摘要
内部局域网络的安全性,等同于系统内安全性最弱的主机。要全面提高网络的安全性能,必须提高每台主机的安全性。建立一个分布式的C/S结构的网络监控系统,在各客户主机上,客户软件使用网络封包截获技术,在后台截获网络数据包,并根据配置中的安全策略,进行分析过滤,同时,将重要信息转发给监控服务器处理;在监控服务器上,监控软件监控网络上所有主机的活动,可统一对各客户主机进行安全设置,所以可全面提高网络中每一台主机安全性能,降低网络安全的管理难度。
The security performance of an inner local network is equal to the security performance of the worst host. To enhance the security comprehensively, every host on the network must he enhanced equally. Through establishing a distributed and C/S architecture system, all the packet transferring is captured by using the technology of capturing packets on the client hot and then analyze and filter them according to its security policy, in the meantime, some of important information is sent to the server host. The server host can supervise all the activities in the network and configure every client host's security policy, as a result, the security performance of every host is enhanced, and the difficulties of security management become lower.
出处
《计算机工程与设计》
CSCD
北大核心
2006年第15期2816-2817,2873,共3页
Computer Engineering and Design
