Firewall:
The so-called firewall refers to a combination of software and hardware equipment is made between the internal network and external networks, constructed on the border between the private network and public network protection barrier. Security is a method to get the image of argument, it is a combination of computer hardware and software, between the Internet and intranet to establish a security gateway (security gateway), to protect the internal network from unauthorized users intrusion, the firewall mainly by the service access rules, verification tools, packet filtering and application gateway four parts, a firewall is a software or hardware located between the computer and the network it is connected. All communications network and the packet to the computer are the inflow and outflow through the firewall.
In the network, the so-called "firewall" refers to a method for the internal network and the public access network (eg www.ssldun.com) separate, it is actually an isolation technology. A firewall is implementation of an access control in two networks communicate scale, it allows you to "agree" to enter your network and the data, while you "disagree" shut out people and data to maximize *** prevent the network to access your network. In other words, if not through the firewall, people within the company can not access the Internet, people on the Internet can not communicate with people inside the company.
Encryption:
math you, I have read some. It is to ensure the safety of your stuff!
Virtual Private Network:
In the traditional enterprise network configuration, to carry out the interconnection between remote LAN, the traditional method is to hire DDN (Digital Data Network) leased line or frame relay. Such communications program will inevitably lead to high network traffic / maintenance costs. For mobile users (mobile workers) and remote individual users, usually into the enterprise LAN via dial-up lines (Internet), and this will inevitably bring about a safety hazard.
Virtual Private Network refers to rely on ISP (Internet Service Providers) and other NSP (network service provider), to establish a dedicated data communication network in the public network technology. In the virtual private network, the connection between any two nodes are not required to end the traditional private network physical link, but to use some kind of public network resources dynamically thereof. The draft IETF IP-based ××× to understand: "Use IP emulation mechanism to a private wide area network" through the private tunnel technology is a point to point leased line emulation technology in the public data network [1]. The so-called virtual means users no longer need to have the actual long-distance data lines, but the use of long-distance data line Internet public data network. The so-called private network means users can develop a network that best meet their needs for themselves.
Users in the telecommunications sector rented FR (Frame Relay) and ATM network provides fixed data such as virtual circuit (PVC-Permanent Virtual Circuit) to connect the unit requires communication, all the rights in the hands of others. If you need some other service, we need to fill in many of the documents, to wait quite some time to enjoy the new service. More importantly, the terminal equipment at both ends of the price not only expensive, but also requires a certain professional management and technical personnel, is costly, and Frame Relay, ATM data networks like the Internet did not, anywhere in the world with an immediate use the Internet connection of the unit. And on the Internet, ××× users can control their contact with other users, as well as support for dial-up users.
So we say virtual private network generally refers to the building on the Internet can be self-managed private networks, rather than waiting for Frame Relay or ATM provides a virtual fixed line (PVC) network services. IP as the main communication protocol to the ×××, also known as IP- ×××.
Since ××× is set up temporarily on Internet security virtual private network, the user saves the cost of leased lines, running on capital expenditures, in addition to the purchase ××× equipment, companies pay only the ISP to the business location pay a fee to the Internet, but also saves long-distance telephone charges. This is the reason ××× low prices.
More and more users realize that, with the rapid development of Internet and e-commerce, economic globalization is the best way to develop Internet-based business applications. With the increasingly frequent business activities, companies began allowing its business partners, suppliers can access the enterprise LAN, which greatly simplifies the way information exchange, increase the speed of information exchange. These partnerships and linkages are dynamic and rely on the network to maintain and strengthen, so enterprises found that such exchange of information will not only bring the complexity of the network, but also poses a problem management and security, because the Internet is a global and openness, based on TCP / IP technology, unmanaged Internet, so Internet-based business is facing the threat of non-bona fide information and security risks.
Isolation Security:
Security data exchange unit is connected to the external network is not the same processing unit, the host 2 + 1 architecture. Isolation network gateway using SU-Gap security isolation technology to create a inner and outer screens off the physical environment.