嚜宸辨帉鎻$殑閾惰绁ㄦ嵁鐭ヨ瘑锛屽璇ョ數姹囧師濮嬪嚟璇佽繘琛岃瀵熴?涓嶄粩缁嗙湅锛岃绁ㄦ嵁鍐呭瀹屾暣锛屾墜缁綈鍏紝鍗扮珷娓呮櫚銆傜粡浠旂粏瀵熺湅锛屽彂鐜颁袱涓枒鐐癸紝涓?槸鍑瘉鍗扮珷鏄垰鐩栦笂鐨勶紝鍗拌抗杩樻湭骞层?浜屾槸鍔犵洊鍗扮珷鏃堕棿鏄綋鏃ョ殑锛屼笌鐢垫眹绁ㄦ嵁姹囧嚭鏃堕棿涓嶇銆備簬鏄氨鍚戦摱琛屽伐浣滀汉鍛樻彁鍑鸿川鐤戯紝鍦ㄨ瘉鎹潰鍓嶏紝閾惰宸ヤ綔浜哄憳鎵胯璇ュ嚟璇佹槸閾惰棰嗗鎺堟剰浼?鐨勩?鎵ц浜哄憳褰撳嵆瀵归摱琛岄瀵艰繘琛屾硶鍒舵暀鑲诧紝鎸囧嚭浠栦滑鐨勮涓哄凡娑夊珜濡ㄧ鍏姟锛岃琛岄瀵兼壙璁や簡閿欒锛屽苟褰撳嵆灏嗚娆炬眹鑷虫垜闄㈡寚瀹氶摱琛岃处鎴凤紝浣胯妗堝緱浠ユ墽缁撱?

聽聽聽 涓夈?鍦ㄦ煡灏佽鎵ц浜鸿储浜ф椂瑕佸仛鍒扮溂瑙傚叚璺紝鍔涙眰涓?釜鈥滃噯鈥濆瓧銆傛墽琛岀幇鍦虹幆澧冨鏉傦紝鐗瑰埆鏄湁鏃跺湪绐佸嚮鎵ц鏃讹紝琚墽琛屼汉甯稿父浼氳秮鎵ц浜哄憳涓嶅闅愬尶璐骇锛屾垨閲囧彇涓?簺鍏朵粬鎵嬫閫冮伩鎵ц銆傚洜姝わ紝鍦ㄦ墽琛屾椂锛岃鐪艰鍏矾锛岃?鍚叓鏂癸紝涓嶄粎涓嶆斁杩囦换浣曞彲鐤戜箣澶勶紝鑰屼笖杩樿浠旂粏瑙傚療姣忎釜琚墽琛屼汉鐨勮█琛岋紝浠庝腑鍙戠幇鐮寸唤銆傚湪瀵逛簨涓氬崟浣嶆墽琛屾椂锛岀敱浜庝簨涓氬崟浣嶇殑鐗规畩鎬э紝鍙兘鎵ц鍏堕绠楀璧勯噾銆傚洜姝わ紝鎵ц棰勭畻澶栬祫閲戦毦搴︽洿澶с?

聽聽聽 渚嬪锛氬湪閰嶅悎鎴戦櫌瀵归儜宸炴煇鍗曚綅锛堣鍗曚綅绯讳簨涓氬崟浣嶏級璐㈠姟瀹ゆ煡灏佹椂锛岃鍗曚綅璐㈠姟浜哄憳鏋佷笉閰嶅悎銆備负浜嗘煡娓呰鍗曚綅棰勭畻澶栬祫閲戦摱琛屽紑鎴锋儏鍐碉紝鎴戝璇ュ崟浣嶅師濮嬪嚟璇佽繘琛屽叏闈㈠鏍革紝涓嶆斁杩囦换浣曚竴寮犲嚟璇侊紝鍦ㄤ竴寮犺鍗曚綅鐢佃瘽鎵樻敹鍗曚笂锛屽彂鐜拌鍗曚綅鐨勯绠楀璐︽埛銆備簬鏄紝鎵ц浜哄憳鍏靛垎涓よ矾锛屼竴閮ㄥ垎浜哄憳鍒伴摱琛岃繘琛屾煡璇?鍐荤粨锛屼竴閮ㄥ垎浜哄憳缁х画瀹℃牳鍑瘉銆傝鎵ц鍗曚綅璐㈠姟浜哄憳瓒佹墽琛屼汉鍛樺鍘熷鍗曟嵁瀹℃牳鏃讹紝涓轰簡杞Щ璐骇锛屾倓鎮勫湴灏嗚鍗曚綅鐨勫瓨鎶樿鍏ヨ¥鍏滃唴锛岀敱浜庢垜瀵逛粬浠嚑涓汉鐨勮涓烘棭鏈夋敞鎰忥紝姝ゆ儏鑺傛濂借鎴戝彂鐜帮紝闅忓嵆鍛婅瘔鎵ц浜哄憳锛岀粡瀵瑰叾杩涜娉曞埗鏁欒偛锛屼娇鍏朵氦鍑虹殑钘忓尶鐨勫瓨鎶橈紝鍚屾椂锛屾墽琛屾煡璇?鍐荤粨鐨勪汉鍛樹篃浼犳潵濂芥秷鎭紝鏌ュ嚭浜嗚鍗曚綅鐨勯绠楀閾惰瀛樻锛屽苟鍐荤粨浜嗚璇ヨ处鍙凤紝妗堜欢椤哄埄鎵х粨銆?br />






