Research On A New Type Of Distributed Firewall Technology

With the rapid development of the Internet, the problem of network security is outstanding increasingly. The new type of the distributed firewall which is the project of Ministry of Information Industry, gives a solution to the problems. The purpose of the project is to found a system that is based on the distributed firewall, including firewall, intrusion detect, policy center and log server. As a main module of the distributed firewall, the log server , which is different from log system of tradition perimeter firewall, has the following functions: receiving, disposing and saving log information which uploaded by inner host and boundary firewall; auditing and inspecting abnormal actions; Preventing users from going beyond their commission uses; statistical IDS based on log analysis; finding out invasion behaviors that comes from inside or outside and block them through tactics center. Its design and realization are related to the whole framework and performance of distributed firewall. The purpose of this paper is to study and design the log server in the system of distributed fire wall, and realize its function, to carry on the research into how policy center, host firewall, perimeter firewall and some other modules form completed distributed safe defense system with it. Firstly, this paper states the theoretical foundation of the technology of firewall, database, IDS technology, the encrypt communication technology of SSL and some relevant technologies. And then it deeply analyzes the whole framework, essential characteristic and procedure of the distributed firewall system. This thesis mainly studies the overall design plan and system structure of log server module, separately discusses the several key modules which divided by system structure: Initializing of log program, data acquire, audit system, statistical IDS based on log analysis and the setup of log module, etc, and provides the concrete scheme, data processing procedure, function prototype and relevant description. Finally, illustrating the test result and performance analysis of this new technology in details, the paper looks forward to the expansion and development of it in the future on the existing foundation.