Research And Implementation Of Interaction With Firewall And Intrusion Detection System

Along with the increasing popularization of the network, network users pay much more attention to security and reliability of the network system gradually. Nowadays, people's consciousness of security have reinforced, so that many security techniques have been widely applied, such as firewall,intrusion detection,anti-virus and security audit which guarantee network security effectively. However, single security product has different limitations when it is used. Genuine network security should be an integrated and dynamic security system in order to realize organic integration of all kinds of security techniques and dynamic interaction of all sorts of security products.As the two products that are applied most widely——firewall and intrusion detection system, this paper focuses on the research about how to integrate them and construct an open network security platform ,so that we can implement whole security defense of network through information interaction between firewall and intrusion detection system.At first, the firewall and intrusion detection techniques are introduced, security interaction techniques are discussed as well. Then after explanation of simple network management protocol(SNMP),security interaction technology based on SNMP is presented: the firewall and intrusion detection systems will be embedded in a network security platform to realize complete network security in indirect way ;at the same time, an open,universal and scalable security unified management platform is also established. In the following chapters, we construct whole frame of the security interaction system and design interaction console,Management Information Base(MIB) of the firewall and intrusion detection systems in detail. Using SNMP, we also achieve message communication of the interaction system. In the end, implementation scheme about fulfilling interaction through overwriting rule database of firewall is given. Finally, we summarize the work in the paper and give the prospect of the research in the future.