Of course, since we intend to understand from the shallow to the deep, we should first look at the concept of firewall. Firewall is the name of a component in a car. In a car, a firewall is used to separate passengers from the engine, so that once the engine catches fire, the firewall can not only protect the safety of passengers, but also allow the driver to continue to control the engine. In computer terms, of course not. We can understand it by analogy. In the network, the so-called "firewall" refers to a method to isolate the intranet from the public access network (such as the Internet), which is actually an isolation technology. Firewall is an access control measure when two networks communicate. It allows people and data you "agree" to enter your network, while keeping people and data you "disagree" out, so as to prevent hackers in the network from accessing your network to the maximum extent. In other words, if you don't pass through the firewall, people inside the company can't access the Internet, and people on the Internet can't communicate with people inside the company.

The function of firewall

Firewall is the barrier of network security;

Firewalls (as blocking points and control points) can greatly improve the security of internal networks and reduce risks by filtering unsafe services. Because only carefully selected application protocols can pass through the firewall, the network environment becomes more secure. For example, a firewall can prohibit the well-known insecure NFS protocols from entering or leaving the protected network, so it is impossible for external attackers to use these fragile protocols to attack the internal network. Firewalls can also protect the network from route-based attacks, such as source routing attacks in IP options and redirection paths in ICMP redirection. The firewall should be able to reject all messages of the above attack types and notify the firewall administrator.

Firewall can strengthen the network security strategy:

Through the firewall-centered security scheme configuration, all security software (such as password, encryption, authentication, audit, etc. ) can be configured on the firewall. Compared with distributing network security problems to various hosts, centralized security management of firewall is more economical. For example, in network access, authentication systems such as one-time password system can be centralized on the firewall, rather than scattered on each host.

Monitor and audit network access and access:

If all the accesses go through the firewall, the firewall can record these accesses and make a log record, and at the same time, it can provide statistical data of network usage. When suspicious behavior occurs, the firewall can issue appropriate alarms and provide detailed information about whether the network is being monitored or attacked. In addition, it is also very important to collect the usage and misuse of a network. The first reason is to make clear whether the firewall can resist the detection and attack of attackers and whether the control of the firewall is sufficient. Network usage statistics are also very important for network demand analysis and threat analysis.

Prevent internal information leakage:

By dividing the internal network with a firewall, the key network segments of the internal network can be isolated, thus limiting the impact of local key or sensitive network security issues on the global network. In addition, privacy is a matter of great concern to the internal network. The inconspicuous details in an internal network may contain security clues, arouse the interest of external attackers, and even expose some security loopholes in the internal network. Using firewalls can hide services that reveal internal details, such as Finger and DNS. Finger displays the registered name, real name, last login time and shell type of all users of the host. But the information displayed by the finger is very easy for the attacker to know. Attackers can know how often a system is used, whether there are users online, whether the system attracts attention when it is attacked, and so on. The firewall can also block DNS information about the internal network, so that the domain name and IP address of the host will not be known to the outside world.

In addition to the security function, the firewall also supports VPN (Virtual Private Network), which is an enterprise internal network technology system with Internet service characteristics.

References:

/viewthread.php？ tid=358293

The purpose of firewall is only to prevent illegal programs from invading the computer. Illegal programs include viruses, Trojan horses, hacker intrusions, etc. Any unauthorized intrusions can be regarded as illegal.

The purpose of the firewall (firewall purpose)

Author: Indeepnight is located at 8:55 am

Firewalls have only begun to attract public attention in recent years. In the past, they only focused on the ability of anti-virus software.

However, although the original intention of the firewall is good, for the public, its function is often confusing and even hinders the fluency of the original computer operation.

By default, the current operating system also has the function of firewall (both M$ and Linux), but most of them are marketing tactics, which make people feel worthwhile, but the practical application is ... ignored. As for the difference between hardware and software, you can refer to the use of firewall written by the author earlier and have a general explanation.

Today, the author will explain some common applications and settings:

The development of the Internet has brought revolutionary reform and opening to enterprises, and enterprises are also trying to use the Internet.

It can improve the market response speed and efficiency, and thus be more competitive. Through the Internet, enterprises can

In order to retrieve important data in different places, at the same time, it faces the new challenges of data security brought by the opening of the Internet.

And new dangers: the safe access of customers, manufacturers, mobile users, employees in different places and internal employees; along with

Protect enterprise confidential information from hackers and industrial spies. Therefore, enterprises must increase safety.

"Trenches", and where will these "trenches" be built?

The application based on Internet system is divided into two parts: intranet and extranet. Intranet is being borrowed

With the help of Internet technology and equipment, an enterprise 3W network can be built on the Internet, which can be put into all enterprise letters.

