According to how the firewall processes data, firewalls can be divided into

According to the firewall's method of processing data, firewalls can be divided into packet filtering firewalls and proxy firewalls; packet filtering products are the primary products of firewalls, and their technical basis is packet transmission technology in the network; proxy firewalls A firewall can also be called a proxy server. Its security is higher than that of packet filtering products, and it has begun to develop towards the application layer.

The operating environment of this article: Windows 7 system, DELL G3 computer

--According to the firewall's method of processing data, what can firewalls be divided into?

Although the development of firewalls has gone through several generations, according to the way firewalls process internal and external data, they can be roughly divided into two major systems: packet filtering firewalls and proxy firewalls (application layer gateway firewalls).

• Packet filtering products are the primary products of firewalls, and their technical basis is packet transmission technology in the network. Data on the network is transmitted in units of "packets". The data is divided into packets of a certain size. Each packet will contain some specific information, such as the source address, destination address, and TCP/UDP source of the data. port and destination port, etc. The firewall reads the address information in the data packets to determine whether these "packets" come from a trustworthy and safe site. Once a data packet from a dangerous site is found, the firewall will reject the data. System administrators can also flexibly formulate judgment rules based on actual conditions.
  
  The advantages of packet filtering technology are that it is simple and practical, with low implementation cost. When the application environment is relatively simple, it can ensure system security to a certain extent at a relatively low cost.
  
  But the flaws of packet filtering technology are also obvious. Packet filtering technology is a security technology based entirely on the network layer. It can only be judged based on network information such as the source, destination, and port of the data packet. It cannot identify malicious intrusions based on the application layer, such as malicious Java applets and emails. Comes with viruses. Experienced hackers can easily forge IP addresses and deceive packet filtering firewalls.

• A proxy firewall can also be called a proxy server. Its security is higher than that of packet filtering products, and it has begun to develop towards the application layer. The proxy server is located between the client and the server, completely blocking data exchange between the two. From the client's point of view, the proxy server is equivalent to a real server; and from the server's point of view, the proxy server is a real client. When a client needs to use data on the server, it first sends a data request to the proxy server. The proxy server then requests data from the server based on this request, and then the proxy server transmits the data to the client. Since there is no direct data channel between the external system and the internal server, it is difficult for external malicious intrusions to harm the enterprise's internal network system.
  
  The advantage of the proxy firewall is that it has high security, can detect and scan the application layer, and is very effective in dealing with intrusions and viruses based on the application layer. Its disadvantage is that it has a great impact on the overall performance of the system, and the proxy server must be set up one by one for all application types that may be generated by the client, which greatly increases the complexity of system management.

The former is represented by Israel's Checkpoint firewall and Cisco's PIX firewall, and the latter is represented by the American NAI Company's Auntlet firewall.

--According to the location of the firewall, the firewall can be divided into external firewall and internal firewall.

The former establishes a protective layer between the internal network and the external network to prevent the invasion of "hackers" by monitoring and restricting all incoming and outgoing communications, blocking external illegal information and controlling the leakage of sensitive information; The latter separates the internal network into multiple LANs, thereby limiting the damage caused by external attacks.

For more related knowledge, please visit the FAQ column!

The above is the detailed content of According to how the firewall processes data, firewalls can be divided into. For more information, please follow other related articles on the PHP Chinese website!