The Design And Implementation Of Multi-Function Security Devices Based On Policy Association

With the extensive application and development of network technology, information security issues are also increasingly prominent. For the current mixed-type attacks on an endless stream of security threats, traditional network security based on a single device protection technology has become powerless. So for a multi-function integrated with high-performance features of the full three-dimensional defense studies to become one of the development direction of network security.Paper analyzing the current information security issues, based on the proposed a way to vulnerability scanning, intrusion detection, access control and logging the audit associated with four kinds of features built into the collaborative policy-based defense system. In order to achieve a functional, effective information integration, multi-function security devices from a simple product integration, promoted to the relevant technology in an efficient aggregation. The system design and implementation of both to adapt to current network security situation, the urgent need, but also to meet the business users in the network security products has a "simple", "easy", "low cost", "high performance," "Network Security integrated solution "needs. Specifically, following the completion of this thesis several aspects of work:(1) Detailed research and analysis with the multi-function security system module's four security-related technologies: Vulnerability scanning, intrusion detection, access control and log the audit. Same time, through comparison and induction, respectively, determined in each module used in the main techniques. (2) through the transformation of the Linux operating system platform, to build a multi-threat security system, the overall framework for the detailed design and implemented with the vulnerability scanning, intrusion detection, access control and log audit the four core modules of the multi-function security protection system.(3) in the actual network environment, the performance of the multi-function security devices were tested and evaluated. The results show that using multi-threat security systems to protect the enterprise network information security is a success, not only to reduce network complexity, improve network reliability and security, while saving the enterprise spending, reducing the administrator's work.Finally, the network security technology papers were summarized and prospects are given for further research. Paper work done by the multi-function security products for the promotion and joint defense technology research has some practical significance.