Firewall

14,394 views

Published on

Published in: Technology
0 Comments
25 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
14,394
On SlideShare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
2,022
Comments
0
Likes
25
Embeds 0
No embeds

No notes for slide

Firewall

  1. 1. June 20 th 2008
  2. 2. Firewall: Introduction to the past <ul><li>Idea came from construction industry in 19 th century. </li></ul><ul><ul><li>Structure of metal sheets in houses, flights etc were the first physical firewall. </li></ul></ul><ul><ul><li>Metal sheets protected from fire. </li></ul></ul><ul><li>In 1980’s </li></ul><ul><ul><li>Usage of internet was rapidly growing. </li></ul></ul><ul><ul><li>Businesses established and implemented networks. </li></ul></ul><ul><ul><ul><li>Difficulties faced ! </li></ul></ul></ul><ul><ul><ul><ul><li>Huge network data traffic. </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Allocating the different networks. </li></ul></ul></ul></ul><ul><ul><ul><li>Solutions ! </li></ul></ul></ul><ul><ul><ul><ul><li>Procedure of firewall implemented in routers. </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Networks were controlled. </li></ul></ul></ul></ul>
  3. 3. Firewall: People who made it important. <ul><ul><ul><ul><li>Clifford Stoll a US astronomer and computer expert, discovered that German spies accessing his system. After this incident US started to implement firewall security in the government networks. </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Bill Cheswick the author of the famous security book “Firewalls and Internet Security” set up a simple electronic jail to observe an attacker. He devoted himself and brought a huge impact on awareness of firewall and internet and network security. </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Robert Tappan Morris created Morris Worm which was the virus that awakened all the network administrators and made them think of the importance of firewall. The networks administrators weren’t expecting anything like this. The worm spread around networks around the world. 10% of the internet was infected. </li></ul></ul></ul></ul>
  4. 4. A Firewall <ul><li>A program or a hardware device. </li></ul><ul><li>Filters packets. </li></ul><ul><li>Unauthorized and authorized data goes through the filter. </li></ul><ul><li>Unauthorized packets or data are blocked in and out of the network. </li></ul><ul><li>Rules to the firewall are set and updated by the network administrator. </li></ul><ul><li>Firewall sits between as a barrier between internet and internal network. </li></ul>
  5. 5. Types of firewall <ul><li>There are three types of firewalls. </li></ul><ul><ul><li>Personal firewall </li></ul></ul><ul><ul><li>Organization firewall. </li></ul></ul><ul><ul><li>Enterprise firewall. </li></ul></ul>
  6. 6. Personal Firewall <ul><li>Mostly found on single computers. </li></ul><ul><li>Protect the computer in means of software. </li></ul><ul><li>Hardware can also be used in this type of firewall. </li></ul><ul><li>Have limited reporting and management features. </li></ul>
  7. 7. Organization firewall <ul><li>Found in organization or an offices. </li></ul><ul><li>Handles limited number of computers. 50-100pc’s </li></ul><ul><li>Screens network traffic. </li></ul><ul><li>Reporting and management capabilities far better than a personal firewall. </li></ul>
  8. 8. Enterprise firewall <ul><li>Compatible for larger organizations. </li></ul><ul><li>Can handle with thousands of users. </li></ul><ul><li>Able to report for multiple firewalls. </li></ul><ul><li>The management tools enable to configure multiple firewalls in a single click. </li></ul>
  9. 9. Generation of firewall <ul><li>Evolved into different faces past decade. </li></ul><ul><li>Continuation of research on firewall. </li></ul><ul><li>Implementing the researches. </li></ul><ul><li>The evolution of firewall and its categories </li></ul><ul><ul><li>Packet filters </li></ul></ul><ul><ul><li>Circuit Level Gateways </li></ul></ul><ul><ul><li>Proxy server/Application layer </li></ul></ul><ul><ul><li>Stateful filters </li></ul></ul>
