The Research On Firewall Technology And Its Application In Campus Network

The construction of network security in higher vocational college is a complicated and huge system engineering. As the only gateway connecting campus network and extranet and the key segment of campus network security, firewall provides safeguard and service for campus network security, and at the same time, is confronted with threats and attack all the time as well. There exist some obvious disadvantages in the firewall which is based on the traditional structure. There are some general problems exist in the traditional firewall, like single point of failure and the failure to block the attack from the campus network.At present, the solution to the single point of failure problem is mainly to adapt the cluster technology and the technology of Distributed Firewall. The cluster technology has had some mature products to choose, but the expense invested in it is relatively higher, and the threats from the campus network are also existed. The appearance of Distributed firewall does represent the new development trend. And there are many research and applications on it, and also some solutions by using relevant products. However, due to the immature technology of Distributed firewall, the complicated application and high cost to implement it, it is difficult to popularize it.The relevant applied researches on this problem was carried out to pursue an effective, reasonable, economical and feasible solution to the problem of firewall technology in higher vocational college, so that the level of the ability to safeguard will be improved, and a safer, more reliable, multilevel and all-aspect security system of campus network will be built.On the basis of research on the technology of firewall and its development trend, research was focused on the key technology of the designing and implementation of High Availability Firewall and Distributed Firewall system. According to the requirements of campus network firewall in higher vocational colleges, such as reliability, safety, rationality, validity and economical efficiency, new improvement solutions which integrate point and sphere are put forward to solve the problem of Single Location Invalidation. The improvement proposal on the campus social network put forward and implemented in this paper has certain practical value and can be used as a resource of reference for the construction work of firewall system in relevant colleges. And a further improvement can help to popularize it.The main content of this paper included:1. The research on the firewall technology, the architectures of firewall system and its working principles were elaborates.2. The research on the security problems of campus network and the application status of the campus firewall in higher vocational school were done.3. In connection with the disadvantages that exist in the traditional Boundary firewall, the study on the feasibility of the deployment of Boundary Firewall by using Linux HA+Netfiltering to improve its reliability were discussed.4. According to the research on the firewall principles and system model, the development and the application situation of the implementation technology of Distributed firewall were elaborated, the implementation technology of Distributed Host Firewall were analyzed.5. The problem of single point of failure were researched, and then the all-aspect improvement solutions with integrated point and sphere were put forward, an improved and effective applications based on Linux HA Boundary Firewall and Host Firewall was carried out to make up the work that Distributed Firewall and traditional firewall can’t do.