1. Field of the Invention
The present invention relates to a network relay device; more specifically, it relates to a network relay device capable of detecting unauthorized infiltration data, such device being a router that performs routing between external networks and internal networks.
2. Related Technology
When external networks such as the Internet and internal networks are connected, in order to transmit data to the appropriate destination, network relay devices are used to select a route and execute routing.
In such cases where external networks and internal networks are connected by such a relay device, a system is needed to prevent unauthorized infiltration from the external networks to the internal networks.
One system for preventing unauthorized infiltration from external networks is a firewall device, which is positioned between an external barrier segment that can be accessed from external networks and an internal segment to which a server and terminals that comprise internal networks are connected; when the firewall identifies an unauthorized packet that has arrived from an external source, it prevents unauthorized infiltration into the internal segment. The firewall function can be constituted so that, for example, the address of the sender of a TCP/IP packet, the destination address, and the port number are checked; packets with port numbers other than pre-registered port numbers are not allowed to pass.
In addition, in order to prevent unauthorized infiltration from external networks, a firewall may be constituted as a monitoring tool to monitor packet traffic flowing through a network and compare this against a previously prepared traffic pattern characteristic of unauthorized access; in the event that traffic corresponding to such traffic is detected, an alert is displayed, or the connection is cut off, or other such processing is conducted.
Of the above-described systems for preventing unauthorized infiltration from external networks, most are for corporate use; the object of such systems is to monitor packets transmitted from external networks in real time, and to detect and prevent unauthorized infiltration as quickly as possible. For this reason, in network relay devices such as routers that perform routing between external networks and internal networks, when they are given the function to prevent this kind of unauthorized infiltration, priority is given to detecting unauthorized infiltration, even at the expense of routing capability.
In households, too, always-on Internet connections have become commonplace, and thus systems not just for corporations but for households, too, have become necessary for preventing unauthorized infiltration from external networks. When the above-described systems for preventing unauthorized infiltration into corporate networks are used in routers designed for household use, there are problems in terms of cost performance, as the system will have unnecessarily high processing capabilities. Furthermore, because a household does not need the advanced anti-infiltration function needed by corporations, even if unauthorized infiltration analysis is carried out in real time for all packets, resulting in a degraded routing function, it is difficult to imagine that a superior infiltration prevention effect can be achieved.