The limitation of a general firewall is analyzed , and some solutions of enhancing the security of networking systems are presented in this paper. According to the security necessity of larger networks , the paper synthesizes the techniques of packed - filtering Agent and intrusion detection sysytem , etc. ,and designs a new firewall system combined traffic sniffer and intrusion detection. The system considers inner and outer networks separately ,and it has the capability of protecting both them from security attacks effectively.