diplomsko delo univerzitetnega študija Varstvoslovje
Nejc Kotnik (Author), Igor Bernik (Mentor)

Abstract

Požarni zid je naprava, ki stoji na ključnem mestu v omrežnem sistemu in ločuje zunanje nezavarovano in notranje zavarovano omrežje. Standardni požarni zidovi so bili več kot dva desetletja sposobni opravljati nalogo varuhov nadzora dohodnega in izhodnega prometa. S prihodom novih spletnih aplikacij in njihovih alternativnih načinov povezovanja, pa je nadzor postal čedalje bolj zahteven. Požarni zid se ravna po predpripravljenih pravilih, ki jih vnese administrator. Zato morajo požarni zidovi prepoznati, katere aplikacije se povezujejo v svetovni splet in kdo z njimi upravlja. Ker tradicionalne požarne pregrade te naloge ne izpolnjujejo več, je potrebno transparentnost toka omrežnih podatkov zagotoviti z dodatnimi sistemi odkrivanja. Požarni zidovi naslednje generacije zagotavljajo boljšo stopnjo zaščite kot njihovi predhodniki. So enako stabilni in zanesljivi ter omogočajo velik pretok podatkov. Poleg tega imajo integriranih še vrsto drugih sistemov zaščite in možnosti nadzora, kar administratorjem omogoča bolj celovito kontrolo nad uporabniki omrežja. Ker je požarni zid zmožen zaznati vse aplikacije v prometu, prav tako pa tudi njihovega uporabnika, organizacijam omogoča ustvarjanje uporabniških skupin, ki imajo različne varnostne politike. Požarni zidovi nove generacije so se začeli razvijati šele v začetku tega desetletja, zato tovrstni sistemi še niso dobro standardizirani. Ponudniki zagovarjajo svoje produkte in različno poimenujejo sisteme, ki opravljajo isto nalogo, zato smo v diplomskem delu naredili primerjavo različnih kriterijev med vodilnimi ponudniki požarnih zidov nove generacije. Rezultate testov smo primerjali in jih združili v pregledno tabelo. Pred odločitvijo o nakupu novega varnostnega sistema je nujno analizirati svoje potrebe, pričakovanja in finančne zmožnosti ter se na podlagi nabora funkcij posameznega sistema odločiti o optimalni izbiri za svoje podjetje.

Keywords

računalniška omrežja;varnost;požarni zid;diplomske naloge;

Data

Language: Slovenian
Year of publishing:
Typology: 2.11 - Undergraduate Thesis
Organization: UM FVV - Faculty of Criminal Justice
Publisher: N. Kotnik]
UDC: 004.056.52(043.2)
COBISS: 2873578 Link will open in a new window
Views: 2482
Downloads: 646
Average score: 0 (0 votes)
Metadata: JSON JSON-RDF JSON-LD TURTLE N-TRIPLES XML RDFA MICRODATA DC-XML DC-RDF RDF

Other data

Secondary language: English
Secondary abstract: Firewall is a hardware device, located at a critical point in the network system. It separates unprotected outer network and secured inside or home network. Traditional firewalls were capable of guarding and controlling inbound and outbound traffic for more than two decades. With the arrival of new web based applications and their advanced connection capabilities, controlling traffic has become more demanding. Firewall relies on pre-prepared rules, which are inputted by administrator. Therefore, firewall must recognize all the applications, which want to connect to the network and also who is controlling them. Because traditional firewalls are no longer capable of doing the job, the transparency of data flow had to be ensured using additional system of detection. Next generation firewalls provide better level of protection as their predecessors. They are equally stable and reliable and they offer high data throughput. Additionally they have many other systems of protection integrated, which allows administrators better control over the users of the secured network. Because of Next Generation Firewall (NGFW) capabilities to identify applications and users, it is possible to create user groups, with different security policies. NGFW have appeared only in the beginning of the decade, which is why these systems are not yet standardized. Vendors advocate their products and call systems with the same function with different name, therefore we have compared tested results from different criteria and joined it all together in a transparent table. Before purchase of the new security system it is vital, that a thorough analysis of company needs, expectations and financial capabilities is done. Based on that experts analyse NGFW functions and recommend the most appropriate product for specific company.
URN: URN:SI:UM:
Type (COBISS): Bachelor thesis/paper
Thesis comment: Univ. v Mariboru, Fak. za varnostne vede, Ljubljana
Pages: 60 str.
ID: 8730901
Recommended works:
, diplomsko delo univerzitetnega študija Varstvoslovje
, diplomska naloga visokošolskega strokovnega študijskega programa
, diplomska naloga univerzitetnega študijskega programa
, diplomska naloga visoko strokovnega študijskega programa