在网络安全防护系统中,防火墙侧重于网络访问控制,入侵检测系统侧重于网络入侵行为检测,将防火墙和入侵检测系统进行联动,将被动控制和主动防御相结合,既能实现网络访问控制又能阻断攻击,形成一个较全面的防护系统.文中基于开放接口的联动方式,详细研究了以联动中心为核心,防火墙与入侵检测系统联动的安全防护体系.该体系保证了联动设备功能的完整性、独立性及不同厂家设备间的兼容性,提高了网络攻击行为检测和阻断的实时性、有效性.文中对联动防护体系模型、关键功能模块进行分析研究,构成"防护—检测—响应—再防护"的循环防护,为受保护网络提供了强大的安全保障.%In the network security system, firewall is focused on access control and IDS is focused on detecting attacks. The linkage between firewall and IDS can not only implement the access control but also kill the attacks. The linkage forms a comprehensive security protecting system through the passive control and the active prevention. This paper researches a comprehensive security protecting system based on the open port. The core of this system is "Center of Linkage" and based on this,firewall and IDS are linked. This linkage can improve the integrity, independence, compatibility of the equipment and the instantaneity, effectiveness of the detecting and blockingbetter. This paper researches the model of the linkage system and the major functions. It forms a"Protection-Detection-Response-Protection"cycling system.
展开▼
