With rapid development and wide application of computers and network technologies, modern information technologies provide a tremendous impetus to civilization and progress of human beings. However, an information network has a number of security vulnerabilities due to its openness. With emergence of numerous hacker attacks, worm viruses, and malicious code, risks confronted by the information network are multiplying. To implement defense, a firewall device is generally deployed in the network. To adapt to an ever-increasing data transmission rate, a fast forwarder and a detecting processor are generally included in the firewall device of the prior art. The fast forwarder sends received application data to the detecting processor for threat detection, and then the fast forwarder quickly forwards the application data that has passed the detection performed by the detecting processor to implement detection on the application data.
The technical solution described above has at least the following problem in a practical application: because the fast forwarder needs to send all received application data to the detecting processing device for detection, when a large amount of application data is received, massive application data is detected by the detecting processing device which has a limited processing capability. This leads to a poor detection effect.