| Nowadays, with the popularization of computer network, the problem of network security is becoming worse and worse. As the mainest and the most basic foundation for network security, firewall has been accepted for most users. This article mainly introduces the design and implementation of Hua-Xin FircWall. Our goal is to design a FireWall system with more integrated function that can be satisfied with the medium or small corporation.First, this article explained the basic knowledge of firewall, included the conception of firewall, related terms, its evolution,thc technique feature of the fourth generation firewall , the status quo and direction of firewall technique.Then, we gave the design of Hua-Xin FireWall, determined its implementation mode and the hardware and software platform that existed. Otherwise, we plot out the modules of the firewall system, defined the interface between the modules and bring out the function of each module.Afterwards, we explain the design and implementation of the main function modules, including identity authentication module, application proxy module, IP-MAC binding module and other modules related with the system. Compared with the traditional identity authentication, this article bring out a way that only need authentication once, which make the user need not to verify their identity for several times when they asked for different application service. Application proxy in this article is transparent proxy in both directions, compared with the universal proxy used in most firewall products, this one had its own features: compulsive access control based on role, defending attack and virus. The fuction of security control in our proxy was much better than the popular proxy.
|
PDF Full Text Request