毕业论文—中小企业防火墙的应用.doc

中小企业防火墙的应用 摘要 互联网的应用在近几年的时间有了非常大的发展,随着中小企业商务网站的增多，资源越来越丰富，网络安全问题却也越来越严峻。 在网络安全防范中，防火墙具有着不可或缺的地位。防火墙技术是所有安全技术当中用途最广泛的，也是最有效的解决方案。 本论文在简单介绍防火墙工作原理的基础上，通过具体在Router OS上配置防火墙策略，使其实现中小企业防火墙的功能。该防火墙在通常的包过滤防火墙基础之上，又增加了MAC地址绑定和端口映射等功能，使之具有更完备、更实用、更稳固的特点。通过对于具有上述特点的防火墙的配置与测试工作，一方面使得所配置的防火墙系统本身具有高效、安全、实用的特点，另一方面也对今后在此基础上继续测试其它网络产品作好了一系列比较全面的准备工作。 关键词：网络安全；防火墙；企业网；Router OS  ABSTRACT Network technology in recent years has been a very big development, but with the network faster and faster, more abundant resources, network security issues become more critical. In network security, firewalls have an indispensable position. The firewall technology is the most versatile all security technologies, is the most effective solution. The paper on the Firewall working principle of a brief introduction, through specific Router OS on the configured firewall policy, so that function of SMEs firewall. The firewall in the usual packet filtering firewall based on the added MAC address binding and port mapping functions, so that it has a more complete, more practical, more solid. With these characteristics firewall configuration and testing, on the one hand makes the configuration of the firewall system itself has an efficient, safe, and practical features on this basis in the future to continue to test other network products, on the other hand, well more comprehensive series of preparatory work. Keywords: Network Security; Firewall; Enterprise Network;Router OS  目录 摘要 I ABSTRACT II 目录 III 1 概 述 - 1 - 1.1 课题意义 - 1 - 2 企业网安全分析 - 3 - 2.1中小企业网络安全现状 - 3 - 2.2.1 ARP攻击 - 3 - 2.2.2 网络监听 - 4 - 2.2.3 蠕虫病毒 - 4 - 2.3 企业受到外网攻击分析 - 5 - 2.3.1 DoS攻击 - 5 - 2.3.2 SYN Attack(SYN攻击) - 6 - 2.3.3 ICMP Flood(UDP泛滥) - 6 - 2.3.4 UDP Flood(UDP泛滥) - 6 - 2.3.5 Port Scan Attack(端口扫描攻击) - 6 - 3 企业网防火墙的应用 - 8 - 3.1 网络安全技术概述 - 8 - 3.2 防火墙介绍 - 9 - 3.3 防火墙的分类 - 9 - 3.3.1 宿主机网关（Dual Homed Gateway） - 9 - 3.3.2屏蔽主机网关（Screened Host Gateway） - 10 - 3.3.3屏蔽子网（Screened Subnet） - 10 - 3.4 防火墙技术发展趋势 - 11 -