本文選題：網(wǎng)絡(luò) + 安全��； 參考：《西安電子科技大學(xué)》2007年碩士論文

【摘要】： 現(xiàn)在無(wú)論對(duì)于什么類型的企業(yè),通過(guò)互聯(lián)網(wǎng)進(jìn)行商業(yè)活動(dòng)都不是安全可靠的。各種各樣的病毒和間諜軟件橫行,黑客們通過(guò)各種方樣的方法進(jìn)行攻擊。UTM(統(tǒng)一威脅管理)是網(wǎng)絡(luò)安全發(fā)展的方向之一,它是眾多企業(yè)都需要的一種簡(jiǎn)單操作、集成多種解決方案與一體的安全產(chǎn)品,而過(guò)去這些功能是由多個(gè)技術(shù)設(shè)備分別實(shí)現(xiàn)的。 本文設(shè)計(jì)了一種一體化的UTM產(chǎn)品,其中硬件采用技術(shù)成熟的工控機(jī),主要是通過(guò)軟件實(shí)現(xiàn)UTM的全部功能。本產(chǎn)品提供了兩個(gè)Internet接口、一個(gè)DMZ接口和一個(gè)內(nèi)網(wǎng)接口。功能上不僅具備一般網(wǎng)關(guān)產(chǎn)品所具有的所有功能之外,還為用戶提供可靠的內(nèi)容過(guò)濾和反病毒掃描功能。主要操作界面有:系統(tǒng)管理,網(wǎng)絡(luò)設(shè)置,防火墻設(shè)置,名稱定義管理和系統(tǒng)狀態(tài)監(jiān)控。 本UTM系統(tǒng)按功能主要?jiǎng)澐譃槠邆�(gè)部分:防火墻功能、防病毒功能、網(wǎng)頁(yè)過(guò)濾功能、郵件過(guò)濾功能、日志審計(jì)功能、系統(tǒng)配置管理功能和其它功能�？赏ㄟ^(guò)點(diǎn)擊各選項(xiàng),進(jìn)入相應(yīng)的配置界面。 在此次UTM系統(tǒng)開(kāi)發(fā)中,本人主要負(fù)責(zé)了動(dòng)態(tài)封堵模塊、應(yīng)用控制實(shí)現(xiàn)、目標(biāo)操作系統(tǒng)實(shí)現(xiàn)技術(shù)工作。動(dòng)態(tài)封堵模塊的主要就是對(duì)捕獲的IP分片包和url信息以及email收發(fā)信人進(jìn)行檢查,若找到有害地址或有害連接則進(jìn)行封堵。應(yīng)用控制主要有兩個(gè)方面:首先是解決ftp透明代理服務(wù)器(frox.conf)的問(wèn)題;其次是利用Ultra Monkey、Heartbeat、Linux Virtual Server(LVS)等來(lái)實(shí)現(xiàn)實(shí)現(xiàn)高可用性和負(fù)載均衡的綜合性方案。目標(biāo)操作系統(tǒng)實(shí)現(xiàn)的主要工作就是對(duì)Linux內(nèi)核精簡(jiǎn)。 論文最后達(dá)到了設(shè)計(jì)的目標(biāo),并做出了UTM樣品,樣品也基本實(shí)現(xiàn)了預(yù)期的主要功能,如防火墻、屏蔽垃圾廣告信息、網(wǎng)關(guān)防病毒、防止間諜軟件、防止非法入侵、URL過(guò)濾等。 UTM技術(shù)的出現(xiàn)和發(fā)展只是經(jīng)歷了短短的幾年的時(shí)間,其仍然不是很成熟,所以本論文的研究對(duì)UTM產(chǎn)品的推廣和發(fā)展有著很大的現(xiàn)實(shí)意義。
[Abstract]:Now, no matter what kind of enterprise, doing business through the Internet is not safe and reliable. With all kinds of viruses and spyware, hackers attack. UTM (Unified threat Management) is one of the directions of network security development. It is a simple operation that many enterprises need. Security products that integrate multiple solutions into one, whereas in the past these functions were implemented separately by multiple technical devices. In this paper, an integrated UTM product is designed, in which the hardware is a mature industrial computer, and the whole function of UTM is mainly realized by software. This product provides two Internet interfaces, a DMZ interface and an intranet interface. Functionally, it not only has all the functions of general gateway products, but also provides users with reliable content filtering and anti-virus scanning functions. Main operating interfaces are: system management, network settings, firewall settings, name definition management and system state monitoring. The UTM system is divided into seven parts according to its functions: firewall function, anti-virus function, web page filtering function, mail filtering function, log audit function, system configuration management function and other functions. You can click on each option to enter the corresponding configuration interface. In this UTM system development, I am mainly responsible for dynamic blocking module, application control implementation, target operating system implementation technology. The main purpose of the dynamic blocking module is to check the captured IP packet and url information and the email receiver, and to block the IP packet and the email receiver if they find the harmful address or the harmful connection. There are two main aspects of application control: first, to solve the problem of ftp transparent proxy server, and secondly, to realize the comprehensive scheme of high availability and load balance by using Ultra Monkey Ultra HeartbeatLinux Virtual Server. The main task of implementing the target operating system is to simplify the Linux kernel. Finally, the paper achieves the goal of the design, and makes the UTM sample. The sample basically realizes the expected main functions, such as firewall, blocking spam advertising information, anti-virus gateway, preventing spyware, preventing illegal intrusion of URL filtering and so on. The emergence and development of UTM technology has only experienced a few years, it is still not very mature, so the research of this paper has a great practical significance for the promotion and development of UTM products.
【學(xué)位授予單位】：西安電子科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2007
【分類號(hào)】：TP393.08

【引證文獻(xiàn)】

相關(guān)碩士學(xué)位論文 前5條

1 李琪;基于UTM的虛擬系統(tǒng)及其CPU保護(hù)機(jī)制的設(shè)計(jì)與實(shí)現(xiàn)[D];北京郵電大學(xué);2011年

2 賴韜;電子政務(wù)內(nèi)網(wǎng)安全網(wǎng)關(guān)研究與實(shí)現(xiàn)[D];電子科技大學(xué);2011年

3 趙翊凡;關(guān)于UTM中網(wǎng)絡(luò)訪問(wèn)控制和反病毒引擎嵌入的研究與實(shí)現(xiàn)[D];河北科技大學(xué);2012年

4 江超;面向應(yīng)用層的網(wǎng)絡(luò)安全方案的設(shè)計(jì)與實(shí)施[D];北京郵電大學(xué);2013年

5 羅彤;基于多核架構(gòu)的統(tǒng)一威脅管理系統(tǒng)的分析與設(shè)計(jì)[D];北京郵電大學(xué);2013年

，

本文編號(hào)：1850241