摘要 |
An interception-based client data network security system is provided, which includes a user end device, an interception device and a security center. The interception device performs interception of data packets from the user end device according to preset conditions and allows the intercepted data packets to be formedints event logs and then transmits the event logs to the security center for storage. And, the security center compares the stored event logs according to specific search commands for providing security services in correspondence with the stored event logs, thereby overcoming the drawbacks of conventional MPLS or mirror techniques in which the transfer of mass data packets causes overloading of the servers of the security center and excessive consumption of network bandwidth.
|