-
Research of Network Security and Firewalls Techniques
Abstract:
As the key facility that maintains the network security , firewalls take the purpose of
establishing an obstacle between trust and trustless network, and put corresponding safety strategy
into practice. In this paper , the computer network security and the techniques of firewalls were
mainly discussed, the concept and classification of the firewalls were introduced. It also introduced
three kind's of basic implement techniques of the firewalls: Packet filtering , Application Proxy and
Monitor model in detail. Finally described the trend of development of the firewalls techniques in
Internet briefly.
Key words:
network security, firewalls, Packet filtering, monitor
1. Introduction
Now with the computer network and e-commerce used widely, network security has become an
important problem that we must consider and resolve. More and more professions. enterprises and
individuals surfer from the security problem in different degree. they are looking for the more
reliable safety solution . In the defense system adopted by network security at present, the firewalls
stand the very important position.
As the key facility that maintains the network security. firewalls take the purpose of establishing
an obstacle between trust and trustless network, and put corresponding safety strategy into practice.
All the firewalls have the function to filter the IP address. This task checks the IP packet,
makes the decision whether to release or to abandon it according to the source address and
destination address of the IP. Shown in Fig.I, there is a firewall between two network sections, an
UNIX computer is on one side of the firewall, and the other side is a PC client. While the PC client
asks a telnet request for the UNIX computer, the client procedure of telnet in the PC produces a
TCP packet and passes the packet to the local protocol stack to prepare to send. The protocol stack
fills it in one IP packet. then, sends it to UNIX computer through the path defined by the TCP/IP
stack of PC. The IP packet can't reach the UNIX computer until it passes the firewall between the
PC and the UNIX computer.
Fig. I Ip Address Filtering
The application firewall is a very efficient means of network security on Internet, it is installed
between the trust and trustless network, can isolate the connection between the trust and trustless
network, and doesn't hamper people's access to the trustless network at the same time. It can isolate
the connection between the risk area (namely there may be a certain risk on Internet) and the safe
area (LAN), and doesn't hamper people's access to the risk area at the same time. Firewall can
monitor the traffic flowing in and out from the network to finish the task seemingly impossible;it
only allows the safe and checked information to enter into, and meanwhile resists on the data that
may bring about the threat to enterprise. As the fault and defect of the security problem become
more and more general, the invasion to the network not only comes from the super attack means,
but also may be from the lower-level mistakes or improper password selections on the configuration.
So, the function of the firewalls is preventing the communication that not hoped and authorized
passes in and out of the network protected. forcing the companies to strengthen their own network
security policy. The general firewalls can achieve the following purposes: First, restraining others
from entering the inside network, filtering the unsafe service and illegal user; Second, preventing
the invaders from closing to your defense installation; Third,limiting the user to access the special
site; Fourth,providing convenience for monitoring the Internet security.
2. The classification and implement technology of firewalls
An integrated firewalls system usually consists of screening router and proxy server. The
screening router is a multi-port IP router. it check the each coming IP packet according to the group
regular to judge whether to transmit it. The screening router gets information from the packet. fot
example the protocol number. the IP address and port number that receiving and sending massages.
the flag of link even some other IP selections. filtering IP packet. The proxy server are server
process in the firewall. it can replace the network user to finish the specific TCP/IP function. A
proxy server is naturally a gateway of application layer. a gateway of two networks joined specific
network application. Users contact with proxy server by one of the TCP/IP application such as
Telnet or FTP. the proxy server ask the users for the name of the remote host. which users want to
access. After the users have answered and offered the correct users' identities and authentication
information, the proxy server communicates the remote host, act as the relay between two
communication sites. The whole course can be totally transparent to users.
There are mainly three types in the firewalls: packet filtering. application gateways and state
detection.
Packet filtering firewall works on the network can filter the source address. destination
address. source port and destination port of TCP/IP data packet. It has advantages such as the higher
efficiency.
transparent to user. and users might not feel the existence of the packer filtering firewall, unless he
is the illegal user and has been refused. The shortcomings are that it can't ensure the security to
most services and protocols, unable to distinguish the different users of the same IP address
effectively,and it is difficult to be configured, monitored and managed. can't offer enough daily
records and warning.
