
Imagine you have a castle full of treasures (intranet), with precious data such as your personal information, working papers, family photos, etc. And outside the castle, it's a wilderness full of unknown and dangerous (external networks, like internet). Every day, a variety of people (data packs) try to enter your castle, some friendly visitors, and others impervious invaders。
And then you need a loyal guard, the cyber firewall! It's like a castle gate, where all those who want to enter the castle are scrutinized. Only those who have the correct pass (data packages that meet security strategies) are allowed to enter, while those who appear to be sneaky and suspicious of their actions (bad traffic) are denied access。
Cyberwalls are responsible not only for guarding doors but also for keeping an eye on the situation inside and outside the castle. It records information on all persons entering and leaving the castle in order to carry out investigations when required. At the same time, it also closes unusual side doors (unused ports) to prevent intruders from sneaking in from there。
Role of the network firewall

Data screening and shielding: scanning and analysing all data packages entering and leaving the internal network and filtering out potential malicious flows, such as viruses, horses, spam, etc., based on pre-established security strategies. Port management: close unused ports and prohibit communication at specific ports to reduce the risk of attack. Access control: access from special sites is prohibited and communications from unknown invaders are prevented. Recording and auditing: recording of all authorized or rejected data packages, attacks and security incidents for subsequent audit and analysis
The working principles of the network firewall

The rationale of the firewall can be simply summed up as “surveillance-analysis-decision-implementation”:
Surveillance: the firewall continuously monitors all data packages on the network, including entry and exit data packages. Analysis: each package is analysed to determine whether it meets the predefined security strategy. Decision-making: whether or not to allow the package to pass based on the analysis. Implementation: implement decision-making outcomes, allow or reject data packages and record events。
Type of network firewall

The network firewall can be divided into different types depending on the manner in which it is achieved and the features of its functions, including, inter alia:




