LADON-SECURITY GATEWAY SYSTEM, SECURITY POLICY SETTING METHOD THEREOF AND HARMFUL TRAFFIC DETECTION ALARM GENERATING METHOD

摘要

PURPOSE: A Ladon-SGS(Security Gateway System), its security policy setting method and a harmful traffic detection alarm generating method are provided to control an illegal intrusion or a harmful traffic by analyzing a large scale network traffic and packet information. CONSTITUTION: A communication processor(21) sets connection with a security policy server and a Ladon-SGS and transfers and receives information according to security policy. A system controller(22) performs operations related to initialization of the Ladon-SGS and controls an overall system. A security policy processor(23) converts the security policy transferred from a security policy server into a form applicable to the Ladon-SGS. An intrusion detection analyzer(24) analyzes an intrusion as occurred through a network and transfers an analysis result to an intrusion detection alarm processor. An intrusion detection alarm processor(25) analyzes an intrusion alarm importance according to a pre-set security policy on the basis of information related to the intrusion type analyzed by the intrusion detection analyzer(24), compares the importance with a reference value, and determines whether to cope with it by a system or transfer it to the security policy server. A security policy storing unit(26) stores the security policy which has been converted by the security policy processor(23), the intrusion detection and corresponding results of the detected intrusion. A firewall processor(27) cuts off an illegal intrusion defined by a firewall policy and a harmful traffic.