| Attention! All the hackers on the systems of various | | | | data package in addition to the advantage of |
| according to their sects and wishes are eager to | | | | examining the packet header to be performed by the |
| penetrate your network, but you can defeat these | | | | firewall engine equipped with the examination of the |
| attacks by providing an appropriate combination of | | | | data packages (SPI). The engines can deep packet |
| security tactics. | | | | inspection of data, during the examination of the |
| Networks are daily threaded with attacks, so you | | | | contents of packets to discover and prevent many |
| need to provide permanent protection. No doubt that | | | | types of attacks: denial of service attacks, such as |
| the most common threats are: first, the viruses, which | | | | (DoS), and rash cache, and attacks the guise of |
| are small programs that in reality is trying to infiltrate | | | | Internet Protocol, in addition to a series of attacks by |
| your network and fool the computer, entering it as an | | | | worms. The more the costs of the firewalls as |
| attachment with an e-mail message, beginning | | | | become more like instruments of security, as a result |
| immediately after opening the attached file, repeating | | | | of processing the applications of intent to combat |
| the same self in the system of your computer. | | | | viruses, spyware and virtual private networks (VPNs). |
| Secondly, Trojan horses which run through the | | | | Know the firewall that you need |
| computer by entering the applications or data files are | | | | When the cost of the firewall is cheap, the process |
| useful, and that is activated on the Trojans after the | | | | was prepared more easily, because the additional |
| mediation of specific programs; even begin to take | | | | costs of course will provide more options, and as we |
| over the reins in the system of your computer. | | | | know that when the number of options are increased |
| Thirdly, the worms that are also working to replicate | | | | and available, The process of the preparation of these |
| itself and spread to begin the search for security holes | | | | options are more complex, so we recommend you |
| in your system, so as to penetrate your system, and | | | | first to learn what works well on protection, and what |
| often remain hidden until the right opportunity to start | | | | are the threats that want to keep away from you. For |
| attack of the distributed service (DDoS). No doubt that | | | | that we recommend first to write a list of all the |
| these three types of attacks pose a major threat to | | | | services that users need to access, such as web sites |
| his company's data and your personal data as well. Of | | | | and e-mail servers and FTP servers in addition to the |
| course, you don't want or any one of the owners of | | | | messenger services and remote access of data, |
| companies that their networks are points of attack to | | | | because the firewall can filter services on the basis of |
| distributed denial of service attacks. Therefore, we | | | | the nomination of port numbers (a way of addressing |
| must first ensure that the protection of all devices | | | | a particular service in a computer) used by these |
| connected to your company, and the first step to | | | | services, and Internet Protocol address of the source |
| ensure this protection is to provide these devices with | | | | or destination of data. We will mention the following |
| firewall, which is a line of defense to it. | | | | examples of common services outlets figures, namely: |
| But is it enough to spend hundreds of dollars for the | | | | 80 of 23 service and HTTP service Telnet and FTP |
| provision of firewalls, or that the cost would amount to | | | | service for the 21 and 25 of the service SMTP. |
| several thousands of dollars? On the walls at a | | | | There is no doubt that the safest way to build a list of |
| minimum be equipped with an examination engine of | | | | control to access to services is beginning block all data |
| the data package (SPI), which examines the content | | | | movements, and then revisit it after the disengagement |
| of packages of data and gives the right of access to | | | | to the services required for the block one after the |
| your network, in the event it was free from malicious | | | | other, such as allowing the movement of data on port |
| software code. | | | | 25, if these data are bound to Internet protocol |
| How to use the firewall? | | | | address on your e-mail in your network. If you need |
| Firewalls can also be based on certain rules or filters | | | | access to services in the internal network of |
| block the movement of inappropriate incoming and | | | | computers outside your network, such as Web |
| outgoing data. It can benefit the choice of Internet | | | | servers or e-mail servers, you will build more complex |
| Protocol (IP) for example, and to prevent existing staff | | | | rules of the nomination. You can know if the firewall, |
| in the network access to the protocol specific | | | | which has used an outlet of the neutral area DMZ to |
| addresses on the Internet or receiving emails from | | | | connect with these services and to be able to isolate |
| them. Firewalls can also block the movement of data | | | | the services open to external networks, on the internal |
| in the network based on a unique identifier named " the | | | | network, but if the firewall does not have an outlet for |
| title of control to access to the" (MAC). Many of | | | | the neutral area DMZ, then supposed to be allowed to |
| firewalls can control in data by using filters of key | | | | feature passage of the performing the work, a |
| words or scope, and permit data which is destined for | | | | process in which all the movements of short data |
| a particular location. Firewalls also allow the creation of | | | | service on a particular Internet protocol address of an |
| more sophisticated to make more complex rules for | | | | internal party. For those who are afraid of the topic of |
| the data. | | | | writing the rules for the nomination to firewalls, we say |
| There is a better option than the firewall which is | | | | that the operations are not difficult, as appears to |
| equipped with the test engine of the data packages | | | | them, they soon learn to establish a simple set of such |
| (SPI), is the firewall, which depends on the engine of | | | | rules, they will learn quickly accomplish complex rules, |
| test of the deep data packages (DPI). It works great | | | | but if they insist on their fear of the establishment of |
| test engine (DPI) to examine the full content of the | | | | rules for the nomination, they then use specialists. |