Enterprise-class firewall is the current financial, telecommunications and government agencies to protect the internal network security of choice products, according to the statistics of the share of nearly 70%. However, what the firewall is doing, can protect against what network attack behavior, perhaps not for everyone to understand. Now let's look at the purpose and function of the firewall:
1, firewall Protection object is who, it is how to achieve the protection function?
In a broad sense, the firewall protects the enterprise's internal network information security, such as the prevention of Bank server user account information, government departments of confidential information, combat plans and strategies in the army and other important information leakage. In a narrow sense, firewalls protect the security of each computer in the enterprise's internal network, preventing the computer from being subjected to all malicious access or attacks from the external unsecured network of the enterprise. The firewall realizes the protection function to the internal network through the physical isolation of the inside and outside network, then controls the access behavior through the firewall according to the predefined security policy, thus achieves the effective control to the enterprise internal network access. Firewalls usually have two modes of operation: Bridge mode and routing mode.
If the firewall is installed between the intranet and the Internet as a security barrier, it is best to choose the routing mode, in which the firewall can use the network address Translation function and agent function, fully protect the corporate network from the attacks from the Internet. If you need to protect the same subnet different areas (departments) of the host, you can choose the Network Bridge mode, at this time, the original network topology does not need to make any changes. For example, the financial department of an enterprise is an important department, even if the internal staff are not allowed to visit, therefore, the need for special protection. But the enterprise network has been built, the corresponding transformation will bring a lot of work. At this point, you can choose the firewall of the Network bridge work mode, not to change the enterprise network structure, but also without the authorization of the firewall, illegal personnel access to the financial department of the host. In this way, the local information security and protection effect.
2, firewall is not only to prevent foreign attacks?
In fact, the internal and external network through the firewall of improper access behavior, firewalls are very sensitive. Even internal employees, if violated the enterprise security policy, will be blocked by the firewall in time and notify the network administrator. For example, with MAC address binding function of the rising enterprise firewall RFW-100, it can be the intranet of each host IP address and the host computer card physical address of the binding, can effectively prevent users by modifying the IP address of unauthorized access. In addition, the firewall supports bidirectional network address transformations: Source Address transform (SNAT) and Destination address transformation (DNAT). Through the source address transform, the external network can not understand the structure of the internal network, so as to improve the security of intranet; At the same time, through the source address transformation, the IP Address resources (intranet host can use the private address) are saved. Rising enterprise firewall RFW-100 allows the administrator to define a time range so that the rule only works within this timeframe. With this control mechanism, you can provide a more flexible configuration policy for your enterprise, for example, you can define rules that allow only company marketing staff and managers to access the Internet at any time, while other department employees only allow access to the Internet during lunch breaks. This function not only saves the enterprise a large amount of network access fee, but also improves the security ability of intranet.
3, for people with headache spam, firewall has what to do?
Firewalls typically provide a dedicated application agent for protocols such as HTTP, WWW, FTP, and Telnet, as well as mail (SMTP) proxies, RPC&UDP proxies, general application agents (all TCP/ip-based applications or services). From the external FTP and Telnet agent to provide strong user authentication mechanism, can effectively prevent hackers from password guessing attacks, and the firewall provides the mail (SMTP) proxy function can prevent the attack of mail bombs, and filter spam. Application-tier proxies can effectively withstand application-based attacks that can pass through packet-filtered firewalls.