First, what is a firewall
The firewall is one or a set of systems used to prevent unauthorized access, protect information security. The firewall in the general sense is used for non-authorized access to the prevention of computer viruses. Therefore, the firewall is only used to prevent "hackers" attack, non-useful for viral prevention and control.
Second, the firewall species
1. Firewall technology:
a) Status package filter firewall
The prevention effect is best, it is currently mainstream firewall selection technology.
b) Agent firewall
2. Firewall form:
a) Hardware firewall
The pure hardware firewall is a circuit-level design, usually designed to the ASIC special chip, the highest efficiency, solves the contradiction between firewall efficiency / performance, can achieve linearity.
b) "Black Box" firewall
For the overall solution design of the server / industrial computer software, the software is based on Linux system. The advantage is lower cost, disadvantage is that the efficiency is not high, the hardware platform / software platform is unstable, and the after-sales cost is high.
c) Software firewall
Pure software, installed in customer platform, due to customer platform diversity, need to support multi-operating systems, such as UNIX, Linux, SCO-UNIX, NT, WIDOWS, etc., high installation cost, high after-sales support cost, low efficiency. NS firewall is the highest efficiency hardware firewall.
3. Firewall use:
a) external firewall
The browsing of illegal intrusion and incovering content outside the local network is used to isolate the external network (such as isolating with Internet, prevent hackers from intrusion), which is the most widely used, and the firewall position is after the route, before the switch.
b) Internal network firewall
The protection of important information for enterprises, protect information is not unauthorized by users within the local area network, resulting in information security hazards. Mainly used in the protection of important data of large enterprises and parks, such as bank databases, corporate finance sectors, etc. According to the survey, 85% of information security losses are caused by internal illegal authorization access, so this use is gradually popular.
4. Firewall throughput
a)
10m
For branch, medium-sized enterprises and institutions, Internet exports less than
10m
Application, but the Internet access export of domestic terminal users is less than
10m
Most of 56K-512K, so
10m
To meet the needs of the user's external firewall.
b) 10 /
100M
This firewall only changes the access network card, upgrade to
10m
/
100M
Adaptive, mainly used for Idc, ISP and other highly access bandwidth external network firewall, and internal firewall.
c)
1000M
Such firewalls are only used in backbone network, such as telecommunications, bank, electricity, and other private network nodes, or telecommunications level IDC.
