Abstract: A network security management system which manages an object node belonging to an intranet, including: an information collecting device, a type determining device and an event management device; the information collecting device being configured to collect domain information, computer name information and account information of each object node which is transmitted when each object node performs a login operation; the type determining device being configured to perform a comparison between the node information received by the information collection device and a node management list to determine a node type belonging to each object node; the event management device being configured to decide whether the object node has an operating privilege, or to give to the object node the operating privilege corresponding to the node type of the object node based on the compared result from the type determining device.

Abstract: A network security management system which manages an object node belonging to an intranet, including: an information collecting device, a type determining device and an event management device; the information collecting device being configured to collect domain information, computer name information and account information of each object node which is transmitted when each object node performs a login operation; the type determining device being configured to perform a comparison between the node information received by the information collection device and a node management list to determine a node type belonging to each object node; the event management device being configured to decide whether the object node has an operating privilege, or to give to the object node the operating privilege corresponding to the node type of the object node based on the compared result from the type determining device.

Abstract: The invention provides a method for distinguishing and blocking off a network node. The method includes a packet receiving step and a packet distinguishing processing step. The packet receiving step is provided for receiving an ARP packet from a network node within a network segment. The packet distinguishing processing step is provided for distinguishing whether the network node is authorized or not by having an internet protocol address and a media access control address of the ARP packet to be compared with a permission list, and then for permitting the network node to connect with the network segment or for blocking off the network node. Thereby the network system can be protected and the safety of the network in use increases.