Due to the rapid growth of network service and point-to-point applications, more and more people rely on the internet in their daily activities. However, one of the side effects is the wide spread of computer virus and network intrusion events. The use of firewall, anti-virus, and intrusion detection system to protect the hosts in the organization is becoming an inevitable part of the information security measure. Although, these system can detect and defend the attack on their own, most of them do not have the ability to control other network equipments to block attacks from internal network. Consequently, the administrators of network and server system need to monitor the system very closely to ensure that all equipments are in normal condition. However, most of the system administrators from elementary to high school are part time and have some other administrative as well as teaching work to do. They may not be able to resolve the virus infection and intrusion events immediately. This may result in a quick spread of virus or intrusion in the internal network. Therefore, we need a management system that can block the source of attack at the time immediately after the event happened no matter the source is internal or external. In this thesis, we proposed an automatic processing mechanism that combines the anti-virus and intrusion detection system to protect the network and server systems. We use the agent program to retrieve the information detected by those systems. Whenever a threat is identified, we can send command to the switch to shut the interface down when the source is internal or add rule to the firewall to block the traffic from the eternal attack source.