摘要
论文首先对分布防火墙技术与入侵检测技术进行了基础性的介绍,在解析了其各自的局限性后,对联动技术作了分析和研究,就基于入侵检测技术的分布式防火墙联合系统的设计思想和技术实现进行了相关阐述。通过联合系统,防火墙可以利用入侵检测及时地发现其策略之外的攻击行为,入侵检测也可以通过防火墙阻断外部网络的攻击行为,因而能形成一种有效互动的安全防护体系,极大地提高了网络整体安全性能。
This paper presents the Distributed Firewall and Invading Detection Technique, analyzes their deficiencies, discusses and researches the combination technique, explains the design principle and implementation of the combination system based on the Distributed Firewall and Invading Detection Technique. Through the union system, the firewall may using the IDS discover promptly the attack behavior outside its strategy, the IDS also may block the attack behavior from exterior network through the firewall, thus ...
出处
《信息安全与通信保密》
2008年第2期65-67,共3页
Information Security and Communications Privacy
基金
国家863计划课题"基于可执行代码逆向分析的软件漏洞挖掘与管控技术"资助(项目编号:2006AA01Z403)
关键词
分布式防火墙
入侵检测技术
联合系统
distributed firewalls
invading detection technique
combination system