Overview Of Firewall System; First Safeguard; Evolution Of The Firewall - H3C SecPath F1800-A Operation Manual
H3c secpath f1800-a firewall
Hide thumbs
Also See for H3C SecPath F1800-A:
- Installation manual (13 pages) ,
- Operation manual (30 pages)
Table of Contents
Advertisement
Operation Manual - Getting Started
H3C SecPath F1800-A Firewall
Classification encryption of data flow
4)
Data link layer security
It provides a point-to-point security service, such as on a point-to-point link. Data link
layer security is implemented through encryption and decryption at each end on the
link using dedicated devices.
1.2 Overview of Firewall System
1.2.1 First Safeguard
In practical application, since a single security defense technology cannot construct a
secure network system, multiple technologies should be used together to control the
security hazard within the least limit.
In general, the fist step to implement security defense is to construct a barrier, known
as a firewall, between internal networks and external networks to defend the large
majority of attacks from the external.
Similar to partition wall used to prevent fire from spreading in the building, the firewall
is one or a group of system(s) to implement access control policy. It can monitor the
access channels between the Trust zone (the internal network) and the Untrust zone
(the external network) to prevent the hazard from external networks.
The firewall is mainly used for the following purposes:
Restrict entry of users or information from a specific and strictly controlled
website;
Prevent intruders from approaching other security defense facilities;
Restrict exit of users or information from a specific and strictly controlled website.
The firewall is usually placed at the entry of a protected zone to perform security
defense based on access control policy.
When the firewall is located in the joint between the internal network and the external
network, it can protect the internal network and its data from unauthorized or
unverified access and malicious attack from external networks.
When the firewall is located in the joint between a relatively open network segment
and a comparatively sensitive network segment (on which sensitive or private data is
stored), it will filter access to sensitive data even if the access is an internal one.
1.2.2 Evolution of the Firewall
The evolution of the firewall technology goes through the following stages.
I. The First Generation Firewall ——Packet Filtering Firewall
Packet filtering is to check each packet at network layer, and then to forward or deny
packets based on the security policy.
1-5
Chapter 1 Firewall Overview
Advertisement
Chapters
Table of Contents
Troubleshooting
