电力系统保护与控制
電力繫統保護與控製
전력계통보호여공제
POWER SYSTM PROTECTION AND CONTROL
2014年
13期
117-122
,共6页
高吉普%徐长宝%戴宇%吴杰%张道农
高吉普%徐長寶%戴宇%吳傑%張道農
고길보%서장보%대우%오걸%장도농
智能变电站%交换机%端口安全%端口接入控制%静态MAC%IEEE802.1X
智能變電站%交換機%耑口安全%耑口接入控製%靜態MAC%IEEE802.1X
지능변전참%교환궤%단구안전%단구접입공제%정태MAC%IEEE802.1X
smart substation%switch%port security%port access control%static MAC%IEEE802.1X
为了保证智能变电站通讯网络运行的稳定性和安全性,提出了智能变电站通讯网络端口接入控制的安全策略。介绍了智能变电站的通讯方式和网络结构,分析了智能变电站存在的安全隐患和交换机的端口安全接入控制需求。解释了基于静态MAC 地址的端口安全的工作原理和技术特点,阐述了基于 IEEE802.1X 协议的端口安全的组网方式、工作原理、认证过程和技术特点,总结了现阶段智能变电站端口安全策略的具体应用模式和实施方案。最后得出结论,现阶段采用静态MAC地址和IEEE802.1X相结合的方式进行交换机的端口安全接入控制可以兼顾有效性和可行性,具有实用价值。
為瞭保證智能變電站通訊網絡運行的穩定性和安全性,提齣瞭智能變電站通訊網絡耑口接入控製的安全策略。介紹瞭智能變電站的通訊方式和網絡結構,分析瞭智能變電站存在的安全隱患和交換機的耑口安全接入控製需求。解釋瞭基于靜態MAC 地阯的耑口安全的工作原理和技術特點,闡述瞭基于 IEEE802.1X 協議的耑口安全的組網方式、工作原理、認證過程和技術特點,總結瞭現階段智能變電站耑口安全策略的具體應用模式和實施方案。最後得齣結論,現階段採用靜態MAC地阯和IEEE802.1X相結閤的方式進行交換機的耑口安全接入控製可以兼顧有效性和可行性,具有實用價值。
위료보증지능변전참통신망락운행적은정성화안전성,제출료지능변전참통신망락단구접입공제적안전책략。개소료지능변전참적통신방식화망락결구,분석료지능변전참존재적안전은환화교환궤적단구안전접입공제수구。해석료기우정태MAC 지지적단구안전적공작원리화기술특점,천술료기우 IEEE802.1X 협의적단구안전적조망방식、공작원리、인증과정화기술특점,총결료현계단지능변전참단구안전책략적구체응용모식화실시방안。최후득출결론,현계단채용정태MAC지지화IEEE802.1X상결합적방식진행교환궤적단구안전접입공제가이겸고유효성화가행성,구유실용개치。
To ensure the stability and security of the communication network of the smart substation, the switch port access control strategy of the communication network in the smart substation is put forward. The smart substation communication mode and network structure are introduced, the potential safety hazard and the switch port access control requirements of smart substation are analyzed. The theory and technical characteristics of the port security based on static MAC address are explained, and the networking mode, theory, authentication process and technical characteristics of the port security based on IEEE802.1X protocol are elaborated. The application cases and implementation schemes of port security strategy during the present time in smart substation are concluded. In conclusion, to control the switch port security of the smart substation, the strategy combining with the static MAC address and IEEE802.1X protocol is valid, feasible and practical at present.
