Design And Implementation Of Firewall Security Management Platform

In recent years,with the rapid development of new technologies such as big data,Internet of Things,mobile Internet,and artificial intelligence,these new technologies have brought convenience to enterprises and organizations while also increasing the risk of being attacked by various domestic and foreign hacker groups.The state policy level also attaches more and more importance to network security work,and the requirements for Internet security are becoming more refined and standardized.Currently,enterprises have installed a considerable number of firewall devices and internal threat detection,vulnerability management and other security protection equipment.However,the independent configuration of firewall devices within the enterprise may cause inconsistent access control policies in the network,and the management of data and information between different firewall devices also brings a great management burden to administrators.This thesis takes the next generation firewall as the core,coordinates and links with other security protection devices in the enterprise LAN,establishes a comprehensive,intelligent and visual firewall security management platform,monitors and manages all kinds of security devices in the overlay network in a unified way,grasps the security situation in a timely manner,continuously identifies security risks,quickly responds to external threats,and through the visual charts of each module,Provide decision-making support for safety operation and maintenance personnel at all levels.The thesis has completed the system requirements analysis and functional design.The front end of the firewall security management platform adopts the Vue framework,while the back end is built on the company’s self-developed operating system using the C language.Postgre SQL is used as the database,and SNMP and Agent are used to communicate with the firewall devices.The firewall policy redundancy algorithm based on policy tree is used for policy conflict detection,and feature library and Hyperscan matching library are used for security event packet matching.The firewall security management platform mainly includes the following five modules: device management for adding and managing firewalls,policy configuration and optimization policy management,security event management for viewing and handling security events,log management for viewing and exporting logs,and system management for maintaining the normal operation of the platform.The thesis has completed the design and implementation of functions such as device management,policy management,and security event management,including adding,displaying,and operating firewall devices;Configuration and optimization of access control policies;Safety event display,event handling and other functions;And detailed testing was conducted on these functions.The security management platform effectively reduces repetitive operations by management personnel,improves the productivity and efficiency of enterprises,and reduces the occurrence of expired,redundant,and ineffective policies,ensuring the defense ability of security devices.The platform can also help enterprises monitor and prevent potential attack behaviors,as well as respond quickly to security events.