Basic knowledge of firewalls and common related terminology

Firewall English name is firewall, refers to the computer and its connected network between the hardware or software, can also be located between two or more networks, such as the LAN and the Internet, all the data flow between the network through the firewall (see figure). Firewalls allow you to scan communications between networks, turn off unsafe ports, prevent external Dos attacks, and block Trojan horses, to secure your network and your computer.

Firewall is roughly divided into hardware firewalls and software firewalls: Hardware firewall is the firewall program to do the inside of the chip, the hardware to perform these functions, can reduce the burden of the CPU, so that the route more stable. Hardware firewalls generally have WAN, LAN and DMZ three ports, but also have a variety of security features, higher prices, enterprises and large networks to use more. Software firewall is actually security protection software, such as Skynet Firewall, Jinshan Network Dart, Blue Shield Firewall and so on.

DMZ: Full name demilitarized Zone (area of separation or demilitarization). This function is mainly to solve the installation of firewall after the external network can not access the LAN server, such as FTP server, video conferencing, network games, etc., the DMZ is actually equivalent to a network buffer, through the region can effectively protect the internal network. Currently, firewalls on the market generally provide DMZ ports.

VPN: Full name Virtual private network (dedicated network). It refers to temporary, secure, private network connections that are created on private and public networks (such as the Internet), also known as "tunnels", and are not really private networks. Using the VPN feature in a firewall allows you to create temporary connections that secure the transmission of data across the network. Currently, most firewall products support this feature.

SPI: Full Name stateful Packet inspection (state packet detection). Through this function, the firewall can filter out some abnormal packets to prevent malicious attacks, such as Dos attacks.

DoS: Full name denial of service (Denial-of-service). A Dos attack can overload the server, causing the system to panic, leaving the computer or network unable to provide normal service. Today, most firewalls on the market have the ability to block Dos attacks, which guarantees the security of the computer and the network.

IDS: Full name Intrusion detection Systems (Intrusion detection system). Through this function, the firewall can monitor the health of the network and detect possible attacks to ensure the security of the network.