Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > firewall > Content
Hot Articles
Under Linux system firew
ESET NOD32+ wonderful ti
How the pronunciation an
The open firewall port r
Impediment firewall secu
Individual firewall's tr
20 model of most outstan
Discusses the firewall t
360ARP firewall's simple
Discusses the firewall c
The big spider collabora
One make the supercomput
Establishment firewall i
Deploys the firewall str
About firewall's classif
Recommend Articles
Knew that the Linux oper
Discusses the firewall c
How the pronunciation an
Lets Vista network secur
The big spider collabora
Under Linux system firew
Individual firewall's tr
Establishment firewall i
The network firewall mai
In network security fire
USBKill8.0 implementatio
Discusses the firewall t
Stops up the long-distan
Clearly recognizes the f
About low in high securi
New Articles
Helps you to become kill
The novice fosters the H
Under CMD establishes th
Installs firewall's 12 m
Public Sector organisati
McAfee announces compreh
AppGate adds support for
dns Managed Security Inf
Worthing Borough Council
Hackers use top news sto
Firewall test: From basi
Resists hacker's invasio
Resists the network atta
Takes 0% resources HOST
Teaches you to use the A
Next generation firewall decisive battle between performance and efficiency
  Add date: 10/24/2008   Publishing date: 10/24/2008   Hits: 2
Total 5 pages, Current page:1, Jump to page:
 
“present's firewall performance unsatisfactory place have been too many,” young Wang complains, “lets an I most unsatisfied spot is the firewall system resources consumption is too big.”
  Young Wang makes network management many years, the firewall question has been puzzling him. In fact looks like young Wang such network management to be not infrequent, they already lost confidence to the traditional firewall. Many people hope in the near future, will present new generation's firewall, solves them the current problem.
  The function and efficiency cannot be few
  As one kind of network connections equipment, the firewall is in connects the internal network and the exterior network choke point, nearly all intranets and the exterior net's visit information must through it, but firewall performance height, direct relation entire network correspondence efficiency. But the performance and the efficiency industry in have been revealed is firewall's spear and the shield. How to guarantee firewall's high security, does not reduce it to become traffic capacity suspends in front of many manufacturers a difficult problem.
  Regardless of being the function or the performance is very important regarding the firewall. But, firewall's security function, such as services and so on user confirmation, data encryption and decipher, network address transformation as well as domain name analysis, cause the firewall burden to be overweight frequently, thus creates the firewall performance the drop.
  But in some time, these security function is also essential, because they have guaranteed the network security. Therefore, to be how balanced the good firewall the security function and the performance, becomes very important. Especially the present new firewall, integrated the more security functions, causes the performance question becomes more prominent.
  Left Dan slave group's CIO period of five days Tong Jiu indicated: We use the firewall integrated many security functions, but we considered stemming from the performance, some security function does not dare to open, for instance anti-virus module. Because after opening, will create the firewall other performance large scale drop, the gain does not equal the loss.
  It is known that in the ordinary circumstances, after the firewall function increases, will have the influence directly to its performance. The investigation showed: The multi-purpose firewalls often shoulder the firewall, the gateway to prevent disease the poison, the invasion examination, the content filtration and so on many kinds of functions, therefore is restrained the depth examination and the pattern matching principle, on the network level was unable to find the current capacity general character. Therefore in the present market the mainstream use x86 construction's multi-purpose firewall its hardware platform's structure had decided the performance drops inevitability. Some manufacturer 100,000,000,000,000 products, after opens the gateway anti-poison function alone, the performance drops 8M; If opens the IPS function alone, performance also close 8M; If two functions open completely, the performance drops 6M. Some products even may arrive at 96% performance drop.

 
Other pages: : 1 * 2 * 3 * 4 * 5 * Next>>
Prev:Teach you how to make the floppy disk version of the Linux firewall system Next:How to establish the firewall to realize is forbid QQ, MSN and so on

Comment:

Category: Home > firewall
Home