Požarni zidovi naslednje generacije

REPOVŽ, MATEJ

Požarni zidovi naslednje generacije
ID REPOVŽ, MATEJ (Author), ID Kos, Andrej (Mentor) More about this mentor... This link opens in a new window

PDF - Presentation file, Download (2,31 MB)
MD5: BEABB925253F77DC0E2AAA0738ED7828
PID: 20.500.12556/rul/45104ae8-16f3-406d-9528-2b57a2559f33

Abstract

Požarni zidovi so pomemben člen pri zagotavljanju varnosti v času, ko si življenja brez interneta enostavno ne znamo predstavljati. So naprave, ki nadzorujejo omrežni promet med notranjim lokalnim in zunanjim javnim omrežjem. Poznamo programske različice požarnih zidov in strojne različice oziroma samostojne naprave. Diplomsko delo je osredotočeno predvsem na strojne različice požarnih zidov. Prve različice požarnih zidov so se pojavile konec osemdesetih let prejšnjega stoletja in zadoščale za takratne potrebe v internetni tehnologiji. Vendar sta neverjetni razvoj informacijskih tehnologij in storitev, prav tako pa tudi pojav zlonamernih programov in vdorov povzročila, da prvotne različice niso bile več učinkovite za zagotavljanje visoke ravni varnosti. Postopno so se začeli pojavljati nove različice požarnih zidov in novi načini pregledovanja omrežnega prometa, ki so ustrezali takratnim zahtevam. Poleg požarnih zidov se je na trgu pojavila vrsta dodatnih orodij, ki so v povezavi s požarnimi zidovi učinkovito pregledovala omrežni promet. Orodja so bila kakovostna, vendar so zahtevala dodatni strošek zaradi nakupa novih naprav in licenc, potrebna so bila dodatna izobraževanja, potreben je bil prostor za namestitev naprave itd. Potrebe po visoki zaščiti omrežja in prilagoditev novim načinom uporabe omrežnih storitev so pripeljale do razvoja požarnih zidov naslednje generacije. To so zmogljive naprave, ki s pomočjo naprednih orodij zagotavljajo varnost lokalnih omrežij, nadzor nad aplikacijami in pregled nad uporabniki omrežja. Bistvo požarnih zidov naslednje generacije je, da združujejo dobre lastnosti prejšnjih različic, vsebujejo napredna orodja, prav tako pa vključujejo novejše pristope za odkrivanje zlonamernih programskih kod in napadov. Poleg zagotavljanja varnosti in nadzora morajo biti požarni zidovi naslednjih generacij pregledni za uporabo, saj tako administratorjem omrežij zagotovijo čim enostavnejše rokovanje z napravo. V zadnjih letih pa so se na trgu pojavile zmogljive naprave, ki naj bi kot dodatek k požarnim zidovom zagotavljale visoko stopnjo varnosti. To so t. i. Sandbox naprave, katere z naprednimi načini pregledovanja iščejo zlonamerne vsebine in napade. Rezultat diplomskega dela so v teoretičnem delu razloženo splošno delovanje požarnih zidov, ter v drugem delu z laboratorijskimi testi prikazani praktični preizkusi na napravah.

Language:	Slovenian
Keywords:	požarni zidovi naslednje generacije, evolucija požarnih zidov, Sandbox.
Work type:	Undergraduate thesis
Organization:	FE - Faculty of Electrical Engineering
Year:	2016
PID:	20.500.12556/RUL-84257
Publication date in RUL:	22.07.2016
Views:	2300
Downloads:	473
Metadata:
:	Copy citation
Share:

Secondary language

Abstract:
Language:	English
Title:	Next generation firewalls
Firewalls are an important element in ensuring computer security in times when we simply cannot imagine living without the Internet. These applications and devices control network traffic between the internal local and external public networks. Software and hardware firewall solutions are available or, as the case may be, independent devices. The bachelor's thesis focuses primarily on the hardware firewall solutions. The first firewall solutions occurred at the end of the 1980's and were sufficient for the needs of Internet technologies of the time. However, the incredible development of information technologies and services, but especially the occurrence of malicious software and hacking attacks, made those forms of firewalls inefficient as regards providing high levels of security. Gradually, new forms of firewalls began to spring up, as well as new ways of monitoring network traffic to meet the requirements of the time. In addition to firewalls, a number of additional tools occurred on the market which, together with firewalls, enabled efficient monitoring of network traffic. The tools were of good quality, but the additional cost of purchasing new devices and licences was a problem for many. Moreover, additional training was required for their use, additional space for installing the devices and so on. The needs for high quality network protection and adjustment to new forms of network services have brought on the development of next-generation firewalls. These are high capacity devices which, in combination with advanced tools, ensure security of local networks, monitoring of applications, as well as monitoring of network users. The essence of the next-generation firewalls is that not only do they combine the good characteristics of previous versions and contain advanced tools, but also that they use novel approaches to discovering malicious software codes and hacking attacks. In addition to ensuring security and monitoring, the next-generation firewalls also provide transparent use in order to simplify the management of these devices for network administrators as much as possible. In the last few years, a capable device came to the market which would, as an addition to next-generation firewalls, ensure a high level of security. These are the so-called Sandbox devices, which employ advanced levels of searching to discover malicious contents and attacks. The first part of the bachelor's thesis explains the general operation of firewalls by using theory, whilst the second part uses laboratory work to demonstrate the practical tests on devices.
Keywords:	Next-generation firewall, evolution of firewall, Sandbox

Similar works from RUL:
Similar works from other Slovenian collections:

Secondary language

Similar documents