相关链接:



Pocket Electronic Translator As Our Assistant



MINIATURE GPS UK listed on its mixed people



Using Visual Basic's Timer Control



MKV to Zune



Higher Heat Blow, "Kabbah Wind" Paper Submitted Until 15th Of The Month



3GP TO AVI



Lack of 3G To break the bottleneck of domestic terminal



SWF To MPEG4



Install And Setup comments



Great WAY to circumvent the procurement risk



Submarine earthquake bad MII officials pushing CN domain name



U.S. online travel nearly 50% share



Patriot Mp3 Fashion Stakes



Hot Nature - Screen Savers



Simple Music Composers



Wednesday, October 20, 2010

The new VPN strength



VPN, there is not overnight, from IPSec to SSL, VPN through a lot of technology evolution. However, the nature of any security technology is applied. The VPN and enterprise business integration, and promote enterprise border security, while business development to the edge of the external supply chain integration, which will promote the evolution of a new round of VPN technology.

Power I: Trusted VPN

VPN's original intention was to provide a secure channel, so that remote users can access the private network. But in the current computing environment, for trying to access the corporate network can be managed or unmanaged devices, network administrators could not access network in its pre-knowledge of their origin. In particular, the increase in the mobile VPN users, the network office workers and road warriors through the IPSec VPN client software access to the potential safety problems within the network attention.

If the user can access a host within the network through the VPN, but the host itself is unsafe, who have been infected or otherwise insecure network connection (split tunnel), etc., within the network will bring a serious threat. Moreover, the attacker can use the VPN encryption technology through the firewall, the firewall on their behavior to avoid detection and control.

In addition, most of the existing intranet or internal network security behavior control, only to consider the conduct of internal LAN security, that is, the host of the LAN access to conduct surveillance and control, not related to large-scale cross-boundary business the whole network security.

In fact, Juniper's security experts said that as the VPN can be established on a public computer, so the company network may be additional risks that the particular SSL VPN performance significantly. In addition, the public computer may not support two or more authentication methods, because they do not own a smart card reader, or directly by the disabled USB port.

In this case, a private network based on the credibility of VPN TPN (Trusted Private Network) began to appear. Anda through the security experts Kang-ho said in an interview, the current TPN technology integrated security and communications gateway endpoint security technology, while leveraging the unified management of global deployed, in order to achieve comprehensive, multi-level security.

It is reported that in the TPN system, any host access network must be verified through user authentication and host authentication mechanisms mandatory. Only one host is classified as a trusted host before they can access the system resources. Basically means that the host trusted by the management of risk. This state of the managed host is responsible for configuration for IT administrators and users. If a trusted host mismanagement, is likely to be the weakness of the whole solution.

When the host is considered a trusted host, other trusted host can reasonably be assumed that the host will not initiate malicious actions. For example, a trusted host should not expect the implementation of other trusted hosts they attack the virus, because all the trusted hosts requires the use of some of the mechanisms used to mitigate the virus threat (such as anti-virus software).

Kanghao Jiang stressed that such a trusted state is not static, it is only a transitional state, with corporate security standards will change and change, and to continue to meet those standards. As new threats and new defenses will continue to emerge, so the organization management system must constantly check the trusted host, to keep in line with the standards. In addition, when needed, these systems must be able to publish updates or configuration changes to help maintain a trusted state. Continued compliance with all safety requirements may be considered a trusted host host.

According to reports, the credibility of private network through the compulsory certification system for TPN host and user, use the "user roles ---- ---- resources" licensing mechanism, to achieve "internal network threat" and "border threat," "host threat "and" access threat "of the system. It is reported that role is the system of communication between users and service hub, to avoid the use of roles between users and services directly related to relationship, reducing the amount of configuration tasks, and strategies to improve the maintainability of the system. A user can be assigned to multiple roles, each role contains more than one user. For each service can access the service can be set to a variety of roles.

When enterprise users access the network TPN system protection, the first must be "compulsory identity" (or client can use Web-way authentication system log TPN), in the authentication passed, TPN security gateway, in accordance with the user resource access rights and the login authentication when the PC-user features (IP / port), dynamic security gateway in the formation of TPN "Meta Group + time" dynamic access control policy. Dynamic access control policy of the short-term effects, when there is no activity after a period of time users, the policy shall become invalid, need to re-enforce authentication, security gateway again in the TPN for the user to create dynamic access control policy.

Not difficult to see why that TPN system can be more secure VPN, because it is through VPN access for mobile users and remote local area network such as the local user access control. For example, when the VPN user and the headquarters of the TPN security gateway to establish encrypted tunnels, the headquarters of the TPN secure remote access gateway to the host on the safety assessment: If you find that there is a threat or does not meet the host access to the security headquarters level (if not patched, etc.), the host is not allowed access to the headquarters. This is the so-called "VPN access control" technology.

