Basic knowledge of firewalls and common related terminology

Source: Internet
Author: User
Tags firewall

Firewall English name is firewall, refers to the computer and its connected network between the hardware or software, can also be located between two or more networks, such as the LAN and the Internet, all the data flow between the network through the firewall (see figure). Firewalls allow you to scan communications between networks, turn off unsafe ports, prevent external Dos attacks, and block Trojan horses, to secure your network and your computer.

Firewall is roughly divided into hardware firewalls and software firewalls: Hardware firewall is the firewall program to do the inside of the chip, the hardware to perform these functions, can reduce the burden of the CPU, so that the route more stable. Hardware firewalls generally have WAN, LAN and DMZ three ports, but also have a variety of security features, higher prices, enterprises and large networks to use more. Software firewall is actually security protection software, such as Skynet Firewall, Jinshan Network Dart, Blue Shield Firewall and so on.

DMZ: Full name demilitarized Zone (area of separation or demilitarization). This function is mainly to solve the installation of firewall after the external network can not access the LAN server, such as FTP server, video conferencing, network games, etc., the DMZ is actually equivalent to a network buffer, through the region can effectively protect the internal network. Currently, firewalls on the market generally provide DMZ ports.

VPN: Full name Virtual private network (dedicated network). It refers to temporary, secure, private network connections that are created on private and public networks (such as the Internet), also known as "tunnels", and are not really private networks. Using the VPN feature in a firewall allows you to create temporary connections that secure the transmission of data across the network. Currently, most firewall products support this feature.

SPI: Full Name stateful Packet inspection (state packet detection). Through this function, the firewall can filter out some abnormal packets to prevent malicious attacks, such as Dos attacks.

DoS: Full name denial of service (Denial-of-service). A Dos attack can overload the server, causing the system to panic, leaving the computer or network unable to provide normal service. Today, most firewalls on the market have the ability to block Dos attacks, which guarantees the security of the computer and the network.

IDS: Full name Intrusion detection Systems (Intrusion detection system). Through this function, the firewall can monitor the health of the network and detect possible attacks to ensure the security of the network.



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.