Purpose of Firewall

umaryaqub · Created Oct 17, 2019 10:38:52

Few businesses would choose to operate without a series of locks, alarms and security cameras to protect their premises and inventory from intrusions and theft. Protecting your computer systems is equally important, to prevent malicious users from disrupting your operations or -- even worse -- stealing your private data or intellectual property. One of the key tools used for computer security is a firewall, and few companies can afford to operate without one.

Potential Intrusions

Any network or standalone computer that's connected to the Internet, or any other external network, is potentially at risk for an attack. These can take many forms, depending on the attacker's skills and motivation. Some malicious software, or malware, diverts a portion of your hardware and bandwidth to its own uses, such as hosting pirated software or ****ography. Other programs might delete crucial data or bring down your network. Criminals could gain access to your network, then charge purchases to your company credit cards or siphon money from your accounts. Unscrupulous competitors could access your proprietary information or vendor and customer data, gaining a crucial advantage.

Firewall Basics

No single product or service will provide you with complete security, but a firewall is one of the cornerstones of any network security strategy. Think of it as the electronic equivalent of a sentry at the gate. It inspects all the data passing in or out of the network, ensuring that the traffic is legitimate. When properly configured, a firewall should allow your users access to all the resources they need while still keeping out any malicious users or programs.

Hardware Firewalls

One way to provide firewall protection is through a separate piece of hardware that's placed between the network or user and any outside networks such as the Internet. Hardware firewalls have several advantages. They use their own preinstalled software and operating system, so malware based on an OS such as Windows can't attack them. One hardware firewall can protect every device on the network, without the time and trouble of configuring them individually. That's also a benefit when you need to upgrade, since updating one firewall is faster and easier than updating a room full of computers. Many of your existing network routers probably have firewall functions built in, if you choose to use them.

Software Firewalls

Firewall software on your network servers or individual computers provide an extra level of security, and they're often used in conjunction with hardware firewalls. They enable users with different needs to customize their own levels of protection, including the ability to allow individual programs access to the Internet -- or not -- on a case-by-case basis. Alternatively, your network administrator can set up firewall permissions for individual users or groups of users. That strategy can be used to block or control employees' access to external websites, either in the interest of productivity or to prevent employees from using company resources for illegal or unapproved purposes.

Setup

Firewall protection needs to be part of your overall plan for computer security. That might also include a clear set of written policies about the use of external networks, bringing disks or flash drives from other computers, and the storage of sensitive data. Your IT staff might also recommend the use of virus and malware scanners, WPA security for your wireless network, or some form of encryption for your hard drives and other data-storage devices. If you don't have the expertise in house to set up and configure your firewalls, consider hiring an outside consultant to do the setup and periodic updates. A poorly configured firewall can hamper productivity significantly, without enhancing your security.

Popeye_Wang · Created Oct 17, 2019 09:26:12

I think the product documentation has given a good explanation.
Diversified new applications bring about convenient cyber life as well as more security risks.

The identity of a user at an IP address is unclear.

On new networks, attackers easily manipulate zombie hosts to use legitimate IP addresses. Attackers can then launch network attacks or forge source IP addresses for spoofing and obtaining permissions. The source IP address of a packet does not represent the user identity.

In addition, teleworking and mobile working have emerged. The IP address of a user may change at any time. Traffic control by IP address cannot accommodate new network requirements.

The port and protocol of an application are not fixed.

Traditional network services run on fixed ports. For example, HTTP runs on port 80, and FTP runs on ports 20 and 21. On new networks, ephemeral ports that are not assigned by the Internet Assigned Numbers Authority (IANA) and random ports (for example, P2P ports) are frequently used by network applications. These applications are hard to control, exhaust bandwidths, and even cause network congestion.

Meanwhile, increasing unfixed services start to use well-known ports. With the development of web page technologies, more and more services with different risk levels run on ports 80 and 443 using HTTP and HTTPS, for example, WebMail, web gaming, video streaming, and web chats.

The packet content is uncertain.

Single-packet detection analyzes only the security of individual packets. This mechanism cannot defend against viruses or Trojan horses during the Internet access. Intranet hosts may accidentally introduce worms, Trojan horses, and viruses, which result in information leaks and losses. Therefore, network security management must identify and monitor traffic contents, in addition to traffic control based on the source and destination IP addresses.
https://support.huawei.com/hedex/hdx.do?docid=EDOC1100068394&id=sec_eudemon_pd_0002&text=New%252520Threats%252520on%252520Networks&lang=en

umaryaqub · Created Oct 17, 2019 10:38:52

Few businesses would choose to operate without a series of locks, alarms and security cameras to protect their premises and inventory from intrusions and theft. Protecting your computer systems is equally important, to prevent malicious users from disrupting your operations or -- even worse -- stealing your private data or intellectual property. One of the key tools used for computer security is a firewall, and few companies can afford to operate without one.

Potential Intrusions

Any network or standalone computer that's connected to the Internet, or any other external network, is potentially at risk for an attack. These can take many forms, depending on the attacker's skills and motivation. Some malicious software, or malware, diverts a portion of your hardware and bandwidth to its own uses, such as hosting pirated software or ****ography. Other programs might delete crucial data or bring down your network. Criminals could gain access to your network, then charge purchases to your company credit cards or siphon money from your accounts. Unscrupulous competitors could access your proprietary information or vendor and customer data, gaining a crucial advantage.

Firewall Basics

No single product or service will provide you with complete security, but a firewall is one of the cornerstones of any network security strategy. Think of it as the electronic equivalent of a sentry at the gate. It inspects all the data passing in or out of the network, ensuring that the traffic is legitimate. When properly configured, a firewall should allow your users access to all the resources they need while still keeping out any malicious users or programs.

Hardware Firewalls

One way to provide firewall protection is through a separate piece of hardware that's placed between the network or user and any outside networks such as the Internet. Hardware firewalls have several advantages. They use their own preinstalled software and operating system, so malware based on an OS such as Windows can't attack them. One hardware firewall can protect every device on the network, without the time and trouble of configuring them individually. That's also a benefit when you need to upgrade, since updating one firewall is faster and easier than updating a room full of computers. Many of your existing network routers probably have firewall functions built in, if you choose to use them.

Software Firewalls

Firewall software on your network servers or individual computers provide an extra level of security, and they're often used in conjunction with hardware firewalls. They enable users with different needs to customize their own levels of protection, including the ability to allow individual programs access to the Internet -- or not -- on a case-by-case basis. Alternatively, your network administrator can set up firewall permissions for individual users or groups of users. That strategy can be used to block or control employees' access to external websites, either in the interest of productivity or to prevent employees from using company resources for illegal or unapproved purposes.

Setup

Firewall protection needs to be part of your overall plan for computer security. That might also include a clear set of written policies about the use of external networks, bringing disks or flash drives from other computers, and the storage of sensitive data. Your IT staff might also recommend the use of virus and malware scanners, WPA security for your wireless network, or some form of encryption for your hard drives and other data-storage devices. If you don't have the expertise in house to set up and configure your firewalls, consider hiring an outside consultant to do the setup and periodic updates. A poorly configured firewall can hamper productivity significantly, without enhancing your security.

Purpose of Firewall

Best answer

Third Party’s Trade Secret

`@trans`bright_future`~trans`

My Followers

Enterprise

Consumer

Corporate

Carriers

Purpose of Firewall

Best answer

Third Party’s Trade Secret

`@trans`bright_future`~trans`

My Followers