Abstract:This study is designated to solve the problem of that server system and software’s security configurations can be reset after the server is invaded, and the network security equipment (hardware firewall, etc.) has large granularity. We analyze common network applications of WWW server, such as WWW, DNS, and FTP, summarize of the characteristics of each network application protocol, and according to the principle of dynamic port fixation and dynamic managerment IP fixation, configure the server access switch ACL, then apply each server’s ACL to the server-connected switch port, protect the server specially. When the server firewall rules are disabled, the server access switch ACL can limit the behavior of the server, thus protecting the servers and the intranet network devices. Using the Pktgen tool based on INTEL DPDK (Data Plane Development Tool) to test, ACL in the server access switch can filter the high abnormal traffic from the server and protect the network and equipment.