Design And Implementation Of Security Management System For Financial Network

With the rapid development of computer technology and network technology, more and more network attacks appeared. A variety of unknown attacks (APT) such as network scanning, viruses, DDOS attacks, and so on, are having impacts on operation of the information systems every minutes. The intrusion detection can prevent network scanning, the anti-virus walls can prevent virus attacks, the firewall can prevent DDOS attacks, but it is difficult for these three products above to prevent a variety of unknown attacks and behaviors.In view of the problems above, combining with the current management status of the domestic banking terminal management, this paper comes up with a new network control model. This new network control model does not rely on access control policy or matching feature, but on learning normal business flow. And then, makes a white list of the business flow, so as to achieve an effect of only releasing normal business flow, and preventing all kinds of unknown attacks that are non-normal business flows. So this can be a very good way to prevent all kinds of unknown attacks and new attacks, to ensure the normal operation of information system, to ensure the security of network normal business flow and to prevent the core data leaks.By researching and analyzing of all kinds of mainstream network security management technology that is known, and combined with the terminal security management development situation of enterprises at home and abroad. This topic analyzes the requirements of safety management system for bank branches. This new model will be applied to design and implement a set of Linux safety management system, which is based on some open-source software such as MySQL database, nmap and snort and so on.The system consists of security management access terminal and security management server. Unlike methods by installing agent at terminal equipment or manual registration, the deployment is simple and the operation is reliable. Security·anagement access terminal is based on real application environment, to establish’white environment’ that matches security strategy of bank branches and to generate the baseline of business behavior, so as to detect unknown attack and behavior that seems ’normal’which is not (e.g.:If there is still transactions after worktime), and then trigger the alert.