At present, the enterprise through the application of this technology, you can ensure that the external network threats (such as Trojans, viruses, attacks, etc.) are not brought into the internal network through the VPN users to avoid hackers to "springboard" attack. And network administrators to manage local LAN as the same as a unified whole VPN network security policy management, and for the whole network, not just the local LAN network-wide behavior management.

In addition, the enterprise network against the threat of protection, TPN inherited the traditional behavior management within the network, gateway anti-virus, anti-spam technology. At the same time, TPN will use these technologies to the enterprise network, not just limited to the LAN. Therefore, whether local or VPN access to LAN users access to the user, TPN system uses "mandatory identity" authentication mechanism, there is no authenticated user can not access any internal / external network resources.

In view of this emerging technology, Xinhua Life Insurance Group's IT manager said, for large Qi Ye, Ke Yi Tongguojiezhu VPN TPN system control, including can Zhi Yun Xu legitimate, trusted endpoint devices, such as Ye Wu network of PC, 鏈嶅姟鍣? agents The PDA access network, while other devices are not allowed access. The new system "TPN Gateway" and "TPN client" form a defensive system linkage, to avoid relying on a single gateway defense system or the formation of a single client functionality defense system bottlenecks to enterprise IT departments to reduce the pressure.

In fact, Digital China Networks Jinghui, senior product manager explained that the focus on border security and distribution of safety is ambiguous, as insurance companies, as agents of the company's information security and information security as important, but this is controllable VPN charm.

Power 2: SSL VPN's two major breakthroughs

SSL VPN in, there were two major breakthroughs this year. First, the United States last year, Microsoft announced the acquisition of security in the VPN and remote access products with leading-edge companies specialized vendors Whale, Microsoft Windows Vista systems this year on launching a new VPN protocol ---- Secure Socket Tunneling Protocol SSTP (Secure Socket Tunneling Protocol).

It is reported that the new SSTP agreement to SSL-based, it will appear in the upcoming Windows Longhron Server Beta3, and in Windows Vista SP1. Microsoft's security experts said, SSTP will be used to replace PPTP and L2TP protocols, to increase the flexibility of VPN access.

In fact, many business users using PPTP and L2TP protocol for VPN connections when the VPN connection will come across the situation does not work very often because of a firewall or NAT router does not open PPTP GRE or L2TP ESP port. For users, the VPN connection that experience certainly is not good. Business users want is the same VPN connection as easy to use IE to connect, and SSTP is to solve this problem occurs.

According to Microsoft engineer, a firewall or NAT in order to avoid the impact of the VPN connection, SSTP through HTTPS (SSL) to establish VPN tunnels, most of the firewall to allow the direction of the SSL access pass. But the SSTP does not support the site to site VPN, only suitable site in the remote access client to connect.

In addition, as a supporter of SSTP agreement, Jinghui for the reporter describes a standard SSTP agreement, the seven steps for VPN connections:

First, the client and server through the Internet to establish TCP connection, the connection is carried out through TCP port 443. Assumes that the client's IP address is 100.100.100.1, the server's IP address is 200.200.200.1.

Second, when the TCP session from the beginning, will be SSL negotiation. Consultation process through SSL, the client will obtain and verify server certificate (if the validation fails, the connection will be terminated). In this process, the server does not verify the identity of the client.

Third, the client will encrypt the SSL session to send HTTPS requests to the server.

Fourth, the HTTPS session, SSTP agreement will commence operation, the client sends SSTP control packet, the client and server, open the SSTP state machine, and then establish links and communication in the PPP layer.

Fifth, the PPP session (this session is established in the SSTP over HTTPS above) will be the initial PPP authentication, authentication method depends on the authentication algorithm, in general, then the server will verify the identity of the client, the client on the server authentication is optional.

Sixth, PPP authentication end, SSTP will be the client and server communicate through the VPN connection interface, the interface will use the "Internal IP", such as the client is 192.168.1.2, the server is 192.168.1.1. This IP address is configured on the RRAS server, used to access the company's internal network.

Seventh, the client and server communicate through the VPN SSTP to send packets. Suppose that a client (192.168.1.2) to send a packet to the server (192.168.1.1), then SSTP will be submitted to this data packet to the SSL layer encryption, and SSL layer to add a new header Department (the source address of 100.100. 100.1, the destination address is 200.200.200.1), through the Internet connection interface, the packet sent to the server.

In fact, in many ways, SSTP and other VPN protocols, as will be through the server RRAS (Routing and Remote Access Service) configuration. Currently, SSTP communications default TCP 443 port. SSTP in IPv6 on the channel will also be supported.

According to Microsoft, Vista and Longhorn have been installed in the system, IPv6, and enabled by default. The multi-factor authentication, such as smart cards or SecurID tokens, and also as RRAS remote access strategy, was supported. The link Administration Kit (CMAK) that the SSTP VPN connection can create different profiles.

The Jinghui's view, SSTP protocol integrated support for NAP, but also support IPv6. In addition, SSTP using a single channel of the HTTPS connection, compared to traditional multi-channel implementation, better network utilization and better load balancing performance. But he also believes that the current SSTP is not a standard, the future is certain to travel.

