With the rapid development of Internet, more and more problems in the net security have appeared.People usually adopt fire wall, intrusion detection, data encription and physical isolation to insure internal secret information doesn't be captured or destroyed.But it has shown that these measures only could reduce dangers from external network.However, important information in the internal network faces to dangers that come from internal network too. Especially some illegal user take advantage of Trojan's concealing to filch secret information from others.Traditional boundaries and core assets protection of the security system gradually shown inadequalte to effectively deal with all the network management problems.All enterprise's computers rely on the manual management is far from meeting the current large-scale network environment, in desperate need of new technological means to achieve the unity of the internal network management.According to the above problems, within the development of network security management system as the background, this paper first of all listed the security status of current internal network in enterprises, analyzed the reasons of network security broblems, then based on the causes propose the internal network security system solution.Then this paper presented a number of key technologies on the network security management system, including the NDIS-HOOK, Winpcap and Web Service technologies, Then the paper discussed the design of some most important modules, including access control, client monitoring, path management, client run-time monitoring and network management.Finally, by system testing and performance analyze, so as to achieve the stated purpose.Internal network security management system constructed a protective barrier in the internal network, it had strong adptability, simple operate, high security and so on.So that it played an extremely important role in protecting the internal security of confidential information. |