As in Internet briefly. Introduction Nowadays withAs in Internet briefly. Introduction Nowadays with

As the key facility that
maintains the network security, firewalls establish an obstacle between trust
and trustless network, and put corresponding safety strategy into practice. In
this paper, we mainly discuss the computer network security and the techniques
of firewalls, and the concept and classification of the firewalls. It also
introduced three kinds of basic implement techniques of the firewalls: Packet filtering,
Application Proxy and Monitor model in detail. Finally described the trend of
development of the firewalls techniques in Internet briefly.


We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

Nowadays with the organization network and e-commerce is
widely used, the open nature of the Internet makes it vital for businesses
to pay attention to the security of their networks. Network
security has become a critical problem that we must consider and resolve. “Unauthorized
network access by an outside hacker can cause damage or destruction to
proprietary data, negatively affect company productivity, and impede the
capability to compete” (Paquet, 2013). More and more professions, enterprises
and individuals surfer from the security problem in different degree. They are
looking for the more reliable safety solution. “Firewalls can be an effective
means of protecting a local system or network of systems from network-based
security threats while at the same time affording access to the outside world
via wide area networks and the Internet” (Aleshunas, 2010, p.22). In the
defense system adopted by network security at present, the firewalls stand the
very important position.

All the firewalls have the function to filter the IP
address. This task checks the IP packet, makes the decision whether to release
or to abandon it according to the source address and destination address of the
IP. Shown in Fig.I, there is a firewall between two network sections. An UNIX
computer is on one side of the firewall, and the other side is a PC client.
While the PC client asks a telnet request for the UNIX computer, the client
procedure of telnet in the PC produces a TCP packet and passes the packet to
the local protocol stack to prepare to send. The protocol stack fills it in one
IP packet. Then, sends it to UNIX computer through the path defined by the
TCP/IP stack of PC. The IP packet can’t reach the UNIX computer until it passes
the firewall between the PC and the UNIX computer.

Fig. I Ip Address

 The application firewall
is a very efficient means of network security on Internet, it is installed between the trust and trustless network,
can isolate the connection between the trust and trustless network, and doesn’t
hamper people’s access to the trustless network at the same time. It can
isolate the connection between the risk area (namely there may be a certain
risk on Internet) and the safe area (LAN), and doesn’t hamper people’s access
to the risk area at the same time. Firewall can monitor the traffic flowing in
and out from the network to finish the task seemingly impossible;it only allows
the safe and checked information to enter into, and meanwhile resists on the data
that may bring about the threat to enterprise. 
As the fault and defect of the security problem become more and more
general, the invasion to the network not only comes from the super attack
means, but also may be from the lower-level mistakes or improper password
selections on the configuration. So, the function of the firewalls is
preventing the communication that not hoped and authorized passes in and out of
the network protected. forcing the companies to strengthen their own network
security policy. The general firewalls can achieve the following purposes:
First, restraining others from entering the inside network, filtering the
unsafe service and illegal user;  Second,
preventing the invaders from closing to your defense installation;
Third,limiting the user to access the special site; Fourth,providing
convenience for monitoring the Internet security.