Another major breakthrough in SSL VPN is the scene for a "point" (Site2Site) era. Point to SSL-based VPN technology first appeared in this year's RSA Conference. It should be said, new technologies break the long-IPSec can be achieved only through secure access between the two points the only way for enterprises to provide users with a more flexible and secure access point mode, to ensure that the "extension will be applied to network "possibilities.

Array Networks CTO, Dr. Xu Naiding said in an interview, the traditional point to point VPN IPSec VPN has been the only choice, but this method can not meet current business needs a business environment that is, how ---- to two different networks and IP addresses based on the rules of enterprises open up a tunnel between two points and how to implement role-based security and application-specific access control, IPSec VPN can not be achieved has been a shortcoming.

In contrast, the new peer SSL VPN technology for the user, host, any two or more networks between sites to establish an independent two-way encrypted channel, and enterprise network management within the network are not worried about security issues. At the same time, network administrators can achieve in one location access to the global user security settings and control, eliminating the need for the same user-defined number of access control policies, but also can no longer consider core switches, SSL VPN devices and access into the floor switch on the set and maintain the access control list (ACL). No doubt, this technology has greatly improved the efficiency of management, the management cost savings.

Power of three: do integration with ERP

Both within the network or remote, VPN technology has applications for business, but it causes the VPN and ERP system integration.

According to press the investigation, VPN integration trend early as three years ago has begun, but the technology and deployment conditions were not perfect. From the current trends, VPN and ERP integration has been in many large enterprises and government agencies to achieve, even on this basis, there is also the integration of VPN with the router signs.

Deeply convinced of the security product manager Wu Di proposal, corporate IT staff should be concerned about VPN integration with the ERP process. As this has been, ERP are enterprises solve business expansion and branch number of tools, including the channel, partners, remote or mobile office all 闇?眰, belonged to ERP management paradigm (or is the business part of the system). The core of ERP and enterprise business integration, and an advanced VPN system, the same with business integration, thus inevitably led to a new of "integration" of the technological revolution.

From the technical analysis, ERP remote management module integrated with the VPN, you can achieve the remote access based on business. According to Wang Jinghui description, whether it is B / S mode, or C / S model system, can use SSL VPN or IPSec VPN integration. Note however that in the C / S mode, the client and the server does not use TCP / IP protocol, the link bandwidth is usually in the 100K-500Kbps range, C / S architecture is often developed from the point of fact, if the LAN not for optimization, bandwidth may be as large as 3-5Mbps. Therefore, in this case, the VPN throughput requirements are high.

In addition, support for enterprise applications, the Jinghui that IPSec and SSL support on ERP is different, and sometimes quite different. First, when users try a restaurant or similar location to establish VPN connection ERP system, a problem often encountered is some network or firewall administrators shut down the ports used by VPN protocol. However, most networks will allow for secure HTTPS communications, so this case is still under SSL VPN to work properly, while the other VPN protocols can not do anything. On the other hand, he also emphasized that the use of SSL VPN, nature will not be able to gain access to other traditional VPN technologies available to the appropriate access level permissions.

In addition, based on experience, IPSec in the IP layer to encrypt data, it can end the transmission of data between sites to protect all, regardless of the type of business applications. In other words, whether corporate or branch offices and down the supply chain can use IPSec between the different local area network and remote client and the central node to establish a secure transmission between the channels, support for traditional ERP wider.

Should be emphasized that, as in the ERP environment, user data is encrypted Internet transmission is still in the public, so encryption is very important, it directly affects the security of user data. The IPSec is made in this regard a technology better.

In contrast, SSL is application layer protocol, its main advantages lie in VPN client deployment and management, the basic need to install client. The benefit of this is that if the company carried out based on B / S structure of the ERP application, the user can use the browser to complete the establishment of SSL-VPN.

However, this model also has limitations. Because the Web page for non-business access, SSL is often applied to the help of conversion. In particular, some SSL VPN products can support the application of converter and the number of agents is very small, and some even basic file server, FTP and Microsoft do not support the application of conversion. The characteristics of the decision to carry out SSL VPN-based ERP applications and can not form a local area network applications on the LAN, so in the enterprise integration of upstream and downstream supply chain, there are challenges.

In the ERP and the deployment of the VPN, Jiangsu Provincial Food Bureau of the application of the most representative. Leadership council, said in an interview, the Grain Bureau had set up in ERP systems, when discovered, due to their own under the jurisdiction of grain storage scattered throughout the province, the collection of information is relatively cumbersome. And based on information security, the initial idea was to ERP Data Collection and VPN combination. It is reported that IT executives said the Grain Bureau, Jiangsu Provincial Food Bureau has jurisdiction over dozens of local grain depots and sub-cities, IPSec VPN network using a unified, successful ERP central office with the safety of docking and data acquisition.

In this regard, Jinghui said that many companies want to leverage the security services to enhance efficiency and competitiveness. Similar to the grain bureau that have "fragmented, high-security business," features the company should use VPN technologies to build a protective ---- ---- Jiance response system that can cover the internal business systems and even the late Intranet security.







