Why do we need firewalls?

Many network novice users believe that as long as the installation of anti-virus software, the system is absolutely safe, this idea is totally unacceptable! In today's network security environment, Trojan, virus rampant, hacker attacks frequently, and all kinds of rogue software, spyware also wind waves. How can we keep our system in such a hostile network environment? is anti-virus software enough to keep our system safe? I will analyze the importance of the firewall from several aspects that affect the security of the system below.

Today's network security threats are mainly from virus attacks, Trojan attacks, hacker attacks, and spyware attacks. Antivirus software has developed for more than 10 years, still stay in the level of passive anti-virus, and foreign surveys show that today's global anti-virus software on 80% of the virus can not play a role in recognition, that is, antivirus software can be anti-virus, purely based on the code characteristics of virus samples to identify whether he is a virus, as the police seize a thief, The thief kept a beard, so the policeman stared at the bearded man in the street every day. Such anti-virus effect is conceivable. The same reason, anti-virus software for Trojans, spyware prevention is also based on this way.

Now virus, Trojans update quickly, from a global perspective, can cause greater loss of the virus Trojan, most of them are new, or various varieties, as the characteristics of these viruses Trojan horse is not the anti-virus software, so antivirus software on them can neither alarm, nor kill. Do we have to be slaughtered by the virus Trojan? Of course not! Master how to a few virus Trojan bow! Although anti-virus software can only dry stare, but we still have to observe the door of the firewall!

Why firewall can block virus Trojan even the newest virus Trojan variant? This is going to start with the defense mechanism of the firewall. Firewalls are monitored based on packets connected to the network. In other words, the firewall is equivalent to a strict doorman, in charge of the system's various doors (ports), it is responsible for the people in and out of the identity verification, everyone needs to be the highest commissioner's permission to access, and the highest officer, is yourself. Whenever an unknown program wants to enter the system, or even out of the network, the firewall will be the first time to intercept, and check identity, if it is through your permission to release (such as in the application of the rule set you allow a certain program to connect the network), then the firewall will release all the packets issued by the program, If the program is detected without permission to release, the automatic alarm, and issued a hint whether to allow the release of the program, this time you need the "Supreme Commander" to make a judgment. In general, they do not run or do not understand the program, we are all blocked, and through the search engine or firewall prompts to confirm the nature of the software.

Write here, we estimate the anti-virus software and firewall differences have a certain understanding, give an intuitive example: your system is like a castle, you are the supreme commander of this castle, antivirus software and firewall is responsible for security guards, each has a division of labor. Antivirus software is responsible for the identification of people entering the castle, if you find suspicious characters to catch up (of course, the chances of catching the wrong, otherwise there is no such a lot of manslaughter false alarm incident); The firewall is the doorman, every person in and out of the castle to check, once found no pass the person to the Supreme Commander confirmed. Therefore, any Trojan or spyware, may be in the eyes of the antivirus software secretly record your account password, but because the firewall to the gate to see the dead, and no amount of information can not pass out, thus protecting your system security.

In addition, for hacker attacks, anti-virus software is no way, because the hacker's operation does not have any signature, anti-virus software naturally unrecognized, and the firewall can put your system every port is hidden, so that hackers could not find the entrance, nature will ensure the security of the system.