In the development of firewalls, people finally realize the limitations of firewalls in security. The contradictions in high performance, high security, and ease of use are not well resolved. Firewall architecture defects in high security, drive people to pursue higher security solutions, people expect more technical methods, isolating network gate technology came into being. Isolation Table Gate Technology is a black horse in the safe market. After a long market concept clarifies and marathonic technology evolution, the market finally accepts the highest safety. For example, the physical isolation gate X-GAP developed by China Network, it can interrupt the direct connection of the network, not light to check all the protocols, and put the protocol to stripping, directly to the most original data, check and scan the data, prevent data Malicious code and viruses, even require the properties of the data, do not support TCP / IP, do not rely on the operating system, one sentence, to complete the seven layers of the OSI to recombine all data on the heterogeneous medium. Therefore, the isolation network is truly realized, and can provide users with secure browsing, sending and receiving mail, and database-based data exchanges. The Internet is implemented based on TCP / IP, and all attacks can be summarized into a certain layer or multi-layer attack based on the OSI data communication model of TCP / IP, so the first most direct idea is to disconnect TCP. / IP's OSI data model of the OSI data model can eliminate the current TCP / IP network existence, which is the basis for the network isolation of China-network physical isolation network brakes. The following is an example of physical isolation mesh gate X-GAP in China. Specific discussion has the following content. First, the disconnecting physical layer of the network physical layer can be attacked. The logical representation of especially the physical layer can be attacked. The attack method of logical representation of the network layer is primarily deceived and forged, so it can be used to prevent deception and forgery using authentication and authentication methods. This is a commonly used approach to IP and MAC address binding. It is also possible to directly access the MAC address itself, which is the Mac firewall. The final method is to completely disconnect the physical layer, no network function, and thus there is no attack from the network. The disconnection of the physical layer is a complex concept. It is not something connected to it, it is the disconnection of the physical layer. Such as wireless, the human eye is invisible, but the physical layer is connected. It is not something that people who have seen it see are the connection of the physical layer. If you connect two computers with a wood, although it is a physical connection, it is not based on the connection of the data link in an OSI model, so it is not a physical layer in the sense of an OSL model. . In this sense, it is difficult to determine whether it is connected, it is difficult to determine it is not connected. Due to the universality of air and vacuum, it is not possible to confirm that there is no reality in some reality, at least proved to be difficult. Air and vacuum can propagate electromagnetic waves. Therefore, the next definition cannot be simply disconnected to the physical layer. From the technical definition, the disconnection on a physical layer should be "" Cannot complete the establishment of the data link in an OSI model based on a physical layer. Let's check the correctness of this definition. Wireless transmission, the connection of the physical media that is not seen based on electromagnetic waves, can establish a connection to the data link in an OSI model, so it is not the disconnection of the physical layer. A wood is connected to two computers, although it is a real connection, not a strict sense of physical connection in the OSI model, and cannot establish a data link in an OSI model, which is disconnected. The disconnection of the physical layer may result in failure of the working mechanism of other layers of the OSI model. Therefore, the attack can be reduced. However, the physical layer is disconnected, only solves the physical layer-based attack and does not suggest attacks that can be resolved on other layers of the OSI model.