Interest; Extranet is a channel between intranets under the demand of e-commerce and mutual cooperation, which can

Get some information from other systems. Therefore, according to an enterprise's security system, we can know that firewall trenches must be in

Locate in the following location:

(1) Ensure secure access to the host and applications;

② Ensure the security of various clients and servers;

(3) protect key departments from internal attacks and external attacks, and protect the Internet and

Remote access provides a secure channel for employees, customers and suppliers.

At the same time, the security of firewall also comes from its good technical performance. A general firewall has the following characteristics.

Key points:

(1) Extensive service support. Through the combination of dynamic and application-level filtering capabilities and authentication, you can

Realize WWW browser, HTTP server, FTP and so on.

(2) Support the encryption of private data to ensure virtual private networks and business activities through the Internet.

Non-destructive movement;

③ Client authentication only allows designated users to access internal networks or select services, that is, enterprise local area networks.

Additional components for secure communication with branches, business partners and mobile users;

(4) Anti-spoofing is a common method to gain network access from the outside, which makes the data packet look like it is coming.

From within the network. Firewall-1 can monitor such packets and discard them; C/S mode

And the management module running on one platform can control the management program running on another platform.

Visual module.

Network security: a must-see for beginners-why do we need a firewall?

Source: CCID Network Time: 2006-10-0409:10: 44

Many primary network users think that as long as antivirus software is installed, the system is absolutely safe. This idea is absolutely unacceptable! In today's network security environment, Trojan viruses are rampant, hackers attack frequently, and all kinds of rogue software and spyware are also making waves. How can we make our system stand firm in such a sinister network environment? Is antivirus software enough to ensure the security of our system? Below I will analyze the importance of firewall from several aspects that affect system security.

The current network security threats mainly come from virus attacks, Trojan attacks, hacker attacks and spyware attacks. Anti-virus software has been developed for more than ten years, but it still stays at the level of passive anti-virus (although those who claim to take the initiative to defend themselves are nothing more than a lie, just look at this article /388/20 14388.shtml), and foreign surveys show that anti-virus software all over the world can't identify 80% of viruses, that is to say, the reason why anti-virus software can kill viruses is purely based on viruses. Such an anti-virus effect can be imagined. Similarly, anti-virus software is also based on this way to prevent Trojans and spyware.

Nowadays, viruses and Trojans update very quickly. From a global perspective, most virus Trojans that can cause huge losses are new or various variants. Because of the characteristics of these virus Trojans, anti-virus software does not grasp, and anti-virus software can neither alarm nor kill. Were we killed by a Trojan virus? Of course not! How can a master bow to a few virus trojans! Although anti-virus software can only stare blankly, we still have a firewall that strictly guards the door!

Why can a firewall block Trojan virus or even the latest Trojan virus variant? This will start with the defense mechanism of the firewall. The firewall is monitored according to the packets connected to the network, that is to say, the firewall is equivalent to a strict doorman, in charge of all the doors (ports) of the system, and is responsible for authenticating the people who enter and leave. Everyone needs permission from the chief, and this chief is yourself. Whenever an unknown program wants to enter the system or leave the network, the firewall will intercept it at the first time and check its identity. If released with your permission (for example, you allow a program to connect to the network in the application rule settings), the firewall will release all packets sent by the program. If it is detected that the program is not allowed to be published, it will automatically give an alarm and give a prompt whether to allow the program to be published. At this time, you, the "supreme commander", need to make a judgment. Generally speaking, we will screen out programs that we don't run or don't know much about, and confirm the nature of the software through tips from search engines or firewalls.

At this point, it is estimated that you have a certain understanding of the difference between antivirus software and firewall. For an intuitive example, your system is like a castle, and you are the supreme commander of this castle. Antivirus software and firewall are security guards, and each has its own division of labor. Anti-virus software is responsible for identifying people who enter the castle, and if suspicious people are found, they will be arrested (of course, the probability of catching the wrong one is very high, otherwise there will be no such incidents of manslaughter and false alarm); The firewall is the doorman. Check everyone who goes in and out of the castle. Once you find someone who doesn't have a pass, confirm it with the commander-in-chief. Therefore, any Trojan horse or spyware may secretly record your account password under the nose of antivirus software, but no amount of information can be transmitted because the firewall keeps the city gate closed, thus protecting your system security.

In addition, anti-virus software can't attack hackers, because the hacker's operation doesn't have any feature code, so the anti-virus software can't identify it naturally, and the firewall can hide every port of your system so that hackers can't find the entrance, which naturally ensures the security of the system.

At present, there are many kinds of firewalls in the world, but from my personal experience, I recommend Skynet firewall to you. Skynet firewall can effectively prevent hackers, Trojans or other malicious programs from stealing your privacy, including online banking, online games, QQ and other accounts and passwords.