论文部分内容阅读
分析了传统防火墙存在的缺点,探讨了网络IP层、应用层信息在防火墙安全策略制定过程中综合运用的方法,研究了防火墙过滤规则自动产生、自动配置的途径;提出了一种基于被屏蔽子网的混合型智能防火墙模型,它可以克服包过滤防火墙效率高但规则难制定,应用代理防火墙规则针对性强,但工作效率低的矛盾,同时也可克服传统防火墙对未列出的黑客攻击不予理会的弊病。
The shortcomings of the traditional firewall are analyzed. The methods to comprehensively use the IP and application layer information in the process of making the firewall security policy are discussed. The ways of automatic generation and automatic configuration of the firewall filtering rules are studied. Network hybrid intelligent firewall model, which can overcome the packet filtering firewall is high efficiency but difficult to set rules, application proxy firewall rules targeted, but the contradiction between low efficiency, but also can overcome the traditional firewall for unlisted hacker attacks are not To the Council will be the ills.