Key technology and function application of Intelligent firewall technology

This article puts forward the intelligent firewall, this kind of firewall is smarter and smarter, overcomes the traditional firewall's "one tube to die, one puts on the chaos" condition, the revision above firewall's important assumption is "refuses to guarantee the security, releases also must guarantee the security". The new smart firewall changes the concept of "exit" to the concept of "gateway", and all packets passing through the "gateway" must be inspected by the firewall. In contrast to the data matching inspection techniques used in traditional firewalls, the new intelligent firewall uses AI recognition technology to determine access control. Intelligent firewalls are more secure and more efficient than traditional firewalls.

Firewalls have been widely accepted by users and are becoming a major network security device. Firewalls delineate a range of protection and assume that the firewall is the only exit, and then the firewall decides whether to release or block incoming packets. The traditional firewall has a major theoretical assumption that if a firewall rejects the passage of some packets, it must be safe because the packets have been discarded. But in fact the firewall does not guarantee that the approved packets are secure, and the firewall cannot tell the difference between a normal service packet and a malicious packet, so the administrator is required to ensure that the packet is secure. The administrator must tell the firewall what to pass, and since the administrator says it must be passed, the firewall allows the package to pass according to the rules you set, so that the administrator must assume the security responsibility of the policy error. However, this assumption of the traditional firewall is not appropriate for network security, and the security effect is not good. Handing security responsibility to the security administrator does not actually solve the security issue. A new generation of firewalls should enhance the security of the release data, because the real demand for network security is to ensure security, but also to ensure the normal application.

First, the traditional firewall technology introduction

The current firewall, both technically and product development process, has experienced five stages of development. The first generation of firewall technology is almost simultaneous with routers, using packet filtering (Packet filter) technology. In the 1989, Dave Presotto and Howard Trickey of Bell Labs introduced a second-generation firewall, the circuit-layer firewall, and presented a preliminary structure of the third generation firewall, the application-layer firewall (proxy firewall). The third generation firewall is accurate, the U.S. Department of Defense believes that the first and second generation of firewalls are not enough security, hoping to check the application, and then funded the development of the famous ' tis firewall suite. The fourth generation Firewall was 1992, the Bobbraden of the USC Information Academy developed a fourth generation firewall based on dynamic packet filtering (dynamical packet filter) technology, which later evolved into the current state monitoring (Stateful inspection) technology. In 1994, Israel's checkpoint company developed the first commercially available product to adopt this technology. Fifth generation Firewall is 1998, NAI introduced an adaptive proxy (adaptive proxy) technology, and in its product Gauntlet Firewall for NT, to give the proxy type of firewall given a new meaning. The research of Advanced application agent (Advanced application proxy) overcomes the contradiction between speed and security, which can be called the fifth generation firewall.