摘要
入侵防御系统是网络安全技术领域一个重要研究内容。介绍和分析了防火墙和入侵检测系统各自的特点和缺陷,并重点分析了相关网络入侵防御技术。最后提出了一种基于简单网络管理协议的网络入侵防御结构模型,在该模型中集合了路由器、防火墙等网络设备,利用它们本身具有的在网络关键路径上的隔离和保护功能,为系统提供深层防御能力。
Nowadays intrusion prevention system (IPS) is an important research field in network security technology. Firstly, the principles and defects of firewall and intrusion detection system are introduced. Then, the network intrusion prevention system (NIPS) is mainly analyzed. Finally, a network security model based on simple network management protocol (SNMP) is proposed. The model can integrate some kind of network devices with NIPS-such as router, firewall etc-which have already contained certain isolation and prevention ability and placed at key sites usually and can effectively provides intensive defense of the system.
出处
《计算机工程与设计》
CSCD
北大核心
2007年第14期3351-3353,共3页
Computer Engineering and Design
关键词
入侵防御
网络安全
网络入侵防御
简单网络管理协议
防火墙
intrusion prevention
network security
network intrusion prevention
simple network management
firewall
