| In recent years, frequent hacker attacks, network viruses, worms and Trojans, greatly endangering the safety of corporation's interior networks, most of them use system vulnerabilities, attack, infection and spread. On the other hand ultra vires access and irregular operations are difficult to audit and prevent, and brought great losses to the enterprise. Traditional boundaries and core assets protection of the security system gradually shown inadequate to effectively deal with all the network management problems. All Enterprise's Computers rely on the manual management is far from meeting the current large-scale network environment, in desperate need of new technological means to achieve the unity of the internal network management. This question of network security system construction is gradually brought to agenda of the organizations superintendent and network security builders.In this paper, within the development of network security management system as the background, first of all listed companies internal network security status and classifications, analyze the reasons of network security problems product, and then based on the causes propose the internal network security system solution. Then paper presents a number of key technologies on the network security management system, including the ARP attack and prevent technology , WINDOWS platform vulnerabilities and patches, hook technology. Then paper discusses the Design of some most important modules, assets module to collect system's information; patch management module to achieve the vulnerabilities of computer and patch installation; peripherals control module to forbid or permit the use of equipment by strategy, the outreach monitoring module to discover illegal acts of connecting to external network , secure access module block unauthorized computer access behavior. Finally thesis describes the problem of the system encountered in the actual network environment deployment and propose the optimal solution. |
PDF Full Text Request