Current location - Plastic Surgery and Aesthetics Network - Plastic surgery and medical aesthetics - What's the use of network firewall? What's the use of network firewall
What's the use of network firewall? What's the use of network firewall
Types of network firewalls

Basic classification of firewall 1. Packet filtering firewall

The first generation firewall and the most basic firewall check each passing network packet and discard or release it according to a set of established rules. This is called a packet filtering firewall.

The packet filtering firewall checks each incoming packet to check the basic information (source address and destination address, port number, protocol, etc.). ) In the small bag. ). Then, compare this information with the established rules. If the telnet connection is blocked and the destination port of the packet is 23, the packet will be discarded. If the incoming Web connection is allowed and the destination port is 80, the packet will be released.

In the public network, only packets with the destination address of port 80 can pass through. This rule only allows incoming connections to be Web connections. This rule also allows connections to use the same port as Web connections, so it is not very secure.

Discard incoming packets from public networks, which have source addresses in your network, thus reducing IP spoofing attacks.

Discard packets containing source routing information to reduce source routing attacks. Remember, in the source routing attack, the incoming packet contains routing information, which covers the normal route that the packet should take in the network and may bypass the existing security procedures. By ignoring the source path 2. Stateful/dynamic detection firewall

State/dynamic detection of firewalls, trying to track network connections and packets passing through the firewall so that the firewall can use an additional set of criteria to determine whether to allow or deny communication. It does this by applying some techniques to the communication that uses the basic packet filtering firewall.

When the packet filtering firewall finds a network packet, it will be quarantined. It has no history and future that the firewall cares about. The decision to allow or reject a packet depends entirely on the information contained in the packet itself, such as source address, destination address, port number, etc. If a packet does not contain any information describing its position in the information flow, it is considered stateless; It just exists.

The stateful packet inspection firewall not only tracks the information contained in the packet. In order to track the status of packets, firewalls also record useful information to help identify packets, such as existing network connections, outgoing data requests, and so on.

The stateful/dynamic detection firewall can intercept all incoming traffic and allow all outgoing traffic. Because the firewall tracks internal and external requests, it allows all required incoming data to pass through before the connection is closed. Only unsolicited incoming traffic will be truncated.

If the server is running in a firewall, the configuration will be a little more complicated, but the state packet inspection is a powerful adaptive technology. For example, you can configure a firewall to allow only traffic from specific ports and traffic destined for specific servers. If the Web service is running, the firewall will only send incoming traffic on port 80 to the specified Web server.

Other services that the stateful/dynamic detection firewall can provide include:

Redirect certain types of connections to audit services. For example, a connection to a private Web server can be sent to the SecutID server (using a one-time password) before the Web server is allowed to connect.

Reject network communication with certain data, such as incoming e-mail with executable programs or web pages containing ActiveX programs.

How to track the connection status depends on the type of firewall through which the packet passes:

TCP packets. When the TCP connection is established, the first packet that passes will be marked with the SYN flag of the packet. Usually, the firewall will discard all

3. Application proxy firewall

The application proxy firewall does not actually allow direct communication between the networks to which it is connected. Instead, it accepts communication from specific user applications in the internal network and then establishes a separate connection with the public network server. Users in the network do not communicate directly with external servers, so the servers cannot directly access any part of the intranet.

This connection and transmission is transparent to users, because it is completely handled automatically by proxy firewall.

The application proxy firewall can be configured to allow any connection from the internal network, or it can be configured to require user authentication before establishing a connection. This provides additional security by limiting the required authentication methods by establishing connections only for known users. If the network is destroyed, this function will greatly reduce the possibility of attacks from the inside.

Step 4 dwarf

When discussing the topic of firewall, it must be mentioned that there is a router, although technically it is not a firewall at all. Network Address Translation (NAT) protocol converts multiple IP addresses in the internal network into public addresses and sends them to the Internet.

NAT is usually used in small offices, homes and other networks, where multiple users share an IP address and provide some secure machines for Internet connection.

When an internal user communicates with a public host, NAT will track which user sent the request, modify the outgoing packet to make it look like it came from a public ***IP address, and then open the connection. Once the connection is established, the communication between the internal computer and the website is transparent.

5. Personal firewall

At present, there are a lot of personal firewall software circulating on the network, all of which are at the application level. Personal firewall is a kind of software to protect the security of personal computer system. It can run directly on the user's computer and protect the computer from attacks in the same way as the stateful/dynamic detection firewall. Usually, these firewalls are installed at the lower level of the computer network interface, so that they can monitor all network communication in and out of the network card.

