Design And Implementation Of Network Security Management Based On The NDIS

Along with informationization construction deepen and rapid Internet development, the sharing of information resource reaches to a new high level that had never obtained before. But, the informationization development results in poorer network security and rougher management, which are so important that the enterprises and the army informationization construction are urgent to solve. Although the software and hardware firewalls are used, the intranet administrators are still unable to monitor the entire network effectively. In order to improve internal network's monitor, more scientific and effective management system should be developed to make our network run better.The IP flow filter is a Windows application which can filter network streams according to certain rules and monitor users and processes. Its main functions are as below: discarding network streams that does not conform to the request rules, limiting user illegal visit, improving availability of the network band width, enhancing the private network monitoring, and realizing network basic safety control and effective network management.Our system is based on C/S model. We can configure server IP addresses, service ports and user's correlation information and so on to differentiate the user type between user program and server. Client application can start from auto loading, and provides useres the method of authentification. According to user's role type and corresponding jurisdiction, our system can judge the user's category, decide that which application procedure can be carried out and which network service can be accessed by user, and provide basic information for IP flux filtering. The key technologies are as below. Firstly, using the NDIS intermediate level driver to realize flux filtering. Secondly, using VC wrapper classes to classify Windows application, the principle is that the server uses MD5 algorithm to produce fixed-length characteristic code of applications and to construct characteristic storehouse, while the client produces the characteristic code according to the same algorithm and compares this characteristic code with the one downloading from the server to determine the user can run the specified application procedure or not.This thesis has given the IP flux filter's design and implementation. The ADO technology is used to operate the database, the network programming technology is used to realize network connection, the NDIS intermediate level driver is used to implement IP flux filtering, the registry technology is used to automatic execute the client software, the VC wrapper classes is used to classify Windows operating system's application.