Research And Implementation Of Gateway Security Access Technology Supporting Software Defined Network

The twenty-first century,the era of network coming,the Wi-Fi has fully integrated into the office and life.Alarge number of researches,business exchanges and BYOD of companys need to access the office network through Wi-Fi.In this scene,the traditional Wi-Fi access control method that base on binding MAC address or static password has the poor flexibility and lack of security.So,how to use the identity association and software defined network technology to achieve flexibly access and control the enterprise network is the problem that the information assets need solve to ensure the security.The thesis around SDN innovatively put forward an intelligent access control gateway which is used to solve the management problem of Wi-Fi in small and medium enterprises.The thesis has proposed and implemented a multilevel access authentication mechanism that based on identity association,an intelligent network control method to support SDN and the access management of flexible and controllable customer devices and BYOD,the specific contents are as follows:A method that based on identity association access control is proposed.It solves the problem of poor flexibility and security of Wi-Fi access through the way of authorizing employees by manager and authorized external devices by employees.Thespecific research items include the generative mechanism of account that based on identity association and regularly update of employee;the employee how to connect Wi-Fi take advantage of account and how to generate two level account and password for foreign visitors and BYOD devices;the foreign devices how to connect Wi-Fi take advantage of account which was generated by employee authorization.The two level account have shorter available cycles,limited data operations and access scope,and all operation records of the two level account are associated with primary account,so it is easy to track audit.A traffic anomaly detection method based on software defined network is proposed,Through the extracting of network feature parameters,the idea of detecting abnormal traffic models is established,which solves the problem of malicious operations of external access.The specific research items include that realize the real time analysis and active control based on SDN.The intelligent access control gateway can assess the security,network behavior and traffic characteristics of the access devices in real time.When finding abnormal situations,it will automatically generate policies and execute them,restrict network access behavior,and then alarm.Aiming at the based on identity association access control and the based on software defined network traffic anomaly detection,this thesis provides the realization of management platform,We can clearly grasp the situation of network through the platform.The thesis has been tested on the host device supporting Wi-Fi,and tested the access control of external devices and the analysis of various operation behaviors.The results show that the achievements of thesis is feasible and intelligent,easy to use,efficient and accurate.There is a good future for it.