统一安全管理平台测试方法的研究与实现

【作者】 宋亚磊；

【导师】 王宗敏；

【作者基本信息】 郑州大学 ， 计算机技术， 2011， 硕士

【摘要】 随着网络应用的发展,要想保障网络上大量业务运转,就必须全面考虑出现的各种问题,包括：设备故障、黑客入侵、信息安全、病毒传播等。然而,各种安全技术产品,都只能解决局部问题；并且各类产品之间缺乏协同调度、统一管理的能力。这种局面不仅会加重网络管理人员的负担,势必也会大大增加整个网络的维护费用。为了实现在一个界面内对防火墙、VPN、入侵检测、漏洞扫描、防病毒、身份鉴别、安全审计等网络安全资源的集中监控、统一策略配置及安全设备之间的互动,于是提出一种全方位的综合网络安全管理解决方案,即统一网络安全管理平台(Unify Security Management USM)技术。本文对USM技术进行了研究和分析,并对国内外发展现状和趋势进行了了解。在USM开发或者使用的过程中,需要有一套测试方法对每个阶段的USM产品进行评测,这样就能对USM产品有更清晰和深入的认识,这对USM的开发和使用有着指导性意义。本文对国内外各种评测方法进行了介绍,并制定了具体的测试指标。最后,搭建网络测试环境,制定测试流程,实时测试了USM的相关指标,并给出了具体测试结果和总结。更多还原

【Abstract】 With development of the application of network into practice, we should take all kinds of the problems of securities into consideration in order to guarantee the programs well done. For example:Equipment Fault; Hackers Attack; Information Security; Virus Dissemination etc.However, all kinds of products of security and technology can only solve a part of problems. Meanwhile, the disadvantages of them are short of capacity of collaborative scheduling and unified management with each other. The situation is not only making the network management take on heavy burden, but also increases the safeguard expenses. So we will develop a kind of technology named:Unify Security Management (USM), which is all around and comprehensive. Then centralized monitoring on security resources, unify program disposition and security equipment interact with each other at the same interface is on the basis of it. Security resources include:Firewall; VPN; USM; Vulnerability Scanning; Anti-virus; Authentication; Security Audit, etc. This paper researches and analyzes the USM technology, and knows about the situation and tendency of it in home and abroad.In the process of development and use of USM, we are in need of methods to evaluate the products of USM at different stages so that we are able to grasp the details of USM clearly and thoroughly. It provides a meaningful instruction for our development and use. The paper introduces various evaluation methods in home and abroad, and sets a concrete index, and then builds evaluation environment, and implements the process. Finally, evaluating the certain index, we get a result and have a conclusion.更多还原