Security knowledge popularization: What is the difference between anti-virus software and firewall?

Source: Internet
Author: User

In computer security protection, we often use anti-virus software and firewall, which play different roles in computer security protection.

1. The firewall is the software located between the computer and the network it connects to. All Network Communication from the computer with the firewall installed goes through the firewall. Using a firewall is the first step to ensure network security. choosing an appropriate firewall is an indispensable barrier to protect information security.

2. Because anti-virus software and firewall software have different positioning, after installing anti-virus software, it cannot prevent hacker attacks. users need to install firewall software to protect system security.

3. Anti-Virus Software is mainly used to prevent viruses and firewall software to prevent hacker attacks.

4. The virus is executable code, and the hacker attack is in the form of data packets.

5. Viruses are usually executed automatically, and hacker attacks are passive.

6. Viruses mainly use system functions. Hackers pay more attention to system vulnerabilities.

7. When a hacker attacks, the anti-virus software cannot protect the system.

8. For beginner users, you can select the security level configured using the firewall software.

9. The firewall software must configure the specifications of specific applications.

10. The firewall does not handle viruses.

Whether it is Funlove or CIH, when users on the internal network download the Internet Files with viruses, firewalls are not dynamic (firewalls here do not refer to real-time monitoring functions in stand-alone/enterprise-level anti-virus software, although many of them are called "virus firewalls ").

You may have pulled the firewall down by me. Yes, firewall is an important part of network security, but it does not mean that network security can be guaranteed by setting a firewall. "Real security is a kind of consciousness, not a technology !" Remember this sentence.

In any case, the firewall still has a positive side. When building any network fortifications, apart from physical isolation and the current new concept of network gate, the first choice is firewall.

Finally, I would like to say, "No technology in the world can truly ensure absolute security ." Security issues are a comprehensive problem from devices to people, from every service program on the server to security products such as firewalls and IDS. Any step is just a step towards security.

Appendix:

What can a firewall do?

1. package filtering

Is a firewall capable of packet filtering? Yes, that's right! According to the definition of the firewall, all methods that can effectively prevent illegal network connections are considered as firewalls. Early firewalls usually use the set conditions to determine whether to allow or block packet characteristics. packet filtering is an important feature. Although many new ideas have been put forward since the development of firewall technology, packet filtering is still an important part, like a layer-4 switch, the first thing to do is to have the basic functions of a switch such as Fast Packet forwarding. Through packet filtering, the firewall can block attacks, prohibit external/internal access to some sites, and limit the traffic and connections of each ip address.

2. Transparent Packet forwarding

As a matter of fact, firewalls are usually deployed before servers that provide certain services. If it is used, it is Server-FireWall-Guest. users' access requests to the server and the information sent from the server to the user must be forwarded by the firewall. Therefore, many firewalls are capable of gateways.

3. Block external attacks

If the user sends a message that is not allowed by the firewall settings, the firewall immediately blocks it to prevent it from entering the server after the firewall.

4. Record attacks

If necessary, the firewall can fully record all attack behaviors. However, due to efficiency considerations, the attack records are generally handed over to IDS (Intrusion Detection System).

The above are the basic features of all firewalls. Although simple, the firewall technology is gradually developed on this basis.

 

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.