Modern life cannot be separated from the Internet,as a result, the security of the Internet has gradually become more and more important to everyone. How to more effectively prevent malicious attacks from malicious people and reduce the losses caused by cyber attacks is a problem that many people have been trying hard to solve. Traditional networks rely on intrusion detection systems to detect malicious attacks. However, intrusion detection systems cannot adequately block the network attacks caused by these malicious individuals. In order to improve the shortcomings of traditional networks that cannot be effective against malicious attacks. This article attempts to use software-defined networking (SDN) to incorporate the alert mechanism of intrusion detection systems. Through the centralized management of switches, combined with the setting of the Flow Table, to filter and block packets, strengthening traditional security mechanisms that block intrusions can also effectively reduce bandwidth consumption and maintain overall network security.