| With the rapid development and the wide use of computer and network technology, more and more diverse business systems apply to enterprise business activities through Internet/Intranet. However, network security threats exist because of the complexity and polytropy of Intranet environment and the vulnerability of information system. If Intranet is seriously attacked, even paralyzed, the enterprise will suffer tremendous economic loss. Intranet not only needs to prevent the attack from Internet by deploying various security products, but also needs to prevent the attack from Intranet, which is easily achieved and hardly defended. So, the enterprise needs some higher requirements and better solutions to protect network security.In this dissertation, firstly we analyze Intranet security treats. We conclude the different network threats combined with the present situation of network security, and propose a series of replying security strategies, which used as the guidelines and base point for designing Intranet security defense system.Secondly, we research the thought and principle of honeypot and honeynet technology. We discuss the concept, classification, characteristic and mechanism of honeypot, and the key technologies adopted in generation 3 honeynet and CaptureHPC client honeypot. Honeypot, as a kind of active defense technology, can track, log and analyze the attack process, and lure the attacker into the controlled environment for protecting the real production system.Finally, we design network security defense system for enterprise based on honeypot technology, and design the sub-system of honeypot, and implement the redirect sub-module and the block suspicious access sub-module based on ENSP. We validate the system by experiment which can early prevent the attack. Moreover, according to the remand of the enterprise, the system can easily extend the function and integrate the others assistant analysis modules. |
PDF Full Text Request