Design And Implementation Of Security Managenent System Based On Nginx

With the rapid development of the Internet, almost all enterprises are inseparable from the computer in their daily work. Otherwise, while the enterprise experiences the convenience brought about by the network, it faces a variety of attacks and threats:secrets leakage, data loss, network abuse, identity impersonation, illegal invasion and so on. Network security management system is committed to protect the security of the hosts in the LAN by adding different safety devices.But adding the third-party security devices to the network security management system can also bring new problems. First, adding safety devices will inevitably bring about compatibility issues and other aspects of problem, which will bring some additional expenses. For example, when adding a safety device, developers need to add a series of pages to support the device, which bring developers greater workload. Secondly, the safety device will report the risk events to the safety management system in time when it occors.When multiple devices reported at the same time,in order to ensure the system is able to correctly receive all reported events,the system should have the ability of high concurrent processing.But Apache and Tomcat server are weak in highly concurrent processing performance and they may lead to security occurrence of false negatives and false positives which will bring about security threat.In order to solve the problem caused by adding third-party security devices, I design a scheme based on Nginx proxy server:1) In order to achieve the function of cross-domain access that from safety management system to safty device management system, I use the redirect function of Nginx proxy server, which reduces the additional workload by adding safety devices.2) I design and develop a communication module based on Nginx which is able to receive HTTP request from safety devices, pares the request content, processing and storage. With the super high concurrent processing capability of Nginx, to resolve false negatives and false positives due to the large number of events reported to the server at the same time.After testing we get the following conclusions:as for the first question,we can realize the function of cross-domain access that from safety management system to safty device management system; as for the second question, the communication module can receieve events from the safety devices, and stress test show that Nginx server is able to handle at least20,000concurrent events reported, which fully able to meet the requirements of the system.