Research And Design On Network Intrusion Prevention System

With the increasing invasion affairs and the improved attack levels, on the one hand, network infection, virus and intrusion attacks accelerate, on the other hand the response to network attacks are increasingly lagging behind the time. To resolve this contradiction, the traditional firewall or invasion detection technology can not meet our requirement. For the new attack methods often can not be correctly identified by these passive defense technologies, and thus lapse into a passive position, which requires the introduction of a new technologyAt present, the network security system uses the safety work basically is established based on the firewall, the invasion detection, the loophole scanning and so on in the passive defense measure. The firewall can only filter the coarse grain attack, and its disposition is the static state, so that it is difficult for it to response to network attack promptly. The invasion detection system surveillance the network and the system active situation, discover and report the unusual situation promptly, but it fails to find out the new form hacker attack method and fail to report these misinformation questions. But the honeypot technology can have these questions improved, it designs a strictly controled deceit environment. Once intrusion attack is detected, it will be redirected to this strictly controled environment. By monitoring aggressor's intrusion behavior to provide the early warning so as to discover the new methods of attack. Simultaneously honeypot collects the invasion information, records its activity, grasp the intrusion technology that hackers used, trace its origin and research the methods which can promotion system safety. If the information collected from the honeypot and the IDS are cooperated, then may promptly renew the IDS regular storehouse, enable IDS to detect the latest attacks,and strengthen the system defense capability greatly.Under such a current situation, this paper puts forward a kind of new invasion defence system , based on the firewall and IDS technology , this system has combined another kind of initiative defence thchnology- Honeypot, so as to remedy the deficiency of the original safe defence , promote the security of the network, and effective protecte enterprise's network comparatively with the cooperation of network firewall and IDS .