UTM（统一威胁管理）系统设计与实现

发布时间：2018-05-06 01:42

本文选题：网络 + 安全　；参考：《西安电子科技大学》2007年硕士论文

【摘要】： 现在无论对于什么类型的企业,通过互联网进行商业活动都不是安全可靠的。各种各样的病毒和间谍软件横行,黑客们通过各种方样的方法进行攻击。UTM(统一威胁管理)是网络安全发展的方向之一,它是众多企业都需要的一种简单操作、集成多种解决方案与一体的安全产品,而过去这些功能是由多个技术设备分别实现的。本文设计了一种一体化的UTM产品,其中硬件采用技术成熟的工控机,主要是通过软件实现UTM的全部功能。本产品提供了两个Internet接口、一个DMZ接口和一个内网接口。功能上不仅具备一般网关产品所具有的所有功能之外,还为用户提供可靠的内容过滤和反病毒扫描功能。主要操作界面有:系统管理,网络设置,防火墙设置,名称定义管理和系统状态监控。本UTM系统按功能主要划分为七个部分:防火墙功能、防病毒功能、网页过滤功能、邮件过滤功能、日志审计功能、系统配置管理功能和其它功能。可通过点击各选项,进入相应的配置界面。在此次UTM系统开发中,本人主要负责了动态封堵模块、应用控制实现、目标操作系统实现技术工作。动态封堵模块的主要就是对捕获的IP分片包和url信息以及email收发信人进行检查,若找到有害地址或有害连接则进行封堵。应用控制主要有两个方面:首先是解决ftp透明代理服务器(frox.conf)的问题;其次是利用Ultra Monkey、Heartbeat、Linux Virtual Server(LVS)等来实现实现高可用性和负载均衡的综合性方案。目标操作系统实现的主要工作就是对Linux内核精简。论文最后达到了设计的目标,并做出了UTM样品,样品也基本实现了预期的主要功能,如防火墙、屏蔽垃圾广告信息、网关防病毒、防止间谍软件、防止非法入侵、URL过滤等。 UTM技术的出现和发展只是经历了短短的几年的时间,其仍然不是很成熟,所以本论文的研究对UTM产品的推广和发展有着很大的现实意义。
[Abstract]:Now, no matter what kind of enterprise, doing business through the Internet is not safe and reliable. With all kinds of viruses and spyware, hackers attack. UTM (Unified threat Management) is one of the directions of network security development. It is a simple operation that many enterprises need. Security products that integrate multiple solutions into one, whereas in the past these functions were implemented separately by multiple technical devices. In this paper, an integrated UTM product is designed, in which the hardware is a mature industrial computer, and the whole function of UTM is mainly realized by software. This product provides two Internet interfaces, a DMZ interface and an intranet interface. Functionally, it not only has all the functions of general gateway products, but also provides users with reliable content filtering and anti-virus scanning functions. Main operating interfaces are: system management, network settings, firewall settings, name definition management and system state monitoring. The UTM system is divided into seven parts according to its functions: firewall function, anti-virus function, web page filtering function, mail filtering function, log audit function, system configuration management function and other functions. You can click on each option to enter the corresponding configuration interface. In this UTM system development, I am mainly responsible for dynamic blocking module, application control implementation, target operating system implementation technology. The main purpose of the dynamic blocking module is to check the captured IP packet and url information and the email receiver, and to block the IP packet and the email receiver if they find the harmful address or the harmful connection. There are two main aspects of application control: first, to solve the problem of ftp transparent proxy server, and secondly, to realize the comprehensive scheme of high availability and load balance by using Ultra Monkey Ultra HeartbeatLinux Virtual Server. The main task of implementing the target operating system is to simplify the Linux kernel. Finally, the paper achieves the goal of the design, and makes the UTM sample. The sample basically realizes the expected main functions, such as firewall, blocking spam advertising information, anti-virus gateway, preventing spyware, preventing illegal intrusion of URL filtering and so on. The emergence and development of UTM technology has only experienced a few years, it is still not very mature, so the research of this paper has a great practical significance for the promotion and development of UTM products.
【学位授予单位】：西安电子科技大学
【学位级别】：硕士
【学位授予年份】：2007
【分类号】：TP393.08

【引证文献】