摘要
互联网因连通性、开放性方便而广泛使用,但也存在各种不安全因素。传统防火墙作为基本的网络安全设备,根据人为定制的策略,对网络数据进行双向过滤和检查,确保内网安全。然而,随着网络技术日新月异,越来越多的连接技术和加密方式的出现,传统边界防火墙的局限性开始显现。为了克服这些缺点,在保留其优点的同时,分布式防火墙开始进入人们的视野。为此对分布式防火墙开展分析与研究,提出利用现有的技术开展分布式防火墙系统的设计,即防火墙在网络边缘保护安全的同时,将其引申至内网,进而搭建一个内外防护的安全系统。
The powerful function of the Internet comes from the connectivity and openness of the Internet,but it also leads to certain insecurities. As a common network security technology,traditional firewalls set up firewalls between intranets and extranets. According to the preset policy,the network data is filtered and checked to protect the internal network. However,with the rapid development of the Internet,more and more connection methods and encrypted communication emerged,and then the limitations of traditional border firewalls began to appear. To overcome these shortcomings while retaining theadvantages,the distributed firewalls began to enter people's sight. Thus thisarticleanalyses and studies distributed firewalls,and proposes to use existing technologies to design distributed firewall systems,whichis,while retaining traditional border firewalls,to extend the firewall to the internal network,and then build a multi-level and a full range of security systems for internal and external defense.
作者
薛朝慧
□XUE Chaohui(Shaanxi BC&TV Network Intermediary(Group)Co.,Ltd,Xi,an 710061,China)
出处
《中国有线电视》
2018年第9期1051-1054,共4页
China Digital Cable TV