| At present, with the functions of network management improving ceaselessly, management port is becoming more and more complex. People start to attach importance to management circumstance and hardware security. Not only security validation is needed in management software, but also the measure of forbidding port is needed in hardware. Enormous network dimension doubles the workload of manager, increases the equipment maintenance. The computer system of network management turns form centralizing, distributing to thin client. The blade PC will not feel lonely and try to dash out from the blade sever market. It transplants the virtues of safety, stabilization, easy management and low cost to personal client equipment. This is the dayspring of blade PC.The hardware system structure of blade PC can solute the security hidden trouble of external equipment. It brings better assistant function to network management security. The emphases of blade PC management software is predigesting management program, prone to manage and operate, but the security of it is predigested. When blade PC is used to manage network, it can solute the security hidden trouble of external equipment, but the security of blade PC sever port management software is weak. If security problems emerge at the sever port, the sequent is nothing less than the hostility actions of adopting external equipment. Therefore, we design a blade PC security management system. It provides some safety precautions in order to solving blade PC management security and brings some security guarantee in the course of managing and using blade PC.First of all, we introduce the development trend of the network security management technology, the conception and the construction of the blade PC. The blade PC of ClearCube and HP are analyzed in management software. We put forward collectivity design of blade PC security management system and the security serve construction. The main purpose of the blade PC security management system is to authorize the manager end and the client end, realize access control, keys management, configure and control management, capability management, malfunction management, operation and use of audit through establishing the strategy scheme. All the operating information, strategy, certificate and keys in use are all saved in the security management database. The management of the blade and the security equipment (such as VPN) follows the SNMPv3 and IPSec-SNMP protocol, through this, the management purview and the communication are separated, and the ability and the security of the system managing the network are increased. The collocation and control management mostly take charge of the software installation, hardware use and so on. Capability management watches on the use of each blade, analyses their performance, and distributes the operating resource reasonably. Malfunction management is to check the hardware state of the blades, offers the alarm service and replaces the standby blade in time. As a security service, Audit offers the function of the access checking and log saving for the manager port and client port, on the same time, then a Multi-keyword Matching Arithmetic(MMA) is put forward to do the real-time searching.
|
PDF Full Text Request