  10. 10. Packet filters <ul><li>Developed by Digital Equipment Corporation in 1988. </li></ul><ul><li>Known to be the first filter system of its own kind. </li></ul><ul><li>Bill Cheswick and Steve Bellovin researched and developed a working model of packet filters. </li></ul><ul><li>Packet filters inspects the packets. </li></ul><ul><li>If the packets doesn't meet up with filtering rules. </li></ul><ul><li>It is either rejected or dropped. </li></ul><ul><li>Packet filters doesn't check whether the packet belongs to local network. </li></ul><ul><li>It filters the packets based only on information. </li></ul>
  11. 11. Packet filters
  12. 12. Circuit Level Gateways <ul><li>It works at the session layer of the OSI reference model. </li></ul><ul><li>Monitors TCP handshaking between packets. </li></ul><ul><li>Determines whether a request session is valid. </li></ul><ul><li>Used to hide information about the network. </li></ul><ul><li>An example of circuit level gateways can be web browsing. As it only depends on the packets between web browser and the internet </li></ul>
  13. 13. Circuit Level Gateways
  14. 14. Proxy server/Application layer <ul><li>Proxy server firewalls are also known as application layer firewall. </li></ul><ul><li>AT&T Bell Laboratories developed the system. </li></ul><ul><li>It requires separate network service configuration on the firewall. </li></ul><ul><li>The rules for the services must be specified by network administrators. </li></ul><ul><li>For example a firewall that supports HTTP, FTP and SMTP will not support Telnet, as telnet rules are not specified in the firewall. </li></ul>
  15. 15. Proxy server/Application layer
  16. 16. Stateful filters <ul><li>It provides more protection than other filters. </li></ul><ul><li>Uses methods from other filters. </li></ul><ul><li>Multiple packet filtering. </li></ul><ul><li>Denial-of-service attacks and other hacks can be reduced. </li></ul>
  17. 17. The Firewall Topology <ul><li>Different ways firewall can be set up on a network. </li></ul><ul><li>Can have a very simple setup which is enough for protecting personal computer. </li></ul><ul><li>More complicated setup which will provide more protection and security for huge networks. </li></ul><ul><li>Firewall topology comes in three types, they are </li></ul><ul><ul><li>Dual homed gateway firewalls. </li></ul></ul><ul><ul><li>Screened host firewalls. </li></ul></ul><ul><ul><li>Screened subnet firewalls. </li></ul></ul>
  18. 18. Dual homed gateway firewalls <ul><li>Found in small networks at home etc. </li></ul><ul><li>Provides internal and external protection for local networks. </li></ul><ul><li>Does not allow forwarding of IP packets. </li></ul><ul><li>Can filter multiple packets with a packet filtering router for more additional protection </li></ul>
  19. 19. Dual homed gateway firewalls
  20. 20. Screened host firewalls <ul><li>Found in organizations and businesses. </li></ul><ul><li>Mainly secured with Bastion Host and Router. </li></ul><ul><li>Bastion Host : </li></ul><ul><ul><li>Consist of bastion software which can scan. </li></ul></ul><ul><ul><li>Checks and scan with applications only. </li></ul></ul><ul><ul><li>Consists of two network cards. </li></ul></ul><ul><ul><li>Scans all the incoming and outgoing information and packets. </li></ul></ul><ul><li>Router : </li></ul><ul><ul><li>Filters the information in data packets. </li></ul></ul><ul><ul><li>Rout the data to the location. </li></ul></ul>
  21. 21. Screened host firewalls
  22. 22. Screened subnet firewalls <ul><li>Found in enterprises. </li></ul><ul><li>Uses a combination of two screening routers. Which are Internal and External screening routers. </li></ul><ul><li>External Screening Router : </li></ul><ul><ul><li>Separates internet from public accessibility to the internal subnet. </li></ul></ul><ul><ul><li>Blocks the packets which are directly addressed to the internal hosts. </li></ul></ul><ul><ul><li>Blocks packets for unauthorized services. </li></ul></ul><ul><ul><li>Packets that can pass through are those packets which has the source or destination IP same as the firewalls IP. </li></ul></ul><ul><li>Internal Screening Router : </li></ul><ul><ul><li>Separates the hosts that are publicly accessible to the internal network. </li></ul></ul><ul><ul><li>Blocks all packets except the source or destination IP same as the firewalls IP. </li></ul></ul><ul><ul><li>Can be extended according to the services defined by the firewall. </li></ul></ul>
