Published on

Published in: Technology
1 Comment
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. Firewall Page 1 out of 26 Mohamed Afzal Amir
  2. 2. Content Introduction to firewall 3 Firewalls Today 5 Types of firewall 6 • Personal Firewall 6 • Organization Firewall 6 • Enterprise Firewall 7 Generation of firewall: How firewall have evolved 8 • Packet Filters 9 • Circuit Level Gateways 10 • Proxy server/Application layer 11 • Stateful Filters 12 The Firewall Topology 13 • Dual homed gateway firewalls 14 • Screened host firewalls 15 • Screened subnet firewalls 16 Choices of firewall 17 • Software Firewalls 17 Some Known Software Firewalls o Kaspersky Internet Security 18 o Norton 360 19 o Zorn Alarm Internet Security 20 • Hardware Firewalls 21 Some Known Hardware Firewalls 22 o D-Link: D-Link DIR-655 Xtreme N Gigabit Router 22 o Cisco: ASA 5550 Firewall 23 Future of firewall 24 Conclusion 25 Firewall Page 2 out of 26 Mohamed Afzal Amir
  3. 3. Introduction to firewall The idea of firewall emerged from construction industry. It was in the 19th century the building of flights, houses etc. The structure of the metal sheets in these houses, flights were called physical firewall. It was a pretty silly name at that time, but the barrier of metal sheets protected from fire. Firewall the word neither had any impact on the developing computer age at that time. In late 1980’s the usage of internet among people started growing rapidly. Companies from small to huge corporations started implementing network among their business. So there were huge traffic and the allocation of different networks was a head aching job for the network administrators. The procedure of firewalls for network security was then introduced to routers used in the late 1980s to separate networks from one another. Although the view of internet at that time was in the business area, small internet communities and individuals were the major internet security threat to these businesses. And firewall was the savior of networks threats such as data stealing, unauthorized access etc. These people made firewall an important element in network security: • Clifford Stoll a US astronomer and computer expert, discovered that German spies accessing his system. After this incident US started to implement firewall security in the government networks. Firewall Page 3 out of 26 Mohamed Afzal Amir
  4. 4. • Bill Cheswick the author of the famous security book “Firewalls and Internet Security” set up a simple electronic jail to observe an attacker. He devoted himself and brought a huge impact on awareness of firewall and internet and network security. • Robert Tappan Morris created Morris Worm which was the virus that awakened all the network administrators and made them think of the importance of firewall. The networks administrators weren’t expecting anything like this. The worm spread around networks around the world. 10% of the internet was infected. Firewall Page 4 out of 26 Mohamed Afzal Amir
  5. 5. Firewalls Today Today firewall is defined as a barrier to keep destructive forces away. In computer world firewall is simply a program or a hardware device that filters the information coming through the internet or local networks. When an unauthorized data goes through the filter, it recognizes the data and it blocks the data going in or out of the network. The set of rules are set by the network administrator and the transmitted data are inspected by firewall and then unauthorized data is terminated. Today the internet is considered to be a zone with no trust and an internal network which is a zone of higher trust. Firewall Page 5 out of 26 Mohamed Afzal Amir
  6. 6. Types of firewall Firewall usually depends on three types. They are Personal Firewall, Organization firewall and Enterprise firewall. Normally the types of firewall are determined to check out the amount of users of the firewall. • Personal firewall: A personal firewall is mostly found on single computers. It is most likely to protect the computer in means of software. In rare cases hardware is also used in this type of firewall. They are also found in small networks and are known to have limited reporting and management features. • Organization firewall: These firewalls are designed to protect all the computers in an organization or an office of a limited size. Although it can handle limited number of computers it can screen network traffic and has reporting and management capabilities far better than a personal firewall. Firewall Page 6 out of 26 Mohamed Afzal Amir
  7. 7. • Enterprise firewall: Enterprise firewalls are appropriate for larger organizations which includes organizations thousands of users. The reporting capabilities include reports for multiple firewalls. In addition the management tools enable to configure multiple firewalls in a single click. Firewall Page 7 out of 26 Mohamed Afzal Amir
  8. 8. Generation of firewall: How firewall have evolved Firewall has evolved into its different faces in past 4 decade. Researches have been made and are been going now and then. And these researches have been implemented in its every generation. Each generation consists of different filter mechanism and more and more secure versions of the firewall it self. Firewall Page 8 out of 26 Mohamed Afzal Amir
