Abstract: Allusion to the limitation of the traditional boundary firewall in dynamic defense, the thesis analyses and compares three interactive technologies between firewall and intrusion-detection system and proposes a boundary defense system model which with the function of firewall and intrusion detection adopts system embedded mode based on the distributed firewall environment. It implements firewall cooperates with intrusion detection by queue communication. Firewall and intrusion detect and defend intrusion to system and connect to distributed firewall by secure communicating module. Finally the thesis expatiates on the realization in Linux.