Three development trends of firewall technology development

Firewalls can be said to be one of the most mature products in the field of information security, but maturity does not mean that the development of stagnation, on the contrary, the increasing security needs of information security products put forward more and more high requirements, firewall is no exception, the following we have some basic aspects of the firewall issues to talk about the main firewall product development trends.

Mode change

The traditional firewall is usually set up in the boundary of the network, whether it is the boundary of intranet and extranet, or the boundary of different subnet in intranet, it is separated by data stream to form security management area. But the biggest problem with this design is that the launch of malicious attack not only comes from outside the net, the intranet environment also has many security hidden trouble, but for this kind of problem, the boundary type firewall processing is more difficult, so now more and more firewall product also began to embody a kind of distributed structure, Distributed as the system design of the firewall products to network nodes as the protection object, can maximize coverage of the objects need to protect, greatly enhance the security protection intensity, this is not only a simple product form changes, but a symbol of the firewall product defense concept sublimation.

Several basic types of firewalls can be said to have advantages, so many vendors will combine these methods to make up for a simple way of the vulnerabilities and deficiencies, such as the simpler way is not only for the transport level of packet characteristics filtering, but also for the application layer of the rules to filter, This comprehensive filtering design can fully tap the ability of the core functions of the firewall, can be said to be on its own basis for the development of one of the most effective way, at present, a more advanced filtering mode with the state detection function of the packet filter, in fact, this has become the existing firewall products, a mainstream detection mode, can be foreseen , the future firewall detection mode will continue to be integrated into more areas, and these areas of cooperation has also been greatly improved.

In view of the current situation, the information recording function of the firewall is becoming more and more perfect, through the log system of the firewall, it can easily track the events occurred in the past network, can also complete the linkage with the audit system, have enough verification ability, to ensure that the evidence collected in the process of investigation and forensics conforms It is believed that the functions of this aspect will be greatly enhanced in the future, and this is a problem that many security systems need to face together.

Feature Extensions

Now the firewall product has presented a design trend of integrating multiple functions, including VPN, AAA, PKI, IPSec and other additional functions, even anti-virus, intrusion detection, such as the mainstream function, are integrated into the firewall products, many times we have been unable to tell whether such products are mainly firewalls, Or is it a feature that has been gradually transformed into products that we generally call IPs (intrusion prevention systems). Some firewalls integrate anti-virus features, such a design will bring a lot of improvement in management performance, but also on the firewall product two other important factors have an impact, that is, performance and its own security issues, so our views should be based on the specific application environment to do a comprehensive balance, After all, there is no perfect solution for the world at the moment.