The so-called firewall refers to a protective barrier composed of software and hardware devices and constructed on the boundary between the internal network and the external network, and between the private network and the public network.
A firewall is a technical measure to protect computer network security. It isolates internal and external communications by establishing a corresponding network communication monitoring system at the network boundary. External network to block network intrusions from the outside. (Recommended learning: web front-end video tutorial)
Firewall technology was originally a protective measure taken against Internet network insecurity. As the name suggests, a firewall is an internal network barrier used to block the influence of external insecure factors. Its purpose is to prevent unauthorized access by external network users.
It is a combination of computer hardware and software that establishes a security gateway (Security Gateway) between the Internet and the Internet to protect the internal network from intrusion by illegal users. The firewall is mainly composed of service access policies It consists of four parts, verification tool, packet filtering and application gateway. A firewall is a piece of software or hardware located between a computer and the network it is connected to (hardware firewalls are rarely used and are only used by the Department of Defense and other places because of their price. expensive).
All network traffic to and from this computer must pass through this firewall.
Firewalls include network firewalls and computer firewalls. Network firewall refers to setting up a network firewall between the external network and the internal network. This kind of firewall is also called a filtering router.
The network firewall detects the protocol, destination address, port (network layer) and transmitted information form (application layer) of incoming information, and filters out external information that does not comply with regulations.
Computer firewall refers to setting up a firewall between the external network and the user's computer. Computer firewalls can also be part of the user's computer.
The computer firewall detects the interface procedures, transmission protocols, destination addresses and/or transmitted information structures, etc., and eliminates incoming information that does not meet the regulations. The computer firewall checks the information output by the user's computer and adds the corresponding protocol layer flag to transmit the information to the receiving user's computer (or network).
The benefits of using firewalls include: protecting vulnerable services, controlling access to systems, centralized security management, enhancing confidentiality, recording and counting network utilization data and illegal use of data. There are usually two basic design strategies for firewall design: first, allow any service unless explicitly prohibited; second, prohibit any service unless explicitly permitted. The second strategy is generally used.
From a technical perspective, there are two types of firewalls, namely standard firewalls and dual-hole gateways. Standard firewalls use specialized software and require a relatively high level of management, and there is a certain delay in information transmission.
Dual-hole gateway is an expansion of the standard firewall, also known as the application layer gateway. It is a separate system, but it can complete all the functions of the standard firewall at the same time. Its advantage is that it can run more complex applications while preventing any direct connection between the Internet and internal systems, ensuring that data packets cannot directly reach the internal network from the external network.
The above is the detailed content of What kind of security model is firewall technology?. For more information, please follow other related articles on the PHP Chinese website!