Not only the network security displays in the network viral prevention aspect, moreover also displays ability aspect which invades in the system resistance external illegal hacker. Regarding the network virus, we may through kill the poisonous software to cope with, then what measure regarding guards against the hacker to invade us to be able to take? In such situation, the network firewall technology then arose at the historic moment. Then actually what is called the firewall? What does it have to affect? Asks everybody patience downward to look.
First, firewall's basic concept
Ancient times, the people often build a brick wall between the residence, once the fire occurs, it can prevent the fire intensity to spread to other residence. Now, if a network has received above Internet, its user may visit the outside world and with it correspondence. But simultaneously, the outside world also similarly may visit this network and with it alternately. For safety, may inserts a mediating system between this network and Internet, raises up together the safety barrier. This barrier's function is blocks from exterior through the network to this network threat and the invasion, provides holds this network security and the audit only checkpoint, its function and ancient times fire protection brick wall has the similarity, therefore we this barrier on named “firewall”.
In the computer, the firewall is one kind of equipment, it is becomes by the software or the hardware equipment combination, usually is between enterprise's internal local area network and Internet, limits the Internet user as well as manages the internal user visit outside visit to internal network the jurisdiction. In other words, the firewall is one located at was considered that is safe and the credible internal network with one was considered not that safe and the credible exterior network (usually is Internet) a between blockade tool. The firewall is one kind of passive technology, because of its supposition net boundary's existence, it has controlled effectively with difficulty visit to internal illegal. Therefore the firewall only suits in the relatively independent network, for example enterprise interior confined network and so on.
Second, firewall's basic maxim
1. filters the unsafe service
Based on this criterion, the firewall should block all information flows, then to hoped provides the safe service item by item opening, or possibly has the safe hidden danger service to the unsafe service to strangle in the seed. This is one very effective practical method, may create one kind of very safe and secure environment, because only then undergoes the careful choice the service to be able to permit the user use.
2. filtration illegal user and visit special stand
Based on this criterion, the firewall should permit all users and the stand first visit to internal network, then the network administrator the stand which or does not trust to authorization's user carries on according to the IP address shields item by item. This method constituted one kind of more nimble application environment, the network administrator has been possible to aim at the different service face the different user opening, was also can establish each user freely the different access authority.
Other pages: : 1 * 2 * Next>>
|
You are here: hacking technology
> firewall
> Content
Category: Home
> firewall