What is the main function of firewall?

The main function of firewall technology is to discover and deal with the possible security risks and data transmission problems in the operation of computer network in time. The treatment measures include isolation and protection, and at the same time, it can record and detect various operations in computer network security to ensure the safety of computer network operation, ensure the integrity of user data and information, and provide users with a better and safer computer network experience.

What service is a firewall?

It is the infrastructure to provide information security service and realize network and information security. Logically speaking, the firewall is a separator, a limiter and an analyzer, which can effectively monitor any activity between the intranet and the Internet and ensure the safety of the intranet. The firewall service defines the traffic types to which firewall rules apply.

Network services, such as web browsing, file sharing or remote console access, are all examples of firewall services.

Services will use specific protocols and ports. For example, HTTP service uses TCP protocol and port number 80.

Firewall services use two types of ports:

Initiator port: the port on the computer that initiates the connection.

Answer port: the port on the computer where the connection ends.

Whether the port on your own computer is the initiator port or the responder port depends on the traffic direction:

If the firewall service is used for outbound traffic, the initiator port is the port on your own computer. Therefore, a repeater port is a port on a remote computer.

If the firewall service is used for inbound traffic, the initiator port is a port on the remote computer. In this way, the transponder port is the port on your own computer.

Repeater ports are common in software files. Generally, the initiator port is any port higher than 1023. However, some games still need to define a specific launcher port. At this point, the initiator port will also appear in the software file.

If you create a new firewall rule, you can add several predefined services to the rule. If the required service is not in the service list, you can create and add your own service.

What are the advantages of firewall?

If the computer is compared to a community, the computer firewall is the security at the gate. Its function can help the computer filter out unnecessary network access. A computer firewall is a filter for network access. Whether we use the computer to surf the Internet or the bad guys on the Internet want to secretly access your computer, we need to go through this filter.

1. Working mechanism A computer firewall usually starts immediately after the computer is turned on. It has a list of default rules. Whether the computer accesses the Internet or the Internet accesses the computer, it will check whether it can be released in strict accordance with the list. We can modify this rule list ourselves. Of course, you can use its default list without modifying it. When an application needs to access the network, it will generally pop up a window to remind us whether to release it. If you agree, let it go. If you don't agree, let it go. The Internet's initiative to visit us is not allowed by default.

2. Function Through the working mechanism, we can basically know the function of the computer firewall. Is to shield the benefits of unnecessary or unsafe. The working mechanism of computer firewall is relatively simple. It's like a security guard holding a list and constantly comparing people coming in and out. What is allowed on the list is over, and what is not allowed is over. So its efficiency is still very high. Therefore, it has the advantage of providing a safety barrier simply and effectively.

3. Disadvantages The computer firewall is precisely because of its simple working mechanism. So many cyber attacks can't be prevented. For example, viruses and Trojans often pretend to be the files we need. If we accidentally click on these files, download them to the local computer through the open port of the firewall.

Then the firewall can't control it, and the virus is likely to spread on the computer At the same time, some hackers will make use of the simple inspection mechanism of computer firewall and use some means to fool the firewall. I won't elaborate on the specific means here. Therefore, the disadvantage of computer firewall is that it can't resist viruses, Trojans and some advanced network attacks.

5. Expanding information In order to better protect network security, we generally deploy more professional hardware firewalls at the network boundary. The mainstream professional hardware firewall has developed to the next generation firewall. Their detection mechanisms are also more complicated. At the same time, it also supports linkage with other network security devices. As long as another network security device detects an attack, it can immediately block the connection related to the attack.

What does a firewall mean?

Firewall technology is a technology that organically combines all kinds of software and hardware devices used for security management and screening to help computer networks build a relatively isolated protection barrier between their internal and external networks, so as to protect user data and information security.

The main function of firewall technology is to discover and deal with the possible security risks and data transmission problems in the operation of computer network in time. The treatment measures include isolation and protection, and at the same time, it can record and detect various operations in computer network security to ensure the safety of computer network operation, ensure the integrity of user data and information, and provide users with a better and safer computer network experience.

Which of the following functions does windows Firewall have?

1, to help prevent computer viruses and worms from entering the computer. But it can't detect or prohibit computer viruses and worms.

2. Ask whether to allow or block some connection requests.

3. Create a security log >; Record successful or failed connections, usually for troubleshooting.

4, help to protect the computer and prevent unauthorized users from accessing the computer through the network or the Internet. So the average computer user can't see you online, and the security is improved.