When it comes to “Kingsoft Anti-Virus”, everyone is familiar with it. It is a virus protection software in China, and one of the few anti-virus software with self-developed core technology and self-developed anti-virus engine in China. It is developed by Kingsoft Network. It is easy to ignore that it is the “border defense” concept first proposed by domestic Wanglao security enterprises, and the technology business landed for the first time at the end of 2012.

With the continuous development of network technology and the complexity of network construction, network boundary security has become the most important security issue, which needs to be effectively managed and controlled, mainly reflected in network isolation requirements, attack prevention ability and so on.

So what is border defense?

Border defense is to take technical measures or deploy protective equipment at the border, such as agents, gateways, routers, firewalls, encrypted tunnels, etc., to monitor, manage and control the border, check incoming and outgoing information and protocols, exclude malicious and unauthorized communications, and achieve the purpose of keeping the enemy out of the country. The boundary here refers to both the external boundary of the information system, such as the connection between the internal network and the Internet, and the internal boundary of the information system, such as the connection between different network domains.

As a border defense tool, the firewall is the first line of defense to protect the security of the internal network. Firewall is the first kind of information security equipment, can be said to be information security secret seven weapons in the ancient god “zhang eight snake spear”, suitable for far war, brandish, infinite power, the enemy can not close. Firewall is the most widely used in the network, there are also various variants, such as network firewall, application firewall, Web firewall, etc.

The firewall usually refers to the network layer firewall equipment, play the role of Access Control, according to the set rules (ACL/ Access Control list) to decide whether to release the traffic packet, generally according to the five-tuple Control: source IP, source port, destination IP, destination port, protocol. In reality, our computer’s own “firewall” and the usual use of the router is the most simple firewall.

So what is the basic function of the firewall to achieve? The basic functions of the boundary firewall include: 1. Filter the source address and reject the external illegal IP address so as to avoid the unauthorized access of the external network host.

2. Protecting vulnerable services and closing unnecessary services can reduce the possibility of system attacks to a minimum. 3. Access policies can be developed so that only authorized external hosts can access a limited number of IP addresses in the internal network, and operations unrelated to the business are denied.

4, the network access and access to monitor audit, because the firewall is the only communication channel of the internal and external network, so the firewall can all for the internal network access for detailed records, the formation of a complete log file.

5. In addition to the security role, the firewall also supports the Internet service characteristics of the enterprise internal network technology system (virtual private network).

In fact, firewall Settings are generally based on IP address, so the change of internal network host and server IP address will lead to the change of the rules in the Settings file, that is to say, the setting of these rules is restricted by the network topology.

Information security technology defense means in addition to the firewall, but also for IPS and IDS combined use. If the network space is compared to a building, then the firewall is equivalent to access control, the building outside and inside separate, access control can enter the building; IDS(passive protection) is the equivalent of monitoring. It records every move inside and outside the building. When a problem is found, the operation and maintenance personnel can adjust the monitoring to check the event. IPS(active protection) is equivalent to building security, active defense, take the initiative to find out whether there are unsafe factors in the building, and remove them in time.

The country’s border defense has prevented a lot of network attacks for us, but network battles have always existed. At the same time, many domestic manufacturers have also been acting as a firewall, such as 360, Qianxin, Angheng and other enterprises have been doing such things. Ip location data service is also indispensable to build a firewall “a brick”, using Ip location services to provide users of information, is provided by the Ip scene scene network assets census information to the enterprise internal and external network, using network security firewall protection enterprise inside and outside, to the greatest extent possible to provide data support for them, and protect enterprise network security.