i. How many ports have a firewall?
1. 2 ports: in series with the router, one entry, two ports
2. 3 port, in series with the router, one entry, two ports; one DMZ port
3. 4 Port: Contact with the router, one go out, two ports; a DMZ port; a configuration port.
Ii. What is a firewall throughput?
Throughput, refers to the communication amount per second of the firewall, mainly determined by the network card, and the efficiency of the program algorithm, especially the program algorithm, will make the firewall system to make a lot of operation, and the traffic is large. Therefore, most firewalls are known
100M
Firewall, due to its algorithm relying on software implementation, traffic is far from reaching
100M
Actually only
10m
-20m
. Pure hardware firewall, due to hardware, thus throughput can be linear, 90
-95M
,is real
100M
Firewall, NS is a pure hardware product.
Iii. What is the number of firewall sessions?
The number of sessions refers to the maximum number of firewalls to allow terminal access. Since the network export must pass through the firewall, the number of sessions represents the network that is added to the firewall can allow many external access.
Iv. What is a firewall strategy?
The hacker attack uses the algorithm for programming, divided into a variety of attack methods, the firewall to prevent hackers, the principle is based on the hacker algorithm, design the corresponding prevention rules to join the firewall, if in the working state, the access is in line with pre-setup The definition rules of the judgment hacker are prohibited from reorganization, reaching the purpose of preventive purposes. The hacker discrimination rule set in the firewall is referred to as a firewall policy. The more firewall strategies, the better performance, but because the strategy will cause the firewall operation to increase, the traffic will be greatly reduced, the firewall policy / firewall traffic, It is contradictory. Use only pure hardware firewalls to solve the above problems. The NS firewall is a pure hardware firewall.
V. What is DMZ, (Trust, Untrust)?
DMZ (non-military zone) = untrust (non-trust zone), corresponds to the military zone and trust area. Non-trust zone, the role is to separate the Web, E-mail, etc. Allow external access to the area port, so that the entire internal network that needs to be protected will not allow any access to the internal and external network. Reach user needs.
Vi. What is NAT?
NAT, address transformation, NAT, firewall can act as a proxy server, so that users used throughout the internal network can access the Internet through a line, an account, and access the Internet.
Vii. What is content filtering
Content filtration refers to the monitoring of the firewall's information, which can be browsed or browsing with porn, reaction or any user wants to ban, according to user needs.
Viii. What is the security of the firewall
The hacker attack needs to have an IP address. The firewall has an IP address, so the firewall will be hacked by a hacker, so how to protect the firewall itself is an important indicator of the firewall, it is very important. NS firewall uses black IP, hiding IP method implementation.
