Network firewall function Index detailed introduction

From the development of firewall products and technology, it is divided into three types: packet filtering firewall based on router, firewall based on common operating system, firewall based on special security operating system.

LAN interface

Lists the supported LAN interface types: The types of networks that firewalls can protect, such as Ethernet, Fast Ethernet, Gigabit Ethernet, ATM, Token Ring, and FDDI.

Maximum number of LAN interfaces supported: The number of local area network interfaces supported by firewalls, and the number of different intranets that they can protect.

Server platform: The operating system platform (such as Linux, UNIX, WinNT, dedicated secure operating system, etc.) that the firewall runs on.

Protocol support

Non-IP protocol supported: AppleTalk, DECnet, IPX and NetBEUI protocols are supported in addition to IP protocols.

Establish VPN channel protocol: The protocol used to construct VPN channel, such as Key distribution, is divided into IPSEC,PPTP, special protocol and so on.

A protocol that can be used in a VPN: a protocol used in a VPN, generally referred to as a TCP/IP protocol.

Encryption support

Supported VPN encryption standards: Cryptographic algorithms supported in VPN, such as standard des for data encryption, 3DES, RC4, and domestic-specific cryptographic algorithms.

In addition to VPN, other uses of encryption: encryption in addition to the protection of transmission data, but also used in other areas, such as identity authentication, message integrity authentication, key distribution and so on.

Provides hardware-based encryption: whether hardware encryption is provided and hardware encryption provides faster encryption speed and higher encryption strength.

Certification support

Supported authentication type: Refers to the firewall Support authentication protocol, generally has one or more authentication schemes, such as radius, Kerberos, tacacs/tacacs+, Password way, digital certificate and so on. Firewalls can provide authenticated and authorized access to network resources for local or remote users, and the firewall administrator must determine how the customer is authenticated.

Lists the supported authentication standards and CA interoperability: Vendors can choose their own certification scheme, but they should conform to the appropriate international standards, which refers to the standard authentication protocol supported and whether the authentication protocol implemented is compatible with other CA products.