Establishing a firewall Initiative network Security protection system

Source: Internet
Author: User
Tags cve firewall

• Firewall Selection

Firewalls and other anti-virus software are good security products, but it takes some initiative to make your network system at the highest level of security.

Do you notice all kinds of hacker attacks, viruses and worm intrusions every day? But when you see the news, maybe your system is already under attack. And now, I'm going to introduce you to a more proactive network security model, through which you can be reassured by the enterprise's network system, even if there are any new viruses.

Similar to firewalls or anti-XX software (such as anti-virus, anti-spam, anti-spyware, etc.), are passive or reactive security measures. When the attack arrives, this type of software generates a corresponding action that can act as part of the entire security system, but you also need to build a proactive security model that protects against any unknown attack and helps secure the network. In addition, while it is necessary to be vigilant in security, few companies have the ability to maintain a 24-hour uninterrupted network of people.

Before implementing a proactive network security architecture, you need to have a general idea of the existing mainstream network security system. Protection methods include four aspects: firewalls, VPNs, anti-virus software, and intrusion detection systems (IDS). Firewalls can detect packets and attempt to block problematic packets, but they do not recognize intrusions and sometimes block useful packets. A VPN establishes a protected private channel between two insecure computers, but it does not protect the data on the network. Anti-virus software is inseparable from its own rules, and in the face of hacker attacks, basically no resistance. Similarly, an intrusion detection system is a purely stimulated response system that acts only after an invasion occurs.

Although these four basic security measures are critical to the enterprise, in fact, a business may spend millions of purchased and built firewalls, VPNs, anti-virus software and IDs systems, but the face of hackers using the "Common Vulnerabilities" (CVE) attack method is powerless. CVE is inherently a vulnerability within an application that can be exploited by hackers to attack the network, steal information, and paralyze the network. According to E-crime Survey (2004 e-crime investigation), 90% of the network security problems are caused by CVE.



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.