  9. 9. Packet filters In 1988 engineers from Digital Equipment Corporation developed a filter system known as packet filter firewalls. This system was fairly known as the first generation of firewall. But it evolved highly into important internet security feature. Furthermore Bill Cheswick and Steve Bellovin continued their research in packet filtering and developed a working model for their company AT&T Bell Labs. This model was based on the first generations filter system. Packet filters inspects the packets which represent the basic unit of data transfer between computers and the internet. If the packet meets up with filtering rules, it is then dropped or rejected and sends an error message. In this model packet filters doesn’t pay any attention to whether the packet belongs to local network, instead of that it filters the packets based only on information it has. In addition in this packet filtering system, it pays no attention to whether the packets are part of the local network. Instead of that it only filters the information in the packet it self. Firewall Page 9 out of 26 Mohamed Afzal Amir
  10. 10. Circuit Level Gateways Circuit level gateways works at the session layer of the OSI reference model. They monitor TCP handshaking between packets to determine whether a requested session is valid or not. This is useful for hiding information about protected networks. Circuit level gateways have the advantage of hiding information about the private network. On the other hand they do not filter individual packets. An example of circuit level gateways can be web browsing. As it only depends on the packets between web browser and the internet As in the diagram the packets out from the internet gets into the network. And the responding packets get out. Firewall Page 10 out of 26 Mohamed Afzal Amir
  11. 11. Proxy server/Application layer Proxy server firewalls are also known as application layer firewall. The idea came from the researches in AT&T Bell Laboratories. Compared to Circuit level gateway, proxy server firewalls required separate network service configuration on the firewall. The rules for the services must be specified by network administrators. For example a firewall that supports HTTP, FTP and SMTP will not support Telnet, as telnet rules are not specified in the firewall. An authorized user can access to the corporate LAN and Application Gateway because the firewall has given the network service to the user. While a hacker is not authorized so they are given an error. Another would be normal user can gain access into the HTTP, FTP & SMTP as they are given a separate network configuration for them. While they cannot access the administrator level network services such as telnet or remote administrator tool application. Firewall Page 11 out of 26 Mohamed Afzal Amir
  12. 12. Stateful filters Stateful multilayer firewalls provide more protection than other filters. This is because it has multilayer inspection firewall which offers the functionality of packet filter system and proxy server firewall. This type of firewall can help prevent attacks which exploit existing connections, or certain Denial of service attacks. Firewall Page 12 out of 26 Mohamed Afzal Amir
  13. 13. The Firewall Topology The firewall topology is the different ways a firewall can be set up on a network. Depending on the needs firewalls can have a very simple setup which is enough for protecting personal computer or small network and there is more complicated setup which will provide more protection and security. Firewall topology comes in three types, they are • Dual homed gateway firewalls. • Screened host firewalls. • Screened subnet firewalls. Firewall Page 13 out of 26 Mohamed Afzal Amir
  14. 14. Dual Homed Gateway Firewalls Dual homed gateway firewalls provides internal and external protection for local networks. The name dual homed is given because it uses two network interface and mostly are found in small networks. In this firewall it does not allow the forwarding of IP packets. This makes sure that no data is allowed to pass directly to the internal users in the network. The main reason to implement dual homed firewalls is that it can filter multiple packets with a packet filtering router for more additional protection. This topology is mostly found in home networks. Firewall Page 14 out of 26 Mohamed Afzal Amir
  15. 15. Screened Host Firewalls Screened host firewalls are designed with bastion host and with a screened router. Mainly the bastion host and screened router act as the main security in screened host. The bastion software scans and takes care of the applications while the router filters the data packets. The bastion host consists of two network cards, one for the transmission of data within the intranet and another for connecting to the intranet. Before the any information is authorized to pass through the network the screening router filters and checks the information contained in the packets. After passing the filters another security check upon applications are carried out by bastion host. It checks all the incoming and outgoing information and packets that the network sends. This topology usually considerably is used in business and organizational areas. Firewall Page 15 out of 26 Mohamed Afzal Amir
  16. 16. Screened Subnet Firewalls This is the topology where a combination of two screening routers is used. The first screening router separates internet from public accessibility to the internal subnet. The second screening router is an internal screening router. It separates the hosts that are publicly accessible to the internal network. The external screening routers duty is to block the packets which are directly addressed to the internal hosts in the network. It also blocks packets for unauthorized services. The only packets that can pass through are those packets which has the source or destination IP same as the firewalls IP. The internal screening router has the job of blocking all packets except the source or destination IP same as the firewalls IP. It can also be extended according to the services defined by the firewall. Firewall Page 16 out of 26 Mohamed Afzal Amir
