A Design And Implementation Of The Firewall Management System Based On Pooling Technology

The independence of each service resource in the network has been changed by the use of cloud computing, which makes these service resources pool into a unified resource pool for unified management. There are many companies introducing and establishing their own cloud, to deal with the massive information, but most of these companies are mainly for virtual device and some simple equipment in the network, not for the firewall. Therefore, this paper mainly focuses on the firewall to establish the firewall management system based on the resource pool.Acting as the edge of the network, the firewall is mainly used to isolate intranet and extranet, because of the limitation of the quantity and the application, most of the companies didn't manage it in the resource pool. In fact, with the combination of the network equipment resource in the resource pool, and according to the inter domain strategy function which is offered by firewall, the firewall can be used to detect the device configuration conflict in the network, which makes the user getting the intuitive configuration conflict information in the shortest time. Based on these conflicting results, users can reconfigure network device to reduce the loss of such problems. In addition, this function can be further extended to track the state of link.Based on the resource pooling, the firewall management system regards the service as the basic unit, and achieves the function of service creation, service modification, and service deletion. In the system, the resource is divided into component resource and non-component resource. The system transmits the fixed format message to the invoked component, and the non-component services are implemented by the third party framework. The resources related to the firewall are belong to non-component resource in the system, which is collected and pooled by using the third party framework, and completely achieved the resource collection. The system provides users with a simple configuration surface through the third party framework and the configuration information offered by user. It achieves the function of the firewall configuration, and automatically updates the firewall deployment into resource pool and database in time, to keep the information in the resource pool and equipment information in agreement. The users can detect the configuration information, and feedback conflicts. The firewall pooling information can not only detect the detection of simple configuration conflicts, but also can carry out the strategic detection. The firewall management system provides users with the domain information which is calculated by the physical interface and diagnose whether the user can pass the firewall by the firewall deployment information in the resource pool. On the basis of the above functions, the system achieves the basic link detection function, and shows the location of link to the user. It is easy for user the check the problem.After achieving the system, the test cases were designed based on the functions which were designed and implemented in the system, to test the functions, and show the test result. The system has completely achieved all the functions which were motioned above by analyzing the test results.