相关链接:



for YOU Games Arcade



2006 IPTV In China Summit less what?



MTS to MOV



FreeBSD Serial (49): Access To X Window



Quit After The Resignation As You Have To Leave Like A Gentleman



RECOMMEND Reference Tools



News about Chat And Instant MESSAGING



MJPEG to AVI



Comparison Genealogy



ASP.NET 2.0 at the same time to prevent the same user login



About Distributed IDS



symbian following xml Parser (under)



How GIS abstract surface features of space?



ASF to MPEG



Rational Assessment Of Service Quality



HR HR In The Eyes Of Men And Women



Monday, October 11, 2010

"Journey" amending the law of my magic battle + guardian



I turn 170, 15 9 soul star fighter against evil by a set of objects, a set of bows and arrows are all full of soul, there is no magic installed. Of offensive 7W8, things anti-9W1. Often go out and do with small tasks, so it must have the ability to take up, but I now repair is Stalker, this matter by amending the law encountered no use of it! So, I want to amend the law for minutes, this amending the law, I have calculated right, as follows:

Full 70 basis points to 122 points, amendment battle demons, and then invincible 23-point (with a small repair can stick +2 2 points), then, all remaining amendments guard, probably the following points can be trained to ban technology (I need Several skills have already learned)

PK (official singled out): As a single attack of the, PK first open yin and yang, and then over the state, called a skeleton (23 points in the call can be learned) may want to start running around, because we proceeded from the athletics side, start running around first to see the map on the two appearances and was close to a reckless last invincible, the Skull and Bones before shooting the enemy, the enemy saw the shot here, if cowardly run on smart, if the initiative to come up against, it had no choice even if there is a large move, I rode the horse Red Hare, completely overlapping with the skeleton, skeleton body will first hit! and others came, small red, dizzy people, if opponents do not fall on the prohibited technology, for bow and arrow, and then ran radio, other people also use bows and arrows to fight back if it's faster and he died (after the attack because the train well in double-entry, could not he know how to install for less, if the bow would dare to open fire on the right , to see who obviously had experience in this respect! our skills + the attack, but there are 20W Yeah! my physical fighters, high crit) that can not play against France with the assassin is it, not afraid of guards, the guards did not set themselves skills, and we are invincible Yeah, so he washed invincible, people are in the ground! he opened even more stupid invincible, and another stick of time upside down.

Against law: for I am 100% magic reduction, anti-freeze What is also anti-paralysis. Master the basic fear, in addition to major ice method. But we also are not afraid of, anyway, I can not spike up to let you hit it, then you're almost finished, the Master was close cut technology, and 10 seconds of time, what is the use What? Can only run, run What out? small red, + reckless, invincible, and then for bow and arrow, shoot! enemy was dizzy the first reaction is back, we do not chase, with arrows how the attacks have 17W, to reverse the downturn to be good ! play a critical strike directly down to the ground!

Against Assassin: Assassin the profession rather monotonous, 3 red halo 1 +1 chain, like washing the state, but the assassin skills are good skills of wood is the most harm him! Analysis: If you are a higher number, you do not fear the enemy , you are shooting look obstinately to fly, this multi-depressed Yeah! fly after we find each other, but this initiative in whose hands that are not allowed, but cut me a magic Yeah! allows you to have meters assassin matter halo Yeah! After all, the object of attack is very low assassin ah! unless an exception is RMB players (but good to have the same operation down to the ground)

Added to deal with assassins, we first condition is fulfilled, then slowly move down, someone will first skeleton was found shot, break the wooden men assassin, assassin and then fly, quickly Invincible, opening reckless, assassins and then close when the skeleton also issued an arrow, what skills you can close Assassin Why? our skeletons in the ah, can find you! invincible after the active search for reckless assassin, Skull and Bones found first, and then shot, halo assassins will flash to you, or run off (the weak behavior, formal PK not run away from the playing technique is not able to run more, to turn around and against), but you are invincible, small red anti-restraint, to open immediately after the yin and yang, good red reversal, then ban and technology, and then flat cut He ran to catch fire, has been hit he fell down, the best magic skills are tied cents, when the assassin attack you will use often neglected equipment, this is the best, we immediately bound to contain a counter, Is it then time for 6 seconds with a neglect of equipment, assassins are not put down What?







Recommended links:



a cell phone for seniors



DV to AVI



VOB to FLV



DAT to MPEG



Monday, September 27, 2010

Object-oriented programming concepts and guidelines



Object-Oriented Programming (OPP) is a programming language model, it is organized around "objects", rather than around the "behavior"; around the data, rather than logic. In the past, a program seen as a logical process to receive input on the input value processing, and then produce an output value. How to write program logic be regarded as challenges, rather than how to define the data. Object-oriented programming with the view that we are really concerned about is to operate the object, not the object of logic operation. Include a range of objects, ranging from human (with name, address, description, etc.), down to the building and the floor (all the attributes to describe and manage the objects, or even your computer desktop widgets (such as buttons and scroll bars) .