  17. 17. Choices of firewall Software Firewalls For individuals the most popular firewall choice is a software firewall. Software firewalls are installed in the individual computers and are also customizable. Furthermore software firewall allows controlling some of its function and protection features. A software firewall will protect computer from outside attempts such as common trojan programs, viruses and email worms etc. Many software firewalls have user defined controls for setting up safe file and printer sharing and also blocks unsafe applications from running on the system. Further more software firewalls may also include privacy controls, web filtering etc. The disadvantage of software firewalls is that they will only protect the computer they are installed on. The rest of the network needs each and every computer to have a software firewall separately. Firewall Page 17 out of 26 Mohamed Afzal Amir
  18. 18. Some known software firewalls Kaspersky Internet Security: It provides a comprehensive security tool kit with a nicely organized interface. Protects from malware, viruses etc. Has a powerful firewall. Kaspersky Internet Security interface Firewall Page 18 out of 26 Mohamed Afzal Amir
  19. 19. Norton 360: Has the best value for easy use of tools offered, and overall system performance. Use multiple tools to control the firewall. Firewall Page 19 out of 26 Mohamed Afzal Amir
  20. 20. Norton 360 interface Firewall Page 20 out of 26 Mohamed Afzal Amir
  21. 21. Zone Alarm Internet Security Suite: Compared to other softwares, one of the best firewall tool. Has light weight software which performs best in home use. Zone Alarm: Firewall Protection Setting interface Firewall Page 21 out of 26 Mohamed Afzal Amir
  22. 22. Hardware Firewalls Hardware firewalls are stand alone hardware component but most recently hardware firewalls are mostly found in broadband routers. Furthermore it is considered to be an important part of network set up and its security. Hardware firewalls can be effective with little or no configuration, and they can protect every machine on a local network. Most hardware firewalls will have a minimum of four network ports to connect other computers, but for larger networks switches and hubs are also used. A hardware firewall uses packet filtering to examine the header of the packet and determines its source and destination. This information is compared to a set of predefined or user created rules that determine whether the packet is to be forwarded or dropped. Firewall Page 22 out of 26 Mohamed Afzal Amir
  23. 23. Some known hardware firewalls D-Link: D-Link DIR-655 Xtreme N Gigabit Router is a router which has fast performance. It has a combination of latest in built wireless security and includes intergraded wireless security wizard. This router can be controlled very easily through the high Graphical User Interface it provides. DIR 655 Xtreme N: Configuration Page Firewall Page 23 out of 26 Mohamed Afzal Amir
  24. 24. Cisco: ASA 5550 Firewall delivers advanced threat defense service. This means network and application traffic will be protected. It is also defensive from worms, virus and network attacks such as denial of services or ddos. Spyware and adware protection is also available in this firewall. Cisco ASA Software for ASA 5500 Firewall Page 24 out of 26 Mohamed Afzal Amir
  25. 25. Future of firewall Todays firewalls dont just filter packets but also do more advance things like checking whether incoming packets contain dangerous code or decoding email messages and passing their attachments to an anti virus program. The only problem with todays firewall is that none of the products on the market are focused to the best. Because of the vast use of internet and networks, the firewall has been an essential hardware and software for the security of these things. So in business means firewalls will never be the best, but the new firewall which comes after the old one to the market will always be better. It is believed that this market idea shall remain in firewall business in the near future decades. Still we will get newer and better firewalls in the future. Software is believed to be evolved with hardware and both hardware and software will one day work together meaning every function of the hardware shall be controlled in the future firewalls. Firewall hardware components may be included in the future personal computers as personal firewalls. Supercomputers, Mainframe computers and mini computers may come up with, its own firewall technology in the near future. Furthermore the researches done today shall be implemented in the future firewalls. More over it is also believed that future network attacks can be blocked before it reaches to the network. As seen before Morris worm was one of the influential things which brought up firewall. In the end the future firewalls would be depended upon a combination of security tools and hardware. Firewall Page 25 out of 26 Mohamed Afzal Amir
  26. 26. Conclusion Firewall technology has evolved significantly since the days of basic packet filters and network address translation. A research today makes technology of tomorrows firewall. Firewall comes in different types and topologies. These types and topologies helps to ensure that networks and networks of networks the internet have a secure connection between each other. Furthermore local networks are also protected under firewalls which suites for the size of the network. The future of firewall depends on the hands of todays influences such as network security threats and viruses. Firewall Page 26 out of 26 Mohamed Afzal Amir