  23. 23. Screened Subnet Firewalls
  24. 24. Choices of firewall <ul><li>Software Firewalls </li></ul><ul><li>Hardware Firewalls </li></ul>
  25. 25. Software Firewalls <ul><li>Most popular firewall choice for individual computers. </li></ul><ul><li>Allows controlling functions and protection features. </li></ul><ul><li>Protect computer against common trojans, viruses and email worms etc. </li></ul><ul><li>Blocks unsafe applications from running on the system. </li></ul><ul><li>May also include privacy controls, web filtering etc. </li></ul><ul><li>Will only protect the computer installed on. </li></ul>
  26. 26. Some known software firewalls <ul><li>Kaspersky Internet Security: </li></ul><ul><ul><li>Provides a comprehensive security tool kit. </li></ul></ul><ul><ul><li>A nicely organized interface. </li></ul></ul><ul><ul><li>Protects from malware, dos attacks etc. Has a powerful firewall. </li></ul></ul>Kaspersky Internet Security interface
  27. 27. Some known software firewalls <ul><li>Norton 360: </li></ul><ul><ul><li>Has the best value for easy use of tools offered, and </li></ul></ul><ul><ul><li>overall system performance. </li></ul></ul><ul><ul><li>Uses multiple tools to control the firewall. </li></ul></ul>Norton 360: Firewall Protection Setting interface
  28. 28. Some known software firewalls <ul><li>Zone Alarm Internet Security Suite: </li></ul><ul><ul><li>Compared to other softwares, one of the best firewall software. </li></ul></ul><ul><ul><li>Has light weight software. </li></ul></ul><ul><ul><li>Best performance at home use. </li></ul></ul>Zone Alarm: Firewall Protection Setting interface
  29. 29. Hardware Firewalls <ul><li>Stand alone hardware component. </li></ul><ul><li>Comes in broadband routers. </li></ul><ul><li>It is an important part of network set up and network security. </li></ul><ul><li>Very effective with little or no configuration. </li></ul><ul><li>Can protect large businesses and enterprises and protects every computer. </li></ul><ul><li>Uses packet filtering to examine the header of the packet and determines its source and destination. </li></ul><ul><li>Using predefined or user created rules it forwards or drops a packet. </li></ul>
  30. 30. Some known hardware firewalls <ul><li>D-Link: D-Link DIR-655 Xtreme N Gigabit Router </li></ul><ul><ul><li>Has fast performance. </li></ul></ul><ul><ul><li>A combination of latest in built wireless security and intergraded </li></ul></ul><ul><ul><li>wireless security wizard is used. </li></ul></ul><ul><ul><li>Controlled very easily. </li></ul></ul>DIR 655 : Configuration Page
  31. 31. Some known hardware firewalls <ul><li>Cisco: ASA 5550 Firewall </li></ul><ul><ul><li>Delivers advanced threat defense service. </li></ul></ul><ul><ul><li>Network and application traffic will be protected. </li></ul></ul><ul><ul><li>Defensive from worms, virus and network attacks such as denial of services or DDOS. </li></ul></ul><ul><ul><li>Spyware and adware protection. </li></ul></ul>Cisco ASA Software for ASA 5500
  32. 32. Future of firewall <ul><li>Market idea will remain. </li></ul><ul><li>Hardware components may be included in the future personal computers as personal firewalls. </li></ul><ul><li>Supercomputers, Mainframe computers and mini computers may come up with, its own firewall technology in the near future. </li></ul><ul><li>Influence of viruses and network attacks. </li></ul><ul><li>Combining firewall </li></ul>
  33. 33. Conclusion <ul><li>Firewall technology has evolved significantly since the days of basic packet filters and network address translation. </li></ul><ul><li>A research today makes technology of tomorrows firewall. Firewall comes in different types and topologies. </li></ul><ul><li>These types and topologies helps to ensure that networks and networks of networks the internet have a secure connection between each other. </li></ul><ul><li>Furthermore local networks are also protected under firewalls which suites for the size of the network. </li></ul><ul><li>The future of firewall depends on the hands of todays influences such as network security threats and viruses. </li></ul>

×