OOP in the first step is to define the action you want all the objects and how to establish links between them, the most common application is data modeling. Once you define an object, you use an object class to summarize it (imagine Plato's "ideal state" concept, the chair on behalf of all the chairs, which means that each class of things has its common characteristics), define it contains data type and any logic to operate its program. The logic of each different procedure is considered a method. Real instance of a class is called (it was no surprise) an "object", or in some environments is called an "instance of the class." Object or class instance is what you want to run on your computer. It means providing computer instructions to provide the corresponding data object properties. You and the object communication - the object were to communicate with each other - with clearly defined interfaces called messages.

Object-oriented programming concepts and criteria used to bring the following important benefits:

The concept of data type definition of data objects makes it possible subclasses, which subclasses can share some or all of the parent class attributes. As inheritance, OOP, this feature increased the thoroughness of data analysis, reduce development time and improve coding accuracy.

As a class only defines the data it needs to involve, as an instance of the class (an object) at run time, the code will not accidentally access other program data. The data hiding features to enhance the system security and data to avoid unintentional contamination.

The definition of a class is not only the initial re-create its procedures, and by other process-oriented reuse (in view of this reason, the network distributed applications much easier)

The concept of data classes allows a programmer to create any of the language has not yet been detailed in the new data types. The first one object-oriented computer language called Smalltalk. C + + and Java is now the most popular object-oriented language. Java programming language to corporate network and the Internet specifically designed for distributed applications.







Recommended links:



Hopson Zhu Meng v. United States, according to the country involved?



Across threads in C # Winform control access



guangzhou 2010 asian games winning software



DVR-MS To MPEG



QuickTime to MPEG



MKV To Xbox 360



Find driving force BEHIND IPv6



Improvement of the current financial report



Articles about CATALOGING



Recommend Audio Players



Easy to use Mathematics Education



Epson ink cartridge patent new alternative to the situation of domestic supplies of unknown



Third Eye training



Top SHELL Tools



Zhou Chengyu Court hematemesis: die in the end to fight a lawsuit



Thunder has more than 100 million users targeting NASDAQ



Thursday, September 16, 2010

Gartner: Mac OS bad luck into the next start spyware threat


According to the "Computer World" reported Symantec warned that because OS X operating system will quickly become the target of hackers and viruses, causing uproar in the Mac world, after just over one week, Gartner reliant on the Mac to prevent "rampant spyware "enterprise
Issued a warning.

Garnter Dataquest vice president Martin Reynolds said recently that, despite the Mac user base is relatively small, but as long as there is a vulnerability exploit could cause trouble. Reynolds wrote in a research report: "Macintosh user group is relatively small, in the current system, only about 3% of the running Mac OS. Mac OS is a more difficult targets. However, if there is a weakness to be use can cause problems. "he added, not only for Mac worm that spreads very rapidly, but may also prepare a further attack not only attack Microsoft's Windows operating system, Mac mix of worms.

Reynolds said: "If an infected Macintosh attempts to spread a worm, 97% chance it encountered a resistance to worm propagation system. Both Mac OS and Microsoft Windows-oriented worms could be developed, but such an attack more difficult to organize. "

He was concerned with Mac OS as the target of spyware may record widely before its foothold.

Reynolds said: "Despite the Mac platform today, almost non-existent spyware, but spyware problems may occur. Spyware can hide deeper in the system, becoming both harder to detect and harder to remove. Do not assume that your Macintosh systems are immune viruses and other malicious code. "





Recommended links:



Jinshan Jinshan Nu Pi Typing Through Repeated Fake "Li Gui," Poisonous Pit Users



FIREWALL And Proxy Servers comments



Using a password reset disk recover lost XP passwords



Convert Mpg To Ipod



E-cology in the Pan Micro Series 27



"Jingdong model" kept short board



Recommend Source Editors



mkv



VC ENVIRONMENT created in the symbian build EXE project questions



Convert .flac to .mp3



GUIDE Cursors And Fonts



BI, in the M & A growth?



Quicktime mkv



Kabbah: Careful Tuxedo (Tux)!



Directory Dial Up And Connection Tools



Details determine success or failure: Lean Manufacturing (6)



Wednesday, August 4, 2010

FreeBSD Serial (44): X Free86 hardware requirements



When the FreeBSD system as a server when its work does not depend on any graphical interface, the interface can be done using only characters in almost all server-side tasks. However, greater flexibility in graphical interface, you can open multiple windows at the same time, the implementation of some characters can not complete the task of the interface (such as graphics), to make the system easier to use FreeBSD, etc., the processing power of a graphical interface is intended to FreeBSD system used as an essential capacity of personal workstation platform.

FreeBSD support through the X Window System graphical interface, X Window is a set of standards developed by the MIT graphical interface, its current version is X11R6.3. With MS Windows or Macintosh graphical interface different, X Window is a platform independent interface to the basic graphics function calls, it does not include specific hardware and specific display style, the X Window highly configurable, there are a variety display style. If the graphical interface into the display involving application management capabilities, graphical interface for graphics and display low-level hardware interface of three parts, then the X Window is a set of mid-tier and low-level graphics protocol.

