INTERNAL/EXTERNAL NETWORK INTEGRATED SECURITY SYSTEM AND METHOD THEREOF

摘要

PURPOSE: An internal/external network integrated security system and method thereof are provided to control every traffic generated on a network and actively cope with a security violation event by adding a network detecting function and performing an independent log policy. CONSTITUTION: A firewall system(100) improves a performance of a security system by recording only a violated matter among functions such as a packet filter, a NAT(Network Address Translation) and a VPN(Virtual Private Network) as log information. An NIDS(Network Intrusion Detection System)(200) actively copes with a violated matter by detecting a traffic generated on an internal network. The NIDS collects and analyzes packets, then records only a violated matter as log information. A network log managing system(300) records log information on a traffic used in an internal network and a traffic from the internal network to an external network or from the external network to the internal network, and improves a performance and safety of a security system by collecting packets through an interface. A Log1 is a database storing violation log information in the firewall system(100). Log2 is a database storing detection(violation) log information received from the NIDS(200). Log3 is a database storing log information of a normally passed traffic in the firewall system(100) and every network traffic generated in the internal network. Interface1 is exclusively used for the external network. Interface2 is exclusively used for the internal network and communication. Interface3 is exclusively used for the NIDS. Interface4 is exclusively used for a network log.