[浅谈分布式防火墙技术的结构原理中英文对照.doc

浅谈分布式防火墙技术的结构原理中英文对照 Introduction to the structure and principles of the distributed firewall technology 摘要：随着网络技术、信息技术的发展，越来越多的人正在关注防火墙技术，在考虑传统防火墙技术缺陷的基础上，提出了分布式防火墙技术。本文主要探讨分布式防火墙技术的原理、结构和应用。 Abstract: with the development of network technology, information technology, more and more people are focus on firewall technology, considering the traditional firewall technology defects, on the basis of distributed firewall technology are put forward. This paper mainly discusses the principle, structure and application of the distributed firewall technology. 关键字：分布式防火墙安全管理 Key words: distributed firewall security management 一、分布式防火墙概述 An overview, distributed firewall 1.传统防火墙的缺陷 1. The defects of traditional firewall （1）结构性限制：边界防火墙的工作机理依赖于网络的物理拓扑结构。但随着越来越多的企业利用互联网构架自己的跨地区网络，包括家庭移动办公和的服务器托管等越来越普遍，所谓内部企业网已经是一个逻辑的概念；另一方面，电子商务的应用要求商务伙伴之间在一定权限下进入到彼此的内部网络，所以说，企业网的边界已经是一个逻辑的边界物理的边界日趋模糊，边界防火墙的应用受到了愈来愈多的结构性限制。 Structural limitations: (1) the work mechanism of the boundary firewall relies on the networks physical topology. But as more and more companies use the Internet to frame their own network across the region, including the family of mobile office and server hosting, etc. More and more common, the so-called internal corporate network is a logical concept; E-commerce, on the other hand, the application of the requirements in some jurisdictions between business partners into each others internal network, so the boundary of the enterprise network is a logical physical boundaries become increasingly blurred border, border firewall application is more and more structural constraints. （2）内部安全：边界防火墙设置安全策略的一个基本假设是：网络的一边即外部的所有人是不可信任的，另一边即内部的所有人是可信任的。但在实际环境中，据统计，80%的攻击和越权访问来自与内部，也就是说，边界防火墙在对付网络安全的主要威胁内部威胁时束手无策。 (2) internal security: boundary firewall set up security policy is a basic assumption: one side of the network that is external to the all people are not to be trusted, on the other side that is inside all of the people can be trusted. But in a r