Firewall And Ids Linkage In The Campus Network

Today, the network technology is developing quickly and the Internet is becoming mare and more popular. But at the same time, the network security question are given more and more attention by all kinds of society teams and the masses. Along with the development of the network security technology, all kinds of network security technology, such as firewall, defence hacker, encryption and intrusion detection system and so on. We can take these tenologyies into two part from overview them,one is static security technology, and the other is dynamic security technology.Firewall on behalf of the static security technology, which is a passive defense technology. It is only able to control the data access network, but it is difficult to prevent unauthorized access to internal. Its shortcoming can not follow the intrusion, and it need people implement and maintenant. However, Intrusion Detection System (IDS) on behalf of the dinamic security technology, which is a active defense technology. It can detect the network easy attack point and security hole initiatively. And IDS can detect the dangerous action before manual detection. IDS can analysis internal network communication information, detecting intrusive behavior or intrusive attempt. IDS can find the characters of dangerous intrusion and detect the attack ation and then alarm, take protected measure at the same time.Campus Network in university plays an important role in teaching, scientific research, and management. Before the campus network security problem is not obvious.With the scale of the campus network and the information being increasingly expanded, resource sharing, e-learning, e-commerce, OA and so on, which carries on through the network is unceasingly thorough. The kind of data and information in campus network is growing. The problem of network security appears to be more and more serious. For the campus network, it has been establish a complete campus network security system. The system protects the information resource in internal campus network from intrusion.Campus Network generally use the firewall as the primal line of defence, but it is a passive defense technology. The Intrusion Detection System is an important part of the computer network security. IDS realizes real-time intrusion detection, therefore actively avoiding being attacked. IDS is the firewall reasonable supplement. It expanded system administrator's safety control ability.This paper has further compared the firewall and the IDS respective difference and the relation. After inquires into their advantages and disadvantages, we proposed the firewall and the IDS union. For the construction and management of the campus network, this paper brings a new thought that IDS and firewall can work together in our campus network. IDS will be a good complement to firewall and firewall can find intrusion by using intrusion detection. IDS will alarm when it detect the action. Therefore, we can improve greatly the campus network security and network management level.