Research And Implementation Of Hosts Agent For Network Security Monitoring And Management

At present, the attacks coming from the exterior network are considered more than those form the client end in the network security management. This will be one of the biggest threats to the network security. According to the survey of some related international statistical organizations, more than fifty percent of the invasions and destructions come from the interior network. Therefore, it is especially important to strengthen the management of the client end. In terms of the ideal of client end security protection, using many kinds of security technologies, we designed a host proxy system facing the network securty supervising and managment. This system can manage and control client's accessing to the exterior network effectively.This paper proposed the client proxy system structure facing the network security supervising and management. Basing on the thorough research and analysis of several essential technologies, we have implemented identity authentication, illegal link, network security aduit and anti-virus detection etc. We used digital certificate to accomplish identity authentication which was based on the study and analyzing of all kinds of authentication. In regard to network security audit, we mainly researched on the distributed model of network security audit and the audit strategy of the rule library. In view of the traditional rule library's flaws, with the formalizing description of audit rule, we proposed a dynamic security audit strategy model which was based on the nature deduction system. The definitions and deduced algorithms of this model were also explained in this paper. On the other hand, we proposed a C/S framework model of the detection of the illegal linking to external network by using the routing table searching method. Aiming at virus detection, we proposed a new anti-virus examination thought to carry on viral protection at the client end.According to the research results of this paper, we have designed and implemented a backbone network security supervising and management system which was composed of the host proxy system as well as the network service supervising software of other people's hard work. It has been tested in the actual network environment, which has proved the validity of the algorithms and the design methods.