But the MIT X Window release the source code does not include low-level code, that is, the specific display hardware on the system implementation, in order for X Window to the specific hardware in the computer up and running, also need to develop the appropriate driver. In addition to developing a variety of proprietary vendors to provide true hardware drivers available X Window System, another has a variety of hardware drivers and are free to use the X Window system for XFree86. It is a lot of volunteer organizations, the use of X Window display the source code for a variety of hardware development for the free use of the X server, makes the X Window system to the specific operating system in a real hardware running. FreeBSD and other free operating systems use some Xfree86 system as the graphics system.

Installation and setup X server

FreeBSD using XFree86 as a basic X Xindow system, but also a professional manufacturer for the production of X server FreeBSD system, such as Xi Graphics Inc., the company developed commercial X servers usually support more and newer display hardware, and can support all the new hardware kinds of features. As for the volunteers XFree86 development, hardware manufacturers can not be displayed technical support and technical information, so support for new hardware to be worse. In general, if not used too new display hardware, XFree86 graphics system that can meet the needs of the establishment. So here describes set up and use XFree86 systems.

X Free86 hardware requirements

Current latest version of XFree86 to XFree86 3.3.3, support for multiple types of graphics card. But the graphical interface than the text interface requires more system resources, especially memory. Usually running the FreeBSD X Window system, at least 8MB RAM and 8MB of swap space should be there to run other X applications. To achieve higher performance, however, should have better hardware conditions, such as with hardware acceleration of graphics card.

Display card: XFree86 support multiple graphics cards from ordinary VGA graphics card to a dedicated graphics card. Use of personal computers in general are a certain kind of VGA-compatible graphics card, which meet the minimum requirements for XFree86. However, if the XFree86 support for the specific type of graphics card, you can use 256 colors or higher true color, the greater the resolution of the display mode to run the X Window System, otherwise, they can use the standard 16-color VGA mode. And the use of hardware graphics accelerator card features will significantly improve the graphical interface of the display speed.

Monitor: As the Unix users and developers are used to professional workstations, so they designed the graphical interface is designed for the big screen. Use a small display X Window, find the button too often, the border is too rough, etc., so the monitor should be able to reach a resolution of 1024x768 or higher to play better under a variety of X Window interface style advantage.

Keyboard: frequently used Unix workstation keyboard with PC keyboard layout not the same, but the average user is more used to PC-style keyboard. XFree86 can remap the keyboard, default keyboard mapping for the PC-style keyboard, but more familiar with the workstation user can redefine the keyboard on the keyboard arrangement.

Mouse: MS Windows using a 2 button mouse, the X Window are more accustomed to using 3 button mouse, keyboard and mouse for only 2 target computer, XFree86 can provide a simulation of the third key operational functions. Do not use the same style, for example, the use of double points in the Windows95 "double click" to perform the procedure, the X, you can usually just a single point, since the use of X Window users are usually long-term use of computer experts who believe that double point of operation makes for tense state of an ongoing double-finger operation will cause damage.

Before installing XFree86, first of all need to know whether the computer's video card supported by XFree86, XFree86 supports a large number of common graphics hardware, but because X server driver not the hardware manufacturers to develop, then a hardware appears to be from XFree86 to support takes a time, many hardware manufacturers for the protection of commercial confidentiality considerations, there is no public details of their hardware, which on the development of drivers for their hardware provided additional obstacles. Installed XFree86, you can view the document directory README files (FreeBSD under the file path / usr/X11R6/lib/X11/doc/README), to view the Xfree86 support the type of video card chips.







Recommended links:



Anti-Virus Tools Catalogs



Must Have The Heart By The Five Interview



Why is throwing money at very odd tiger VC Zhou Hongyi good "Fudge"?



Stamp Effect In The Production Of Fireworks



Picked Games Kids



Blackberry Video Formats



Mp4 to wmv converter free



M4v File



Photoshop pumping effect of the new line of thinking



Video Converter



"Aion," the so-called dual-sword Star Alternative Analytical



First Financial Weekly: direct supply in the Shadow of Digital CHINA



The world to those who have ACCESS



Hot Graphic Viewers



"NBA2K10" Extraordinary feint ball the whole Raiders



Alipay's Disregard The Changing Circumstances



Fax Tools INTRODUCTION



Wednesday, July 21, 2010

C + + compiler on the template of separate answers to questions



First of all, C + + standard that a compilation unit [translation unit] is a. Cpp file and include it all. H files,. H file in the code will be extended to include it. Cpp file, and then compile the compiler. cpp file as a. obj file, which has a PE [Portable Executable, the windows executable file] file format, and contains in itself already is a binary code, but may not be able to perform, as and does not guarantee there will be one main function. When the compiler will be a project in all. Cpp files to compile separate ways after, then the connector (linker) to connect to a. Exe file.