The application gateways firewall performs its function on the application layer, it connects
with specific middle-joint (firewall) by a client procedure, and then the middle-joint connects with
the server actually. Unlike the packet filtering firewall. when using the firewall of this kind. there is
no direct connection between the outside networks. so even if the matter has happened in the
firewall. the outside networks can't connect with networks protected. The application gateway
firewall offers the detailed daily records and auditing function, it improved the security of the
network greatly. and provides the possibility to improve the security performance of the existing
software too. The application gateways firewall solves the safety problem based on the specific
application program. the products based on Proxy will be improved to configure the service in
common use and non- standard port. However. so long as the application program needs upgrading.
the users based on Proxy will find that they must buy new Proxy server. As a technique of network
safety. Firewall combined with proxy server has simple and practical characteristics, can reach a
certain security request in case of not revising the original network application system. However. if
the firewall system is broken through. the network protected is in having no state of protecting. And
if an enterprise hopes to launch the business activity on Internet and carry on communication with
numerous customers. it can't meet the demands. In addition, the firewall based on Proxy Service
will often makes the performance of the network obviously drop.
The third generation of firewall takes the detection technique of state as the core, combines the
packet filtering firewall and application gateways firewall. The state detection firewall accesses and
analyzes the data achieved from the communication layer through the module of state detection to
perform its function. The state monitor act as firewall technique. it is best in security perfonnance,
it adopts a software engine.
which executes the tactics of network security on the gateways, called the detection module.
On the premise of not influencing the network to work normally, detection module collects the
relevant data to monitor each of the network communication layers, collects a part of data, namely
status information, and stores the data up dynamically for the reference in making security decision
afterward. Detection module
supports many kinds of protocols and application program, and can implement the expansion
of application and service very easily. Different from other safety schemes, before the user's access
reaches the operating system of network gateways, the state monitor should collect the relevant data
to analyze, combine network configuration and safety regulation to make the decisions of
acceptance, refutation, appraisal or encrypting to the communication etc Once a certain access
violates the security regulation, the safety alarm will refuse it and write down to report the state of
the network to the system management device. This technology has defects too, namely the
configuration of the state monitor is very complicated, and will decelerate the network.
3. New generation technique of firewalls
According to the present firewalls market, the domestic and international manufacturers of
firewall can all support the basic function of the firewall well,including access control, the network
address transform, proxy, authentication, daily records audit etc. However, as stated before, with the
attack to the network increasing, and user's requisition for network security improving day by day,
the firewall must get further development. Combine the present experience of research and
development and the achievement,some relevant studies point out, according to the development
trend of application and technology, how to strengthen the security of firewall, improve the
performance of firewall, enrich the function of firewall, will become the problem that the
manufacturer of firewalls must face and solve next.
The purpose of the new generation firewall is mainly combining the packet filtering and proxy
technology, overcoming the defects in the safety respect of two; being able to exert the
omnidirectional control from the layer of data chain to the application layer; implementing the
micro-kernel of TCP/IP protocol to perform all the security control on the layer of TCP/IP protocol;
based on the micro-kernel above, making the speed to exceed the
traditional packet filtering firewall; Offering the transparent mode of proxy. lightening the
configuration work on the client; Supporting the data encryption and decryption (DES and RSA ),
offering the strong support to the Virtual Private Network VPN; hiding the Inside information
totally; producing a new firewall theory.
The new techniqe of firewalls has not only covered all the functions of traditional packet
filtering firewalls, but also has remarkable advantages in opposing overall the attack means of IP
deception, SYN Flood, ICMP. ARP, etc. strengthening proxy service, merging it with packet
filtering, then adding the intelligence filtering technology to make the security of the firewall rising
to another height.
-
-
-
-
-
-
-
-
本文更新与2021-01-18 10:39,由作者提供,不代表本网站立场,转载请注明出处:https://www.bjmy2z.cn/gaokao/527292.html
-
上一篇:上下楼梯安全标语英文
下一篇:校园安全事件英语作文素材