E firewalls


Published on

Firewalls In nutshell....
complexity level 03

Published in: Technology
1 Comment
  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

E firewalls

  1. 1. Firewalls The function of a strong position is to make the forces holding it practically unassailable -On War,(Carl Von Clausewitz) ABHIROOP GHATAK en no: 077118440629 December 2008 abhiroop@cdac 1
  2. 2. What is a Firewall? A firewall is hardware, software, or a combination of both that is used to prevent unauthorized programs or Internet users from accessing a private network and/or a single computer. A firewall is simply a program or h/w device that filters the info.coming through the internet connection into your private network or comp-system.IF an incoming packet of info.is flagged by the filters,it is not allowed through.29 December 2008 abhiroop@cdac 2
  3. 3. Hardware vs. Software Firewalls Hardware Firewalls  Protect an entire network  Implemented on the router level  Usually more expensive, harder to configure Software Firewalls  Protect a single computer  Usually less expensive, easier to configure29 December 2008 abhiroop@cdac 3
  4. 4. How does a software firewall work? Inspects each individual “packet” of data as it arrives at either side of the firewall Inbound to or outbound from your computer Determines whether it should be allowed to pass through or if it should be blocked29 December 2008 abhiroop@cdac 4
  5. 5. Firewalls denies or permits access based on rules and policies Protected Private Network Internet29 December 2008 abhiroop@cdac 5
  6. 6. Firewall Rules Allow – traffic that flows automatically because it has been deemed as “safe” (Ex. Meeting Maker, Eudora, etc.) Block – traffic that is blocked because it has been deemed dangerous to your computer Ask – asks the user whether or not the traffic is allowed to pass through29 December 2008 abhiroop@cdac 6
  7. 7. What a personal firewall can do Stop hackers from accessing your computer Protects your personal information Allow virtual private networks locks “pop up” ads and certain cookies Determines which programs can access the Internet29 December 2008 abhiroop@cdac 7
  8. 8. Firewalls DON’T Protect against attacks that bypass the firewall  Dial-out from internal host to an ISP Protect against internal threats  disgruntled employee  Insider cooperates with and external attacker Protect against the transfer of virus-infected programs or files29 December 2008 abhiroop@cdac 8
  9. 9. Type is Firewalls ..Firewalls fall into four broad categories . Packet filters Application level Circuit level Stateful inspection firewalls29 December 2008 abhiroop@cdac 9
  10. 10. Packet filtering firewall29 December 2008 abhiroop@cdac 10
  11. 11. Packet Filtering Routers • Forward or discard IP packet according a set of rules • Filtering rules are based on fields in the IP and transport header29 December 2008 abhiroop@cdac 11
  12. 12. Packet-filter firewall29 December 2008 abhiroop@cdac 12
  13. 13. Application level gateway Proxy server Firewall Application Proxies Application Application Transport Transport Internal Network Network Network Data Link Data Link Internet Physical Physical Router29 December 2008 abhiroop@cdac 13
  14. 14. Continue … Act as relay of application-level traffic.The user contacts the gateway using TCP/IP application,such as FTP ,and the gateway asks the user for the name of a remote host to be accessed.When the user responds and provides a valid user ID and authentication info. the gateway contacts the application on the remote host and relays TCP segments containing the application data between the two points.29 December 2008 abhiroop@cdac 14
  15. 15. Proxy firewall29 December 2008 abhiroop@cdac 15
  16. 16. Circuit level gateway(Firewall) Circuit level gateways work at the session layer of the OSI model.They monitor TCP handshaking between packets to determine whether a requested session is legitimate. Information passed to a remote computer through a circuit level gateway appears to have originated from the gateway. This is useful for hiding information about protected networks. Circuit level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect. On the other hand, they do not filter individual packets.29 December 2008 abhiroop@cdac 16
  17. 17. Circuit level gateway29 December 2008 abhiroop@cdac 17
  18. 18. Continue ..Whether a connection is valid may for examples be based upon: destination IP address and/or port source IP address and/or port time of day protocol user passwordEvery session of data exchange is validated and monitored and all traffic is disallowed unless a session is open.29 December 2008 abhiroop@cdac 18
  19. 19. Stateful inspection firewalls Firewall/Router Application - State Table Transport - Access Rules Network - Access Rules Inspection Module Internal Network Network Network Data Link Router Data Link Internet Physical Physical29 December 2008 abhiroop@cdac 19
  20. 20. How to trust firewalls?Firewalls can be trusted if they provide the following services1)Authentication2)access control3)data confidentiality4)data integrity5)non repudiation29 December 2008 abhiroop@cdac 20
  21. 21. uses of firewalls Virtual private network Demiltarised zone A DMZ can be viewed as a layer of privacy between the corporate infrastructure and the Internet, exposing only those systems that must be known to the public. Ip security29 December 2008 abhiroop@cdac 21
  22. 22. VPN29 December 2008 abhiroop@cdac 22
  23. 23. De-militarised zone Protected private network Open access between private LAN and DMZ Allow Internet SMTP, From here to there WEB only Server DMZ Static filters Mail between private LAN Server and DMZ used to control access Demilitarised Zone29 December 2008 abhiroop@cdac 23
  24. 24. Ip security Firewalls are needed when any organization relies heavily on the internet.29 December 2008 abhiroop@cdac 24
  25. 25. conclusion Firewall must continue to advance Firewalls must be developed to scan virus $377 million (approx.) lost till date due to network attacks.29 December 2008 abhiroop@cdac 25
  26. 26. 29 December 2008 abhiroop@cdac 26
  27. 27.  For additional information visit http://www.pc- help.org/www.nwinternet.com/pchelp/security /firewalls.htm29 December 2008 abhiroop@cdac 27