I. Application programme
As shown in the following illustration:
Two. Main functional features
1. Software and hardware integration structure
Firewall for users, just a similar hardware device, the whole system using black box design, firewall system and hardware closely combined to play the highest hardware efficiency, reduce the operating system problems caused by the possibility of network vulnerabilities, improve the system's own security.
2. Unique Fourth network interface (internal server group)
Blue Shield firewall Anti-internal version has four network interfaces, specifically opened up the fourth zone-internal service area, the original installed in the internal network of some important servers centralized into the region, this area is different from the third region. For the third area, intranet, extranet can access, for the fourth area, only open to a certain part of the intranet IP access, the extranet can not be accessed. This composition of the system, both "anti-external" and "inside", a complete solution to the general firewall can only "prevent outside" can not be "internal" deficiencies.
3.NAT Way to save network address resources
For a small network, the requested IP address is not too much, if each device in the network requires an IP address, will cause a serious lack of IP address. Blue Shield Firewall provides network address translation (network addresses translation) function not only can hide the internal network address information, so that no direct access to the internal network equipment, while it also helps the network can exceed address restrictions, To reasonably arrange intranet users with public Internet addresses and private addresses on the network to access the information resources of the Internet smoothly, not only will it not hinder any network application, but also save a lot of network address resources.
4. High-Performance system core
Now commercial operating platforms such as Win98, NT, UNIX, Linux, there are a number of loopholes, and constantly be hackers on the internet to open, spread, as the target of attack. Blue Shield security team from the bottom of the start, the development of a dedicated firewall security platform, the flow of closely related to the module to optimize the treatment, to achieve high security, high stability and efficiency. The core of this system is specially designed for TCP/IP and firewall, which can greatly improve the system performance. For example, the IP checksum part is written by assembly language, which can improve 20%-60% compared with the similar system.