摘要
双重宿主主机、被屏蔽主机和被屏蔽子网3种防火墙体系结构相比,被屏蔽主机体系结构比双重宿主主机体系结构具有更好的安全性和可用性,能更好地把内部网络与因特网隔离开.尽管堡垒主机、数据包 过滤系统、代理系统都可提供一定的网络安全保障,但无论哪一种体系结构都不具备绝对的 安全性,故建造防火墙时,一般采用多种解决问题技术的组合.第三代防火墙系统应是防火 墙技术的发展方向.
There are three firewalls of a couple of host computer system structure, scree ned host computer system structure, screened net host computer system structure. Their merits and demerits are analysed. Screened host computer system structur e is safer than a couple of host computer system structure, and internal net is separated from internet by screened net host computer. Stronghold computer, data filter, acting system may give some net safe way, none of the system structures is quite safe. When building firewalls, often several ways are used. The third firewall system is the direction firewall technology will take.
出处
《郑州轻工业学院学报》
2000年第3期66-68,共3页
Journal of Zhengzhou Institute of Light Industry(Natural Science)
关键词
防火墙
网络体系结构
安全性
双重宿主主机
发展
firewall
network architecture
security
stronghold computer
data filter
proxy system
