How to select a firewall should consider several aspects

The first thing to be clear is that the firewall is not a router, switch, or server. (although it looks more like it), you can't choose a firewall with those product metrics. So what should you pay attention to when choosing a firewall?

Security: This is the most important. Security is not high firewall, other performance is also empty talk. Security includes several aspects, including its own security, access control capabilities, and anti attack capabilities.

Self-security mainly refers to the robustness of the firewall system, which means that the firewall itself should be difficult to be invaded. And the way the firewall is managed is also important. How administrators manage firewalls, Telnet or the web, encryption and authentication, and so on.

Access control capability is the core function of the firewall. Access control capabilities include control granularity, which can control which content, such as address, protocol, port, time, User, command, attachment, and so on. Also note that the control intensity, that is, should be limited to all the content must be blocked, should be through the content should not have any blocking.

Anti-attack capability refers to the ability of the firewall to resist various attacks. Including the type of attack, the number. Especially the resistance to DOS and DDoS attacks. There is currently no perfect solution for DDoS attacks. The main reason for DDoS attacks is how much strength to withstand.

It is difficult for the user to judge the above performance by themselves when choosing a firewall. Because the user does not have the specialized test tool and the method. The user can assist the judgment according to some third party's authentication and the evaluation. For example, can have more stringent security of the military certification, there is China information security product evaluation and certification Center grade certificate. Now the standard is the GB gb/t18336, the higher the level the better, a total of 7 levels. (but now the best seems to be EAL3)

Two network performance.

A firewall is a network device. On the basis of ensuring security, the impact on network performance should be reduced to a maximum extent. For network performance, the main is to see the maximum bandwidth, number of concurrent connections, new connections per second, packet loss and latency. These metrics are the same as switches and routers, and there's no more to say. But one thing to be aware of. The above metrics are not the same when the firewall is in the state of the policy and the full pass strategy. The user must consider the actual environment. For example, add a few policies (full-pass policy at the end) and then test them as required by the user. Legend of some hundred trillion firewall packet (64 bytes) through the rate can reach more than 70%, or even 90%, I think in the actual use of the impossible. The reason to test this data is only two possible: first, the use of high-performance hardware, such as the use of Gigabit network card chip, the second is in the core of the test machine.