Firewall is an important part of network security

The firewall consists of 4 parts of service access policy, verification tool, packet filtering and application gateway, which is a software or hardware between the computer and the network to which it is connected (in which the hardware firewall is rarely used only by the Ministry of Defense, because it is expensive). All network traffic that is flowing into and out of the computer passes through this firewall. The visible firewall is an integral part of network security.

Firewalls are a barrier to network security

A firewall (as a blocking point, control point) can greatly improve the security of an internal network and reduce risk by filtering unsafe services. Because only a carefully chosen application protocol can pass through the firewall, the network environment becomes more secure. such as firewalls can prohibit the entry and exit of protected networks such as the notoriously insecure NFS protocol, so that external attackers cannot exploit these fragile protocols to attack the internal network. Firewalls can also protect the network from routing based attacks, such as source routing attacks in IP options and redirected paths in ICMP redirection. The firewall should be able to reject all of the above types of attack messages and notify the firewall administrator.

Firewalls in network security

Industry peers once said that "security is a sense, not some kind of technology can achieve real security." "As the hours of work get longer, the more you feel about it," he said. The more defensive network, the use of human negligence, the laziness of administrators and social engineering can also be easily breached.

What can a firewall do?

1, packet filter

is the firewall with packet filtering? Yes, that's right! According to the definition of firewall, all the ways that can effectively prevent the network from illegally connected are counted as firewalls.

2, the packet transparent forwarding

In fact, the firewall is typically set up before servers that provide certain services.

3. Block external attack

If the user sends a message that the firewall setting does not allow, the firewall blocks it immediately, preventing it from entering the server behind the firewall.

4. Record attack

If necessary, the firewall can actually record the attack, but because of efficiency, the current general record of attacks are given to the IDs to complete.

Summary: Firewall as a kind of security protection equipment, in the network is the target of many attackers, to select a suitable firewall for the enterprise, must from its own security, network performance, ease of management and flexibility and other aspects of consideration.

This column more highlights: http://www.bianceng.cnhttp://www.bianceng.cn/Network/Firewall/