Section c group2_firewall_ final
Upcoming SlideShare
Loading in...5
×
 

Section c group2_firewall_ final

on

  • 72 views

 

Statistics

Views

Total Views
72
Views on SlideShare
72
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  •  A simple router is the ``traditional'' network layer firewall, since it is not able to make particularly sophisticated decisions about what a packet is actually talking to or where it actually came from. Modern network layer firewalls have become increasingly sophisticated, and now maintain internal information about the state of connections passing through them, the contents of some of the data streamsSoftware-based Microsoft’s Internet Security and Acceleration (ISA) Server or the hardware-based Nortel Networks Alteon Switched Firewall Systemcorporate internet access management and total network defence against any external unwarranted interference.Host-based firewalls, such as Internet Connection Firewall (ICF—included with Windows XP and Windows Server 2003), protect an individual computer regardless of the network it’s connected to.
  • These generally are hosts running proxy servers, which permit no traffic directly between networks, and which perform elaborate logging and auditing of traffic passing through them. Since the proxy applications are software components running on the firewall, it is a good place to do lots of logging and access control. Application layer firewalls can be used as network address translators, since traffic goes in one ``side'' and out the other, after having passed through an application that effectively masks the origin of the initiating connection. Having an application in the way in some cases may impact performance and may make the firewall less transparent. Early application layer firewalls such as those built using the TIS firewall toolkit, are not particularly transparent to end users and may require some training. Modern application layer firewalls are often fully transparent. Application layer firewalls tend to provide more detailed audit reports and tend to enforce more conservative security models than network layer firewalls.
  • Application layer firewalls have become increasingly “low level” and transparent
  • Milan
  • Milan

Section c group2_firewall_ final Section c group2_firewall_ final Presentation Transcript

  • Introductory Video (This has to be shown for 1 min only)
  • Firewalls Group 2Section C Avishek Dasgupta Tarun Gupta () Siddharth Gautam (13P172) Kanika Vimani
  • TThreats: •Theft or disclosure of internal data •Unauthorized access to internal hosts •Interception or alteration of data •Vandalism or denial of service
  • Firewall System or set of systems designed to: • Permit or deny network transmissions • Used to protect networks from unauthorized access • Permit legitimate communication to pass • Protect data integrity of critical information
  • TYPES OF FIREWALL • Network firewalls:  Protect the perimeter of a network by watching traffic that enters and leaves  Simple router or “traditional” network layer firewall  Modern network layer firewalls
  • TYPES OF FIREWALL • Application-layer firewalls:  Host-run proxy servers  Early application layer firewalls are not particularly transparent to end users and may require some training. Modern application layer firewalls are often fully transparent
  • TYPES OF FIREWALL Hybrid firewalls: Network layer firewalls have become increasingly “aware” of the information going through them Application layer firewalls have become increasingly “low level” and transparent • Fast packet-screening systems that log and audit data as they pass through the system • Increasingly, firewalls (network and application layer) incorporate encryption so that they may protect traffic passing between them over the Internet
  • Anti-virus vs. Firewall Scanning Software - disinfects an infected computer Search files, incoming, outgoing, and stored on hard drives and other storage devices which can be potentially hazardous to your internal network or PC Filtering device - prevents the computer from getting outward Control or regulate theinfected bound traffic from your internal network to sites outside and prevent access to sites not considered appropriate
  • How Firewalls Work Firewalls uses one of the three methods to control traffic flowing in and out of the network: Packet Filtering Proxy Service Stateful Inspection
  • Video to exhibit Firewall’s functioning
  • Classification based on working Principle Stateful Inspection Packet Filtering
  • Firewalls as filters
  • Firewalls as filters • When TCP/IP sends data packets they seldom go straight from the host system that generated them to the client that requested them. Along the way they normally pass through one or more routers • Routers look at the address information in TCP/IP packets and direct them accordingly • For Example, Data packets transmitted over the Internet from the Web browser on a PC in Gurgaon to a Web server in Bangalore will pass through numerous routers along the way, each of which makes decisions about where to direct the traffic
  • Firewalls as filters • Routers make their routing decisions based on tables of data and rules. It is possible to manipulate these rules by means of filters so that, for example, only data from
  • Firewalls as Gateways
  • Firewalls as Gateways • A gateway is a computer that provides relay services between two networks • Traffic goes to the gateway instead of directly entering the connected network. • The gateway machine then
  • Firewalls as Gateways • Typically, the two gateways will have more open communication through the inside filter than the outside gateway has to other internal hosts. The outside filter can be used to protect the gateway from attack, while the inside gateway is used to guard against
  • Firewalls as Control Points
  • Firewalls as Control Points • Firewalls can provide additional security services including traffic encryption and decryption • In order to communicate in encryption mode, the sending and receiving firewalls must use compatible encrypting systems
  • Firewalls for Small Offices and Home Offices • Now that high-speed, always-on Internet connectivity is becoming more and more common, so too are attacks against connected computers and hence it has become very important to protect our personal computers. • Firewalls help us by: – screening out many types of malicious traffic – keep your computer from participating in attacks on others without your knowledge • Firewall products come in many different forms, from freely available software for your computer to tamper-resistant industrial units • For maximum security, the most reliable
  • Internet Connection Firewall (ICF) • To prevent unsolicited traffic from the public side of the connection from entering the private side • To thwart common hacking attempts (such as port scanning), the firewall drops communications that originate from the Internet. • ICF silently discards unsolicited communications • ICF blocks the following kinds: • Scans • Many Trojans
  • How a hardware firewall is connected?
  • Firewalls for Enterprises • Corporate networks employ layers of defence: – traffic screening at the router connecting the network to the Internet – one or more enterprise-class firewalls – virus scanning engines on the email servers – and some kind of intrusion detection mechanism • Do host based firewalls make sense in corporate network?
  • Demilitarized zone • DMZ is a computer host or small network inserted as a "neutral zone" between a company's private network and the outside public network • DMZs allow computers behind the firewall to initiate requests outbound to the DMZ • Computers in the DMZ in turn respond, forward or re-issue requests out to the Internet or other public network • The LAN firewall, though, prevents computers in the DMZ from initiating
  • Demilitarized zone
  • Future of Firewall • 596 million Internet users in China were attacked by viruses and malware in the first half of 2010 • Current Systems are obsoleting fast • Vendors are Focusing on developing "next-generation firewalls” • Superior protection without bottlenecking the system performance • Enterprise Firewall – The Next
  • Thank You !!