A survey of Internet firewall technology

Source: Internet
Author: User
Tags filter functions port number firewall

1. Introduction

Firewall technology is an applied security technology based on modern communication network technology and information security technology, which is more and more used in the interconnection environment of private network and public network, especially for Internet network. The rapid development of the Internet, so that the firewall products in a short span of a few years, and soon formed an industry: 1995, the market of firewall technology has just been marketed less than 10,000 sets; by the end of 1996, it soared to 100,000 sets; According to the forecasts of the International authoritative commercial Investigation Agency, The firewall market will grow at a compound growth rate of 173% per cent, at the end of this year, to 1.5 million, with market turnover rising from 1.6 billion in 1995 to $980 million this year. 

In order to understand the Internet firewall and its development process, especially the technical features of the fourth generation firewall, it is necessary for us to make a detailed investigation on the development and evolution of firewall technology from the angle of products and technology. 

2. Internet Firewall Technology Profile

A firewall is a wall of buildings used to prevent fires from spreading. In theory, Internet Firewall services are similar to those used to prevent outside intrusion. It protects against all kinds of dangers on the Internet (viruses, resource theft, etc.) from spreading to your network. In fact, the firewall is not like the real life of the firewall, it is a bit like the ancient city of the moat to protect the city, serving the following multiple purposes:

1) to restrict the entry of people from a specific control point;

2) to limit the departure of people from a particular point;

3 prevent intruders from approaching your other defensive facilities;

4 effectively prevent the destruction of your computer system by the attacker. 

In real life, Internet firewalls are often installed on a protected internal network and connected to the Internet.

It is not difficult to see from the image above that all transmission information from the Internet or messages you send must go through the firewall. In this way, the firewall plays a role in protecting security such as e-mail, file transfer, remote logins, and exchange of information between specific systems. Logically, firewalls are a function of separation, restriction, and analysis, as can be learned from Figure 1. So what exactly is a firewall? In fact, a firewall is a system or a set of systems that strengthens the security defenses between the Internet (intranets), consisting of a set of hardware devices, including routers, servers, and corresponding software. 3. Firewall technology and product development review.

Firewall is an organic part of network security policy, it realizes the effective management of network security by controlling and monitoring information exchanging and accessing behavior between networks. Overall, the firewall should have the following five basic functions:

Data filtered into and out of the network;

managing access to and from the network;

To block certain prohibited acts;

Record the contents and activities of the information through the firewall;

Detect and alert for network attacks. 

In order to achieve the above functions, in the development of firewall products, people widely used the network topology, computer operating system, routing, encryption, access control, security audit, such as mature or advanced technology and means. Looking at the development of the firewall in recent years, it can be divided into the following four stages (i.e. four generations). 

3. Router based firewalls

Since most routers themselves contain packet filtering function, network access control may be implemented through road control, so that routers with packet filtering function become the first generation firewall products. The characteristics of the first generation firewall products are:

1) using the router itself to parse the packet, the Access Control table (access list) is used to filter the packet;

2 Filter judgment can be based on: address, port number, IP flag and other network characteristics;

3 only the function of packet filtering, and firewalls and routers are integrated. In this way, the network with low security requirements can adopt the method that the router comes with the firewall function, while the network with high security requirements needs to use a router as the firewall alone.



Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.