Research And Implementation Of Network Access Control And Embedded Anti-virus Engine In UTM

Network security is a remarkable field in this information era. Before the appearanceof UTM, though there are a lot of solutions distributed on different equipments, such asthe firewall, intrusion detection system, VPN, anti-virus, ID verification and so on, thecoordination and deployment of these solutions is still a difficult problem until the arisingof UTM.The purpose of this research is to construct a UTM system and realize the functionsof firewall, anti-virus for network traffic, web ID verification and hotstandby.In this thesis, the author first analyzed the background information and present statusof UTM, introduced the application prospect of the research, and then confirmed thesignificance and feasibility of the development of UTM system. In the second part of thisthesis, the author introduced relevant network information and elaborated detailed processof how the functions had been realized in UTM. In this research, study with the platformof x86, the author configured PF firewall coming with OpenBSD and realized theelementary firewall function in UTM. The PF firewall is basically eligible afterperformance testing. Then, the author installed and configured anti-virus software, i.e.HAVP and ClamAV, to realize the anti-virus function through their coordination scanningto designated network traffic, mainly targeted at the common used HTTP flow. In thefollowing research, the author realized the ID verification function in UTM with threesteps: to set static password and IP authentication with Kerberos and Radius, and toimplement the hotstandby function with CARP protocol coming with OpenBSD.In short, the author has realized several basic functions in UTM in this research, hasmade certain tests and has achieved expected purpose to integrate firewall, network accesscontrol, anti-virus and hotstandby into the system. There are still deficiencies andproblems to be corrected and modified in the research.Though the UTM technology has been in development for almost ten years after itsappearance, it is still not mature. According to the data of IDC, UTM products will berising rapidly in recent years. To integrate network access control, anti-virus engine andhotstandby into UTM effectively will make UTM products more popular in the networksecurity equipment market. This is the significance of this research. Meanwhile, theresearch will also benefit the promotion and development of UTM products.