Shulou(Shulou.com)06/03 Report--

What are the characteristics of the firewall? Many novices are not very clear about this. In order to help you solve this problem, the following editor will explain it in detail. People with this need can come and learn. I hope you can gain something.

The characteristics of the firewall: 1, so the communication between the internal and external must pass through the firewall; 2, only the authorization defined by the security policy, the communication is allowed to pass; 3, the firewall is the fortress of the network, concentrate the security measures on the firewall as far as possible; 4, the security measures of the firewall are enforced.

Firewall technology is a technology that helps computer networks build a relatively isolated protection barrier between their internal and external networks by organically combining all kinds of software and hardware equipment used for security management and screening, in order to protect the security of user data and information.

The main function of firewall technology is to find and deal with the security risks and data transmission problems that may exist in the operation of computer network in time, including isolation and protection. At the same time, various operations in computer network security can be recorded and detected to ensure the security of computer network operation and the integrity of user data and information. Provide users with a better and more secure computer network experience.

Characteristics of firewalls

So communication between internal and external must go through the firewall.

Communication is only allowed through the authorization defined by the security policy.

The firewall itself must be anti-intrusion.

The firewall is the fortress of the network, so concentrate the security measures on the firewall as much as possible.

The security measures of the firewall are enforced

The firewall can record all events of communication between inside and outside.

Firewall function

The firewall scans the network traffic that flows through it so that it can filter out some attacks so that they are not executed on the target computer. Firewalls can also close ports that are not in use. And it can also prohibit the outflow of communications from specific ports and block Trojan horses. Finally, it can prohibit access from special sites, thereby preventing all communications from unknown intruders.

The barrier of network security

A firewall (as a blocking point, control point) can greatly improve the security of an internal network and reduce risk by filtering insecure services. Because only carefully selected application protocols can pass through the firewall, the network environment becomes more secure.

For example, firewalls can prohibit notoriously insecure NFS protocols from entering and leaving the protected network, so that it is impossible for external attackers to use these fragile protocols to attack the internal network. Firewalls also protect the network from routing-based attacks, such as source routing attacks in IP options and redirect paths in ICMP redirects. The firewall should be able to reject all of the above types of attacks and notify the firewall administrator.

Strengthen the network security strategy

Through the firewall-centered security scheme configuration, all security software (such as password, encryption, identity authentication, audit, etc.) can be configured on the firewall. Compared with distributing the network security problems to each host, the centralized security management of the firewall is more economical. For example, in network access, one password system at a time and other identity authentication systems do not have to be scattered on each host, but focus on the firewall.

Monitoring and auditing

If all visits go through the firewall, the firewall can record these visits and log them, as well as provide statistics on network usage. When suspicious actions occur, the firewall can give an appropriate alarm and provide detailed information about whether the network is being monitored and attacked.

In addition, it is also important to collect the use and misuse of a network. The first reason is that it is clear whether the firewall can withstand the detection and attacks of attackers, and whether the control of the firewall is adequate. Network usage statistics are also very important for network demand analysis and threat analysis.

Prevent the leakage of internal information

Through the division of the internal network by the firewall, the isolation of the key network segments of the intranet can be realized, thus limiting the impact of local key or sensitive network security problems on the global network.

In addition, privacy is a great concern of the internal network, an inconspicuous detail in an internal network may contain clues about security and arouse the interest of external attackers, and even expose some security vulnerabilities of the internal network.

Using firewalls can hide services such as Finger,DNS that disclose internal details. Finger shows the registered name, real name, last login time and shell type of all users of the host.

But the information displayed by Finger is very easy for attackers to learn. Attackers can know how frequently a system is used, whether users of the system are connected to the Internet, whether the system attracts attention when it is attacked, and so on.

Firewalls can also block DNS information about the internal network, so that the domain name and IP address of a host are not known to the outside world. In addition to the security function, the firewall also supports the enterprise internal network technology system VPN (Virtual Private Network) with Internet service.

Logging and event notification

All the data entering and leaving the network must go through the firewall, and the firewall records it through logs, which can provide detailed statistical information about the use of the network. When suspicious events occur, the firewall is better able to alarm and notify according to the mechanism, and provide information about whether the network is threatened.

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.