NETGUARD PRO: A CENTRALIZED APPLICATION CONTEXT-AWARE FIREWALL WITH INTEGRATED HONEYPOT DETECTION, NETWORK CREDENTIAL AUDITING, AND REAL-TIME ANOMALY DETECTION DEPARTMENT ROUTING

Abstract

NetGuard Pro is an advanced network security platform designed to monitor, control, and enforce application-level traffic policies through a centralized, context-aware firewall system. Traditional network firewalls suffer from critical limitations including lack of application-layer visibility, static rule enforcement, and absence of real-time threat response mechanisms. This paper presents the design, architecture, and implementation of NetGuard Pro, a softwarebased security platform that transcends conventional port-based filtering by incorporating deep packet inspection, DNS query analysis, and multi-dimensional policy enforcement. The system captures live network packets using PyShark and TShark, classifies traffic at the application layer, and enforces block or allow decisions through direct integration with the Windows Firewall API and system DNS resolution via hosts file manipulation. Beyond core firewall functionality, the platform incorporates three complementary security modules: a threshold-based anomaly detection engine identifying port scans, traffic floods, and behavioral deviations; a simulated HTTP honeypot server that logs attacker connection behavior; and a network credential auditor that identifies devices using default or weak passwords. All functionality is presented through a unified nine-page web-based Security Operations Center built with Bootstrap 5.3 and Chart.js. Testing demonstrates successful application identification, real-world traffic blocking verification, and anomaly detection under high-traffic conditions. The platform delivers enterprise-grade network security capabilities in an accessible, zero-cost, software-deployab