网络防火墙------英文文献翻译.doc

约6页DOC格式手机打开展开

网络防火墙------英文文献翻译,abstract:as the key facility that maintains the network security , firewalls take the purpose of establishing an obstacle between trust and trustless network, a...
编号:8-214365大小:121.00K
分类: 论文>外文翻译

内容介绍

此文档由会员 wanli1988go 发布

Abstract:
As the key facility that maintains the network security , firewalls take the purpose of establishing an obstacle between trust and trustless network, and put corresponding safety strategy into practice. In this paper , the computer network security and the techniques of firewalls were mainly discussed, the concept and classification of the firewalls were introduced. It also introduced three kind's of basic implement techniques of the firewalls: Packet filtering , Application Proxy and Monitor model in detail. Finally described the trend of development of the firewalls techniques in Internet briefly.
Key words: network security, firewalls, Packet filtering, monitor
1. Introduction
Now with the computer network and e-commerce used widely, network security has become an important problem that we must consider and resolve. More and more professions. enterprises and individuals surfer from the security problem in different degree. they are looking for the more reliable safety solution . In the defense system adopted by network security at present, the firewalls stand the very important position.
As the key facility that maintains the network security. firewalls take the purpose of establishing an obstacle between trust and trustless network, and put corresponding safety strategy into practice.
All the firewalls have the function to filter the IP address. This task checks the IP packet, makes the decision whether to release or to abandon it according to the source address and destination address of the IP. Shown in Fig.I, there is a firewall between two network sections, an UNIX computer is on one side of the firewall, and the other side is a PC client. While the PC client asks a telnet request for the UNIX computer, the client procedure of telnet in the PC produces a TCP packet and passes the packet to the local protocol stack to prepare to send. The protocol stack fills it in one IP packet. then, sends it to UNIX computer through the path defined by the TCP/IP stack of PC. The IP packet can't reach the UNIX computer until it passes the firewall between the PC and the UNIX computer.



摘要:
作为关键设施,维护网络的安全性,防火墙采取建立信任与不可靠的网络障碍的目的,并落实相应的安全策略。在这个文件中,计算机网络安全与防火墙的技术,主要讨论的概念和分类,介绍了防火墙。它还介绍了三种基本的防火墙实现技术:分组过滤,代理服务器和应用详细监测模型的。最后描述对互联网的简单防火墙技术的发展趋势。
关键词:网络安全,防火墙,包过滤,监控
1 介绍
现在,随着计算机网络和电子商务的广泛应用,网络安全已成为一个我们必须考虑和解决的重要问题。越来越多的专业,企业和个人上网的不同程度的安全问题。他们正在寻找更可靠的安全解决方案。在防御系统所采用的网络安全的现状,防火墙占据了非常重要的地位。
作为维护网络安全的关键设施,防火墙采取建立一个障碍在信任和不信任的网络之间,并实施相应的安全策略。
所有的防火墙具有过滤IP地址的功能。这项任务是检查IP数据包,根据源地址和目的IP地址决定是否释放或放弃这个数据包。在图1所示,在两个网段中间有一个防火墙,一侧是UNIX计算机,另一侧是PC客户端。当PC客户端向UNIX 计算机发送远程登陆请求时,PC里的远程登陆客户端程序产生一个TCP数据包并把此包传递给本地协议栈准备发送。协议栈把它填充在一个IP数据包内,然后通过PC的TCP/IP协议栈中定义的路径发送到UNIX计算机。在它通过PC和UNIX计算机之间的防火墙之前,这个IP包不能送达UNIX计算机。