For example:

//--------------- Test.h-------------------//

void f ();// here to declare a function f

//--------------- Test.cpp--------------//

# Include "test.h"

void f ()

(

... / / Do something

) / / Here to achieve the function f declared test.h

//--------------- Main.cpp--------------//

# Include "test.h"

int main ()

(

f (); / / call f, f is the external connection type

)
In this case, test. Cpp and main.cpp is compiled into various different. Obj file [name test.obj throw and main.obj], in the main.cpp, calling the f function, but when the compiler main.cpp time, just know that it is only main.cpp contained in the test.h file in the one on void f (); the statement, the compiler will be here, f as the external connection type, or that Its function is to achieve the code in another. obj file, in this case is test.obj, that is, main.obj actually not even a line on the f function of the binary code, and these codes are actually present in test.cpp compiled into the test.obj in. In main.obj call on f command will generate a line call, like this:

call f [C + + in the name of course, after mangling [deal] off]

At compile time, this call instruction is clearly wrong, because there is no line f main.obj the implementation code. Then how should we do? This is the task of the connector, connectors for the other. Obj in [this case test.obj] f the implementation code search to find the instruction after the call f replaced by a call to address the actual entry point address of the function f . Note that: the connector will actually work inside. Obj "connection" has become a. Exe file, and its most critical task is said above, look for an external connection symbol in the other. Obj in the address, then replace the original "false" address.

If this process is a more in-depth:

call f command line but it is not, it is actually the so-called stub, which is a jmp 0x23423 [This address may be arbitrary, but the key is that there is a line command to address a genuine call f action. That is, the. Obj file which calls all of the f, jmp to the same address, in which there really "call" f. This has the advantage that changes of address as long as the connector on the latter's call XXX address for changes on the line. But how to find the f connector is the actual address it [in this case, it is test.obj in].

Because. Obj to. Exe format is the same, in such a file into a symbol table and symbol export table [import table and export table] which will address all the symbols and their associates. This connector as long as the export table in test.obj find symbol symbol f [of course, C + + on f were mangling] address on the line, and then make some offset treatment [because it is two. Obj files into, of course, address will have a certain offset, the connector clear] write main.obj the symbols into the table f occupied by the last one.
This is about process. The key is:

Main.cpp compiled, the compiler does not know f the realization of it all when it comes to just give a call instruction, the connector should be directed to find f for its implementation body. This means that main.obj not on any line of binary code f.

Compile test.cpp, the compiler found a f implementation. Ever since the realization of f [binary code] in test.obj years.

Connection, the connector found in test.obj f the implementation code [binary] address [derived through symbol table]. Then the pending call XXX main.obj address into f the actual address.

Completed.

However, the template, you know, actually the code template function can not be directly compiled into binary code, which must be of a "modernization" process. For example:

//---------- Main.cpp------//

template

void f (T t)

()

int main ()

(

... / / Do something

f (10); / / call f decided to give the compiler where f is a body of concrete f

... / / Do other thing

)



[Next]



That is, if you had not called main.cpp file, f, f is also not specific to main.obj in f there is no arbitrary line on the binary code! ! If you call this:

f (10); / / f to come out with is of

f (10.0); / / f to come out with is of

This main.obj in and will have a f, f are two functions of the binary code. And so on.

But with the current requirements of the compiler know that the template definition, is not it?

See the following example: [to separate the template and its implementation]

//------------- Test.h----------------//

template

class A

(

public:

void f (); / / here is a statement

);

//--------------- Test.cpp-------------//

# Include "test.h"

template

void A:: f () / / template to achieve, but note: not with the current

(

... / / Do something

)

//--------------- Main.cpp---------------//

# Include "test.h"

int main ()

(

A a;

af (); / / Here the compiler does not know A:: f of the definition because it is not test.h inside

/ / So compiler can only hopes the connector so that it might in others. Obj to find something

/ / A:: f the implementation body, in this case is test.obj, however, the latter really have A:: f the

/ / Binary code? NO! ! ! Because C + + standard clearly that when a template is not used when

/ / Hou it should not be a stand out, test.cpp used in the A:: f it? No! ! So Real

/ / Test.cpp compiled on the occasion of the test.obj file on A:: f the line of binary code has not

/ / Then the connector was stoned, and had to give a connection error

/ / However, if you write a function in test.cpp, which calls A:: f, the compiler will it / / with stand out, because at this point [test.cpp in], the compiler know the template definition, they are able to / / enough with current technology, therefore, test.obj symbol export table will have a A:: f the address of this symbol, so the connector will be able to complete the task.

)

The key is: separate compilation environment, the compiler compile one. Cpp file does not know the other. Cpp file exists, it will not find [When faced with hopes it will open symbols connected device]. This model case in the absence of the template works well, but the encounter template was stoned, because the template only when needed will come with modernization, so when the compiler can only see the template declaration, it can not a modernization of the template, can only create a symbolic link with the external connector and look forward to be able to sign out the address resolution.

However, when the realization of the template. Cpp file does not use the template with the current body, the compiler is too lazy to go with, so the whole project. Obj can not find a line on the template with the current body of binary code, then connect devices are dumbfounded! (CSDN)









Recommended links:



Bluesea PS3 Myspace Video Converter



how to CONVERT mp3 to aac



avi Converter



AllRipper Flash to Mobile



BenQ competing against the shining 2008 SEPG Conference



Easy To Use Clipboard Tools



How To Convert Mp3 To Mp4



News ABOUT FTP Servers



Agile DVD to 3GP Converter



DVD Xvid Ripper



f4v Converter



SuperBurner DVD To Flash



Adobe at the end of acquiring, at a price well



Management And Distribution Directory