Hackers are increasingly prone to attacks on applications, and the idea that access control through firewalls can withstand most attacks is no longer appropriate for today's cyber-security situation. More and more hackers do not care how many ports the firewall shut down, their goal is to the firewall generally open ports--80 and 443, such as the use of HTTP to carry malicious data for cross-site scripting attacks, or to apply Peer-to-peer communications on 80 ports or simply directly wrapped in the HTTP protocol, And hackers can go through unauthorized peer-to-peer communication into the corporate network inside.
Clearly, as a border security gateway product, the firewall only provides port-level access control can not solve the above problems. Firewalls must take a big step in application-layer data analysis.
Although we did not do more testing on the application layer protection in this test, we can have a basic understanding of the level of application level analysis of these products by examining the Peer-to-peer communication control capabilities. Is "Falling leaves and know autumn."
Whether it's a "security gateway" or "application intelligence," they have been freed from the "Address + port" and started to focus on the inside of the application data, albeit to varying degrees. Some people think that the analysis of application-layer data should not be done by firewalls. However, for the threat from the extranet, which users are willing to buy more than one feature of different devices to combine them together? In the past, the user more is forced to be helpless.
There is now a fully integrated or partially integrated product of this type. However, people are concerned about the performance problems of firewalls becoming more "intelligent".
When it comes to performance, you should look at it from a number of angles, just looking at the "permit any" case, the 64-byte UDP forwarding performance is one-sided. What happens when a firewall adds a rule? What about the performance of mixed packets, UDP and TCP connections? What about the performance when defending against attacks? These are measures to measure the performance of the firewall, and some of these parameters and firewalls have added more application layer "intelligence" and no causal relationship.
On the other hand, the performance of some "integrated" products does need to be enhanced, but we see that some of the products that become more "smart" are also good.
Also, don't forget that a firewall is first and foremost a security product. With the behavior of hackers, network communication mode than the changes that have occurred before, the firewall should be difficulties! We have learned that some traditional stateful inspection firewall vendors are developing application layer protection functions, and some are working with antivirus vendors to increase the defense capabilities of border gateways. In addition, some safety nets Guan Ye efforts to the development of higher performance, among our participating manufacturers, some will soon launch a new product.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
