This document provides an overview of firewalls, including:
- What a firewall is and its purpose of monitoring incoming and outgoing network traffic to block untrusted sources.
- The key design principles of firewalls including establishing a controlled link between networks and providing a single choke point.
- The main types of firewalls - packet filtering routers, application-level gateways, and circuit-level gateways.
- Details on how packet filtering routers and application-level gateways work and their advantages/disadvantages.
- When a third-party firewall may be preferable to the default Windows firewall, such as for more advanced traffic control options.
1. JAIN (DEEMED-TO-BE
UNIVERSITY)
Subject – Internet Security
Topic - Firewall
Prepared By –
Arsalan(21BCAR0288)
Divyanshu(21BCAR0296)
Dhruv Jain(21BCAR0294)
Lakshay N R(21BCAR0309)
2. OUTLINE:
• What Is Firewall?
• About Firewall
• Firewall Design Principles
• Firewall Characteristics
• Types Of Firewalls
• Firewall Configuration
• Firewall v/s Packet Filters
• 3rd Party Firewall
2
3. WHAT IS FIREWALL?
“Firewall software is commonly installed on computers in
order to monitor incoming and outgoing packet requests and
to block any that may be from an untrustworthy source.
Firewalls and antivirus programs are the two most basic forms
of computer protection.”
3
4. ABOUT FIREWALL
• It sits between two networks • Used to protect one from the other
• Places a bottleneck between the networks • All communications must pass through the
bottleneck – this gives us a single point of
control
4
5. FIREWALL DESIGN PRINCIPLES
The firewall is inserted between the premises
network and the Internet
Aims :
• Establish a controlled link
• Protect the premises network from Internet-
based attacks
• Provide a single choke point
5
6. FIREWALL CHARACTERISTICS
1. Service control
Determines the types of Internet services that
can be accessed, inbound or outbound.
2. Direction control
Determines the direction in which particular
service requests are allowed to flow.
3. User control
Controls access to a service according to which
user is attempting to access it.
4. Behaviour control
Controls how particular services are used (e.g.
filter e-mail).
6
7. TYPES OF FIREWALLS
Three common types of Firewalls: 1. Packet-filtering routers
2. Application-level gateways
3. Circuit-level gateways
7
9. PACKET-FILTERING ROUTERS
• Applies a set of rules to each incoming IP
packet and then forwards or discards the
packet
• Filter packets going in both directions
• The packet filter is typically set up as a list of
rules based on matches to fields in the IP or
TCP header
• Two default policies (discard or forward)
9
13. APPLICATION-LEVEL GATEWAY
Advantages Disadvantages
• Higher security than packet filters
• Only need to scrutinize a few allowable
applications
• Easy to log and audit all incoming traffic
• Additional processing overhead on each
connection (gateway as splice point)
13
15. CIRCUIT-LEVEL GATEWAY
• The security function consists of determining which connections will be allowed
• Typically use is a situation in which the system administrator trusts the internal
users
• An example is the SOCKS package
15
19. FIREWALLS V/S PACKET FILTERS
Firewalls : • A firewall is a computer connected to both a
private (protected) network and a public
(unprotected) network, which receives and
resubmits specific kinds of network requests
on behalf of network clients on either the
private or public network.
• Firewalls are not routers or address
translators. Never does a firewall copy or
forward a packet from the internal network to
the external network, or vice versa. The
internal network uses private address space.
• Firewalls involve proxies. A proxy acts as a
middle-man in a network transaction. Rather
than allowing a client to speak directly to a
server, the proxy server receives the request
from the client, and then resubmits the
request, on behalf of the client, to the target
server.
19
20. FIREWALLS V/S PACKET FILTERS
Packet Filters : • A packet filter is a set of rules, applied to a
stream of data packets, which is used to
decide whether to permit or deny the
forwarding of each packet. Using a packet
filter, an administrator can decide what types
of packets are allowed into or out of a
network or computer.
• It is worth noting that any good firewall will
also employ packet filtering. This is done to
protect the firewall itself from intrusion and to
isolate intruders from the internal network
should an attacker gain control of the
firewall.
• Some devices, such as the Cisco PIX,
combine address translation with packet
filtering. Like a firewall, this prevents the
outside network from having knowledge of
the address space on the protected network.
This certainly improves security, but, strictly
speaking, this is not a firewall.
20
21. WHEN YOU WOULD WANT A THIRD-PARTY
FIREWALL
• By default, the Windows firewall only does
what’s really important: block incoming
connections. It has some more advanced
features, but they’re in a hidden, harder-to-
use interface.
• For example, most third-party firewalls allow
you to easily control which applications on
your computer can connect to the Internet.
They’ll pop up a box when an application
first initiates an outgoing connection. This
allows you to control which applications on
your computer can access the Internet,
blocking certain applications from
connecting. This can be a little annoying, but
it does give you more control if you’re a
power user.
• If you want a firewall with loads of features,
Glassware is a third party firewall that is
really nice. Rather than just being a firewall,
it also shows you beautiful graphs of
network activity, lets you drill down into
exactly which application is connecting to
where, and how much bandwidth an
individual application is using. 21