Study On CA Certificate-based Network Terminal Security Monitoring Technology

With the growth and expansion of information technology and network in governmentagencies and enterprises,network security issues are gaining more and more attention,how toensure network security has always been the focus of academic research worldwide. Facedwith increasingly advanced network technology, the traditional "loopholes, building walls,anti-outside attack" protection technology has far from meeting the demand for networksecurity, especially in government, research institutions, banks and sectors where securitymanagement is critical but relatively weak, network security problems resulting from internaltermination are particularly prominent. Therefore, terminal host control management is notonly to ensure the safe and reliable operation of the network but also an urgent networksecurity management issue to be addressed.This paper uses a CA certificate, SNMP, intermediate driver and other key technologies,and introduces the credibility of end user’s identity and behavior of the terminal computer,terminal data security and network terminal monitor in order to safeguard the credibility ofthe terminal access and information security. Firstly, the paper uses SNMP-based terminalnode access algorithm, to scan the entire network terminal node, and access the terminal nodeinformation; Secondly, a combined authentication technology of CA-based end-user identityauthentication and terminal identification-based host authentication, is used to achievecertification of the terminals, preventing illegal terminal access to internal network; theintermediate driver technology is used to block internal network users to use NAT, proxyservers and other irregularities; then a group management-based security access controlstrategy is adopted to make strict control of terminal ports,running processes, and whether tointerrupt Internet connection, and report terminal abnormalities to the server; lastly the serveror administrators will deal with the corresponding violations according to a predeterminedpolicy or manually.Based on the in-depth study of the above, and with the consideration of design principlessuch as security, ease of use, and robustness and so on, this paper developed a CAcertificate-based network terminal security monitoring system, and performed detailed tests ina real network environment. The test results show that the system, without affecting normalfunctions of network, can authenticate terminal accesses, accurately identify and deal withterminal violations, and ultimately guarantee the security of the entire network.