The Design And Implementation Of Network Security Management Center Based On Message-oriented Middleware

Network Security Management Center SOC becomes the core of comprehensive security management facing large corporations and is the essential component to help customers implement security organization management, security operation management and security technology framework. SOC focuses on the protection of all application servers and key positions in network by layered protecting the important backbone network equipment, analyses business association rules, computes the key security data and guides the security operation and maintenance. It's significant to enhance the manageability and security level.Aimed at the limitations of network security products and applications requirements, the necessity for building SOC is demonstrated. Based on JMS and adopting Java technology framework, the technology scheme of self's own research and development named SMsgServer middleware is presented that RMI using for distributed data storage, through the context object of JNDI service creating connections, XML as the storage message form, Pub / Sub model simplifying communications between asynchronous data transmission system.In order to effectively solve the problem that traditional collection only accesses the information of SNMP vl/v2 equipments, according to data collector DCP based on SNMPv3 architecture that the author realized, this thesis analyzes the detailed process and technical points of developing automatic discoverer module and data collection module by utilizing Java thread pool mechanisms and open source package SNMP4J. And it indicates the specific methods and problems which should be paid attention to, and compares the safety and efficiency between DCP and other collections.The thesis briefly introduces how to standardize, merge, repress and correlation analyze the acquisition data derived form network security devices, how to realize the performance management and monitor of different security equipments and software of large network system. The security isolated island is connected as the organic cooperative and integral association rules, and the expect results of management platform are displayed.Finally, the practical research significance is summarized, based on our work, the development and application foreground of security management centre is prospected, and the further research is proposed.