Recommended
More Related Content
Similar to Divyanshu.pptx
Similar to Divyanshu.pptx (20)
Recently uploaded
Recently uploaded (20)
Divyanshu.pptx
- 1. JAIN (DEEMED-TO-BE UNIVERSITY) Subject – Internet Security Topic - Firewall Prepared By – Arsalan(21BCAR0288) Divyanshu(21BCAR0296) Dhruv Jain(21BCAR0294) Lakshay N R(21BCAR0309)
- 2. OUTLINE: • What Is Firewall? • About Firewall • Firewall Design Principles • Firewall Characteristics • Types Of Firewalls • Firewall Configuration • Firewall v/s Packet Filters • 3rd Party Firewall 2
- 3. WHAT IS FIREWALL? “Firewall software is commonly installed on computers in order to monitor incoming and outgoing packet requests and to block any that may be from an untrustworthy source. Firewalls and antivirus programs are the two most basic forms of computer protection.” 3
- 4. ABOUT FIREWALL • It sits between two networks • Used to protect one from the other • Places a bottleneck between the networks • All communications must pass through the bottleneck – this gives us a single point of control 4
- 5. FIREWALL DESIGN PRINCIPLES The firewall is inserted between the premises network and the Internet Aims : • Establish a controlled link • Protect the premises network from Internet- based attacks • Provide a single choke point 5
- 6. FIREWALL CHARACTERISTICS 1. Service control Determines the types of Internet services that can be accessed, inbound or outbound. 2. Direction control Determines the direction in which particular service requests are allowed to flow. 3. User control Controls access to a service according to which user is attempting to access it. 4. Behaviour control Controls how particular services are used (e.g. filter e-mail). 6
- 7. TYPES OF FIREWALLS Three common types of Firewalls: 1. Packet-filtering routers 2. Application-level gateways 3. Circuit-level gateways 7
- 8. TYPES OF FIREWALLS 1. Packet-filtering routers 8
- 9. PACKET-FILTERING ROUTERS • Applies a set of rules to each incoming IP packet and then forwards or discards the packet • Filter packets going in both directions • The packet filter is typically set up as a list of rules based on matches to fields in the IP or TCP header • Two default policies (discard or forward) 9
- 10. PACKET-FILTERING ROUTERS Advantages Disadvantages • Simplicity • Transparency to users • High speed • Difficulty of setting up packet filter rules • Lack of Authentication 10
- 11. TYPES OF FIREWALLS 2. Application-level Gateway 11
- 12. APPLICATION-LEVEL GATEWAY • Also called proxy server • Acts as a relay of application-level traffic 12
- 13. APPLICATION-LEVEL GATEWAY Advantages Disadvantages • Higher security than packet filters • Only need to scrutinize a few allowable applications • Easy to log and audit all incoming traffic • Additional processing overhead on each connection (gateway as splice point) 13
- 14. TYPES OF FIREWALLS 3. Circuit-level Gateway 14
- 15. CIRCUIT-LEVEL GATEWAY • The security function consists of determining which connections will be allowed • Typically use is a situation in which the system administrator trusts the internal users • An example is the SOCKS package 15
- 16. FIREWALL CONFIGURATIONS • Bastion host • Dual homed gateway • Screened host firewall system • Screened-subnet firewall system 16
- 19. FIREWALLS V/S PACKET FILTERS Firewalls : • A firewall is a computer connected to both a private (protected) network and a public (unprotected) network, which receives and resubmits specific kinds of network requests on behalf of network clients on either the private or public network. • Firewalls are not routers or address translators. Never does a firewall copy or forward a packet from the internal network to the external network, or vice versa. The internal network uses private address space. • Firewalls involve proxies. A proxy acts as a middle-man in a network transaction. Rather than allowing a client to speak directly to a server, the proxy server receives the request from the client, and then resubmits the request, on behalf of the client, to the target server. 19
- 20. FIREWALLS V/S PACKET FILTERS Packet Filters : • A packet filter is a set of rules, applied to a stream of data packets, which is used to decide whether to permit or deny the forwarding of each packet. Using a packet filter, an administrator can decide what types of packets are allowed into or out of a network or computer. • It is worth noting that any good firewall will also employ packet filtering. This is done to protect the firewall itself from intrusion and to isolate intruders from the internal network should an attacker gain control of the firewall. • Some devices, such as the Cisco PIX, combine address translation with packet filtering. Like a firewall, this prevents the outside network from having knowledge of the address space on the protected network. This certainly improves security, but, strictly speaking, this is not a firewall. 20
- 21. WHEN YOU WOULD WANT A THIRD-PARTY FIREWALL • By default, the Windows firewall only does what’s really important: block incoming connections. It has some more advanced features, but they’re in a hidden, harder-to- use interface. • For example, most third-party firewalls allow you to easily control which applications on your computer can connect to the Internet. They’ll pop up a box when an application first initiates an outgoing connection. This allows you to control which applications on your computer can access the Internet, blocking certain applications from connecting. This can be a little annoying, but it does give you more control if you’re a power user. • If you want a firewall with loads of features, Glassware is a third party firewall that is really nice. Rather than just being a firewall, it also shows you beautiful graphs of network activity, lets you drill down into exactly which application is connecting to where, and how much bandwidth an individual application is using. 21
- 22. THANK YOU 22