The Information Network is the most important way to connect computer to computer for sharing the information. In the past, there was only the communication among the computers within an organization. However, now the communication has been expanded to the grand channel which connects all networks in the world to become one (Internet). The main purpose is to exchange the information (Data Exchange). Now, we apply the use of Internet for many purposes such as to write an Electronic Mail (E-Mail), to have a conversation (Chat), to post a comment on a webboard, to follow up the news, to search information, to do shopping online, to download game, music, or file, to play online game, to study an e-learning, to make a Video conference, to call via an internet, and to upload the data.
There are about 2.095 millions internet users in the world or 30.2%. (http://www.internetworldstats.com/stats.htm - March 2011). As well as, there are also many system attacks occur and cost an uncountable lost to the organizations.
When we have to communicate, we should concern about the Network Security while connecting to other network. It can be done by creating an organization security policy or providing the system to support the security network. The Network Security Policy can be in various kinds of actions, such as, to input the self-verification (username/password) for logging in the system. Then user’s data and computer will be checked for an authorization (Compliance Policy). After user can log in, Firewall, Proxy, Gateway Antivirius, IPS/IDS will identify the available service, for example, the authorization to open the Facebook or Youtube page. Finally, user can log out to end the service.
Next step is to prevent the outsider’s attack. The Firewall and the added system flows devices will separate the domestic network from the outside or called, the Demilitarized Zone (DMZ). Moreover, the DMZ will protect the network from the IDS/IPS attack.
Recently, the service on the internet usually opens on the route HTTP or HTTPS. It will require the user to log in for the security purpose. The forms of the services are both profit and non-profit types. Now, many applications or services open on the Port 80. Therefore, in order to generate the communication or service type, the developer must not only focus on the route. The old generation of Firewall can’t manage the risk efficiency.
So now, the Next Generation Firewall is brought to protect the hacking on the Application Level.
The Basic Security, which is essential for the Network Level.