Network security-border security-firewall (2)

With the development of security technology, both hacker attack capabilities and security personnel defense technologies have risen to a new level, and security threats are becoming more and more hidden, this article describes the firewall, another powerful tool for border security. I have seen many firewall devices from many manufacturers. Some of them are very beautiful. They are similar to Art. ^ _ ^. They are beautiful in appearance, but contain a powerful and intelligent heart. They are on standby 24 hours a day, protect network information and assets.

Firewalls include software, hardware firewalls, desktop firewalls, network firewalls, Web/mail firewalls for specific applications, and DDoS firewalls; this article describes a type of firewall commonly used in IDCs, such as Cisco ASA, Juniper SG/SRx, checkpoint, and watchguard .. After years of development, the firewall has also experienced many changes, from the first packet filtering firewall, to the stateful packet filtering firewall, to the firewall that integrates UTM/IDP application recognition and filtering; as intelligent and powerful, the performance is getting stronger and stronger.

Firewall deployment methods are generally as follows:

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/43/FC/wKioL1Pe_SmQmwceAAGGm_vRmt0702.jpg "Title =" fw.png "alt =" wkiol1pe_smqmwceaaggm_vrmt0702.jpg "/>

1. Simple deployment of internal and external regions.

2. added the DMZ area.

3. added protection for important internal servers and used firewalls of different manufacturers.

4. The preceding is a simple network deployment method. Generally, HA is enabled for important services and dynamic routing protocol is enabled for large network boundaries.

Describes common firewall functions:

1. Nat is an effective method to save IP addresses and a security measure to Hide IP addresses of internal servers.

2. Main Functions of policies, security policies, and firewalls.

3. Security Tools for VPN, inter-branch and remote dialing users.

4. UTM: Unified Threat Management, including gateway anti-virus, anti-spam, and intrusion defense.

5. IDP: Intrusion Detection and defense. It generally performs Deep Packet scanning and matching checks to defend against attacks at the application layer.

6. routing protocols generally use static or dynamic routing to achieve interconnection.

7. other functions, such as proxy, traffic control, virtual firewall, and log auditing.

An example is as follows:

As shown in, a firewall is followed by a Web server, where Sa requires VPN dialing to manage the server.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/43/FB/wKiom1Pe_EzRlJTcAACYNiBKFwg132.jpg "Title =" fw_example.png "alt =" wkiom1pe_ezrljtcaacynibkfwg132.jpg "/>

The configuration operations required by the firewall are described as follows:

1. The firewall determines the external and internal interfaces, and configures the corresponding network;

2. Configure Nat in the firewall to map the Server IP address to the Internet IP address of the firewall;

3. configure a VPN in the firewall to allow the SA to remotely manage the server;

4. configure a policy for the firewall, an open access policy for 80 of the external any-server, and a policy that allows SA to perform VPN dialing.

5. Configure other simple security protection for the firewall, such as limiting the number of SYN connections per second, the number of SYN semi-open connections, and the number of ping requests per second.

 

You can use the above steps to implement server security protection. Other security protection policies are configured as needed.

This article from the "the brightest star in the night sky" blog, please be sure to keep this source http://wangxl.blog.51cto.com/621714/1535203