tailieunhanh - Firewalls For Dummies 2nd Edition phần 3

Giao thức lớp Network Interface xác định làm thế nào các gói được gửi qua môi trường mạng vật lý. Chỉ cần để làm cho mọi việc một chút phức tạp hơn, ở cấp độ này thông tin được gửi trong khối dữ liệu được gọi là datagrams, mà là không có gì nhiều hơn các gói theo tên khác. | 12 Part I Introducing Firewall Basics Static address mapping If an Internet-accessible server is located on a private network protected by a firewall the outside world will know only the public firewall address. Static address mapping allows access attempts to the public firewall address to be redirected to the internal server. Content filtering Unlike packet filters application proxy services inspect the entire application data portion of an IP packet. This technique is used to define elaborate firewall rules based on Web site addresses URLs keywords Web content type such as video streams or executable mail-attachment types. Not all firewalls support all these filtering options of course. Intrusion detection A firewall may block particular network packets but it can also play a more active role in recognizing suspicious network activity. Certain patterns of network traffic may indicate an intrusion attempt in progress. Instead of just blocking the suspicious network packets the firewall may take active steps to further limit the attempt such as disallowing the sender IP address altogether or alerting an administrator to take notice. Data caching Because the same data or the contents of the same Web site may pass through the firewall repeatedly in requests to different users the firewall can store that data in a temporary cache and answer a user s request more quickly without actually retrieving the data every time. Caching is one of the methods firewalls employ to handle Web requests more quickly. Load balancing Another method used to improve the performance of Internet requests is using more than one firewall handy reinforcements that provide the same functionality and are set up with the same firewall policy rules. These firewalls can work together and share the cached results or they can be independent from each other and just divide the network traffic load between them. Encryption Encryption techniques are used first and foremost to prevent others from .

TỪ KHÓA LIÊN QUAN