The origin and actuality of firewall

Current situation of firewall technology

Since 1986, when the American Digital company installed the world's first commercial firewall system on the Internet, the concept of firewall has been put forward, and the firewall technology has been developed rapidly. Second generation firewall, also known as proxy server, it is used to provide network service-level control, the external network to the protected internal Network application service when the intermediate transfer effect, this method can effectively prevent the internal network direct attack, high security. The third generation firewall effectively enhances the security of the firewall, called the State monitoring function firewall, it can detect and monitor the packets of each layer. With the development of network attacks and information security technology, a new generation of more powerful, more secure firewall has come out, this stage of the firewall has been beyond the traditional sense of the scope of the firewall, has evolved into a full range of security technology Integration System, we call it the fourth generation firewall, It can withstand the current common network attacks, such as IP address spoofing, Trojan horse attacks, internet worms, password-seeking attacks, mail attacks, and so on.

Definitions and descriptions of firewalls

The term "firewall" is used to refer to the security techniques applied in building structures. A wall used in buildings to isolate a different company or room and to be as fireproof as possible. Once a unit catches fire this method protects the rest of the occupants. However, most firewalls have an important door that allows people to enter or leave the building. Thus, while firewalls protect people's security, the door provides enhanced security while allowing necessary access.

In computer networks, a network firewall acts as a barrier against potentially malicious activity and allows people to communicate between your secure network and an open, insecure network through a "door". Originally, a firewall is made up of a separate machine, placed between your private network and the public network. In recent years, the firewall mechanism has developed to not only "firlwall box", more mention is the fortress host. It now involves a whole range of areas from internal networks to external networks, consisting of a complex set of machines and programs. In short, the main concept of today's firewall is the application of multiple components. By now you are ready to implement your firewall and need to know what services your company needs and what services are valid for both internal and external users.

The task of the firewall

Firewalls are critical in the process of implementing security. A firewall policy meets four goals, and each goal is usually not implemented by a single device or software. In most cases, the components of a firewall are used together to meet the requirements of a company's security objectives. Firewalls need to be able to ensure that the following four targets are met

Implementing a company's security policy

The primary intent of the firewall is to enforce your security policy. The importance of security policies in appropriate network security is mentioned in the previous course. For example, if your security policy requires only a few restrictions on the SMTP traffic of mail servers, then you must enforce these policies directly at the firewall.

Create a blocking point

Firewalls in a company private network and networking ask to establish a checkpoint. This implementation requires all traffic to pass through this checkpoint. Once these checkpoints are clearly established, firewall devices can monitor, filter, and check all incoming and out traffic. The network security industry calls these checkpoints a blocking point. By forcing all inbound and outbound traffic through these checkpoints, network administrators can focus on fewer parties to achieve security purposes. Without such a point for monitoring and controlling information, the system or security administrator will be monitoring in a number of places. Another name for the checkpoint is called the network boundary.

Log Internet activity

Firewalls can also force logging and provide alert functionality. By implementing the Log service on the firewall, the security administrator can monitor all access from the external network or the Internet. A good logging strategy is one of the effective tools for implementing appropriate network security. The firewall provides more information for administrators to log archives.