|
Research on firewall technology and its application in computer network security strategy Peihong WangBog'liq Research on firewall technology and its applicatio 1-mavzu, public key print, 649 20.10.2020, UZLIKSIZ TA\'L.PEDAGOGIKASI UMKA, Информ.письмо по конференции ЮФ 23 дек 2022 (полное) (1), Микропроцессор КР580, ABTADV 5та Amaliyot MK bo\'yicha, 6-амал маш.угит сол, 2mavzu qurlish texnoligiyasidan, 1 Ma\'ruza Sanoat robotlari va mexatronika faniga kirish , 15-маъруза (3), kurs loyixa ЭРТМ, bakayeva, в конце они оба умрут, FAOLIYAT VA KIRITIVLIK QOBILIYATLARINI RIVOJLANISHI3.1.6. Logging and Auditing
Firewall provides reference for the operation optimization
of network management, important intelligence information
for the development of attack prevention strategy, and an
important basis for tracing the occurrence of abnormal things
by logging all the requests for access.
3.2. Technical principle of firewall
There are two main technologies used in firewalls, one is a
firewall working at the application layer and the other is a
firewall working at the network and transport layers.
Firewalls working at the application layer implement access
control for applications, for example, allowing access to some
applications (e.g. HTTP) and blocking access to others (e.g.
FTP); firewalls working at the network and transport layers
implement control over packets passing through the network,
for example, allowing some packets to pass and disallowing
others.
3.2.1. Packet filtering firewalls
The packet filtering firewall works at the network and
transport layers and is installed between the two networks that
need to be controlled. The packet filtering module checks
items such as source IP address, source port number, protocol
type, TCP header flag bits, etc. It inspects the packets passing
through at the entrance and exit of the network and decides
whether the packets are allowed to pass or not according to
the pre-set security access control policy (Access Control List
- ACL) rules. The filtering of packets is bidirectional,
handling both packets from the external network to the
internal network and packets from the internal network to the
external network. When configuring the firewall, filtering
rules must be manually formulated in advance to determine
your own security policy. The packet filtering firewall can
also make judgments based on flag bits in TCP, for example,
the extended ACL of Cisco routers supports the established
keyword to determine if the ACK or RST is set in TCP packets,
and thus whether to respond to internally initiated session
messages.
|
| |
