セキュリティ（防御）

ファイアウォール

ファイアウォールとは、セキュリティ・レベルが異なるネットワークの境目に配置し、外部からの不要な通信を遮断するハードウェアまたはソフトウェアのこと。
ACL（Access Control List）を使用して外部との通信を制御することで、内部のコンピュータネットワークの安全を保つ。

FireWall is a Hardware or Software and used to help internal network secure.
Firewall is built between internal network and external network.
It analyses incoming and outgoing data packets and determines whether those data packets should be allowed or not.

There are different types of Firewalls.
Packet filtering, Application gateway, Circuit-Level Gateway.
Packet filtering type looks the IP address of incoming and outgoing packet.
Application gateway can control network access by applications and protocols.
Circuit-Level Gateway can establishes TCP/IP connections on behalf of internal computer.

Symantec supply Firewall system by Symantec Sygate Enterprise Protection.

Webアプリケーションファイアウォール

プロキシサーバ

IDS

IDS, Intrusion Detective System, is a device or software and there are 2 types of IDS.
Network-based IDS can moniter the packets on network and unauthorized access by setting up in the internal network.
Host-based IDS is the software that is installed to host computer and monitor what happened in it.

When any abnormal event is detected, IDS can notifies a user or computer system administrator that event.

NIDS

HIDS

IPS

IPS, Intrusion Prevention System, is thought as "next generation" of IDS.
When IPS detects suspicious data packets, it can not only notice user or system administrator but also attempt to stop it by using prearranged roles or policies.

VLAN

IPSec

VPN