本研究提出一具體可行的整合防禦架構,利用代理人程式,成功的整合了不同種類的資訊安全系統,其中包含了主機型防火牆系統與新式具有IPS功能的防火牆系統,兩者合作截長補短使得舊式的防火牆系統也可以具有IPS的能力。而本系統在實際的網路環境中測試,證明這是一個可行的系統。 The network security is getting more attention by people, because there are many virus, worms and network attack in recent years. Information security has become more and more important in enterprise or organization. Some information security system are introduce to help increasing security, like firewall system, intrusion detection systems (IDS) and intrusion prevention systems (IPS). Currently, the virus has been developed into worms and trojan, and the network attack has become dined of service(DoS), distribute dined of service(DDoS) and botnet or zombie network. But the firewall system, IDS and IPS are not compatible, so those system can not defense network attack collaboratively. The conventional information security system is enough to safeguard the network against the various threats. Therefore, we propose an agent for the integration of information security system, this system can unite different information security system. The agent can be collect log from each information security system. When it find the IP address of high threat, it will send warning message to other agents to defense the network attacks. We also provide a nice protocol called security warning protocol(SWP). It let agent exchange information more effectively.
