The Research And Application Of Firewall And IDS Deployment In The Campus Network Integration

With the rapid development of the Internet, attacks and intrusion security issues such as the increasing number of campus network administrators to tremendous pressure. Taking into account the enormous value of the campus network data, security, business has continued to be the major schools, companies and research institutions, the focus of attention.Strengthen network security, we must focus on ourselves and uphold the equal emphasis on management and technology. This requires us through the use of appropriate technologies and measures, the whole network uptime and ensure network data availability, integrity and confidentiality, through the network security technology to protect information networks, the network of interdependent security environment, through these techniques the deployment and implementation, to ensure that through the network transmission and exchange of data will not be increased, modified, loss and leakage.Based on relevant theories of network security, in-depth analysis of firewall and IDS (Intrusion Detection System) the advantages and disadvantages and proposes that the combination of firewall and IDS is running on the campus network method, as a network firewall, the barrier to the outside world will be as a firewall IDS a useful complement to the firewall through the IDS to detect attacks outside of its strategy as well as through the firewall from external networks to block attacks. In this paper, the campus network, firewall settings IDS deployment and conduct a fairly in-depth analysis and research. Its main work includes:1. Campus network attack technology, surveys and studies. In comparing a number of schools of network attacks, was found that the degree of automation campus network attacks and attack speed continues to increase the use of security vulnerabilities at an increasing rate, and the firewall has been the attacker infiltrated the situation more and more. Defense system consists of a simple firewall to the VPN (Virtual Private Network), e-mail gateway, anti-denial of service network attack defense system, IDS integrated forward.2. Firewall security protection technology research. In-depth analysis of the three kinds of firewall technology, packet filtering technology, agent technology, and status monitoring technology analysis and comparison of the respective advantages and disadvantages. Of the current architecture of the firewall packet filtering firewall, dual-homed host firewall, shielding the host gateway firewall, and screened subnet firewall analysis and comparison. By analyzing the main function of the current mainstream firewalls and their limitations, show that the overall security of a firewall is an integral part of preventive strategies. The firewall environment, in-depth defense strategy should be reflected in the deployment of multi-level firewall system, which adopts the set of the Internet edge firewall, departments, border firewalls and host firewalls in one multi-layered defense system; to intrusion detection, network encryption, virus killing combined with a variety of security measures such as multi-level security system.3. IDS technology research. The composition of their systems, application infrastructure, grammar rules and data analysis in-depth analysis. The combination of firewall and IDS can be improved after the deployment of campus network security. Through examples of intrusion detection analysis and experimental test data validation for network firewall and IDS overall security are indispensable. Intrusion Detection System will enable the system to external intrusion events and processes that make a real-time response; to be a logical addition to a firewall, intrusion by gathering technical information to enhance preventive measures. At the same time intrusion detection system also needs to face the false alarm rate and omission rate, if the invasion characteristics of the preparation of imperfect, "false positives" have an opportunity, will lead to the network have been accidentally block legitimate traffic. This requires the use of specialized hardware acceleration system to improve the operating efficiency of intrusion detection system and integrated using a variety of detection techniques.