The concept of the inscanwall was launched by Trend Micro a few years ago, and it was patented in United States. As the name suggests, OfficeScan is similar to a firewall in that it refers to a network security device that is located at the entrance (gateway) of a network and is used to filter viruses in transit over the network. In layman's terms, OfficeScan can be deployed at the junction of the corporate LAN and the Internet to prevent viruses from entering the intranet from the Internet.
All viruses have certain characteristics. OfficeScan scans packets passing through the gateway and then scans them for viruses and, if so, cleans them up. Theoretically, OfficeScan can stop any viruses from entering the internal network from the gateway.
The firewall analyzes the legitimacy of network traffic connections, and it is powerless against virus traffic sent from a normal computer because it cannot identify the presence of viruses in legitimate packets; OfficeScan is a security device created to solve the inherent anti-virus defects of firewalls. It can carry out virus detection at the gateway, and the definition of viruses is more accurate and reliable.
A firewall is a system or group of systems that enforces access control policies between networks. The actual way to implement a firewall varies, but in principle, a firewall can be thought of as a pair of mechanisms: one that blocks the flow of traffic and the other that allows the transport stream to pass through. Some firewalls focus on blocking the passage of transport streams, while others focus on allowing transport streams to pass through. Perhaps the most important concept to understand about a firewall is that it implements an access control policy. If you're not sure what type of access you need to allow or deny, you can have someone else or some product configure the firewall based on what they think they should do, and they'll develop a comprehensive access policy for your organization.
Like any other society, the Internet is plagued by bored people who like to do things online, like spraying graffiti on other people's walls, knocking down someone's mailbox, or honking a car on the street. Some people try to do some real work over the Internet, while others have sensitive or proprietary data that needs to be protected. In general, the purpose of a firewall is to keep boring people out of your network while still allowing you to get things done.
Many traditional enterprises and data centers have computing security policies and practices that must be adhered to. Firewalls are especially important when a company's security policy states that data must be protected, as it is the embodiment of the company's security policy. If your company is a large enterprise, the hardest job to do on connecting to the Internet is often not the expense or the work that needs to be done, but convincing management that it is safe to surf the Internet. Not only does the firewall provide real security, but it also plays an important role in putting a security blanket over the management.
OfficeScan is commonly referred to as an antivirus gateway. At present, there is still no consensus on the concept of OfficeScan in the market. OfficeScan is generally considered to include proxy servers whose primary purpose is to scan for viruses; and a dedicated OfficeScan that needs to be used in conjunction with a firewall; Products that focus on firewall functions and are supplemented by some anti-virus filtering functions are generally not considered to be anti-virus. As a result, Totem firewalls such as Fortigate and Adecsoft Firewall, as well as their OEM-derived firewall products, are not officially OfficeScan products.
Part of the reason for this division is that this kind of firewall with firewall function is not economically cost-effective because it needs to be changed to a special virus wall because it needs antivirus. In addition, the performance of the firewall is greatly impaired by the use of anti-virus features, which makes this part of the feature suitable for use only in small network areas. The biggest difference between OfficeScan and Firewall is that the former works primarily on the protocol stack, or OSI Layer 7. The latter works on top of the IP stack, the third layer of the OSI. Therefore, firewalls must be responsible for managing all TCP/IP traffic, while OfficeScan is designed to focus on strengthening the security of certain types of commonly used communications. Therefore, there is no question of replacing each other for the user, and OfficeScan is an important complement to the firewall, which is a more basic security device.
In practice, OfficeScan does not prevent attacks like firewalls, nor does it prevent worm viruses, on the contrary, OfficeScan itself or the system in which it is located may become the target of network incursion (as when trending Interscan is installed on Windows); And all this protection must be done by the firewall.
What OfficeScan and Firewall have in common is that both work on the gateway. In a small-scale network, the need to connect to the Internet is relatively simple, usually a few protocols such as SMTP and HTTP, in this case, as long as the operating system on which OfficeScan is based has no obvious vulnerabilities, the role is basically the same as that of a firewall.