SlideShare a Scribd company logo

firrewall and intrusion prevention system.pptx

F
fatimagull32

firewalls need of firewalls characteristics of firewalls access policy for firewall types of firewalls

Education
1 of 23
FIREWALLS & INTRUSION PREVENTION SYSTEMS Group#04
NEED FOR FIREWALL 01
 Need for Firewall  Protects System from Vulnerable Services : For example, firewalls could be configured to block services like NFS from entering or leaving the subnet.  Controlled Access to Systems : For example, seal off access to some information servers (like database servers) while allowing the others (like mailing servers).  Privacy : Firewalls can block useful information from reaching the hands of attackers.  Security: Firewalls offers a high degree of security because they provide a single point at which security needs to be maintained.  Protection of network and its resources: To protect our network & its resources from malicious users & accidents that originate outside of our network.  Firewall “Monitors and controls incoming and out coming traffic based on a predefined rules”
FIREWALL CHARACTERISTICS AND ACCESS POLICY 02
 Characteristics of firewall  All traffic from inside to outside, and vice versa, must pass through the firewall. This is achieved by physically blocking all access to the local network except via the firewall.  Only authorized traffic, as defined by the local security policy, will be allowed to pass. Various types of firewalls are used, which implement various types of security policies.  The firewall itself is immune to penetration. This implies the use of a hardened system with a secured operating system. Trusted computer systems are suitable for hosting a firewall and often required in government applications.
 Firewall Access Policy  A critical component in the planning and implementation of a firewall is specifying a suitable access policy o Types of traffic authorized to pass through the firewall. o Includes address ranges, protocols, applications and content types  The policy should be developed from the organization’s security risk assessment.  Should be developed from a broad specification of which traffic types the organization needs to support o Then refined to detail the filter elements which can then be implemented within an appropriate firewall topology.
TYPES OF FIREWALLS 03
Types of Firewall Different types of firewalls are as follows: 1. Packet Filtering Firewall: A packet filtering firewall applies a set of rules to each incoming and outgoing IP packet and then forwards or discards the packet. Filtering rules are based on information contained in a network packet:  Source IP address: The IP address of the system that originated the IP packet (e.g., 192.178.1.1).  Destination IP address: The IP address of the system the IP packet is trying to reach (e.g., 192.168.1.2).  Source and destination transport-level address: The transport-level (e.g., TCP or UDP) port number, which defines applications such as SNMP or TELNET. •  IP protocol field: Defines the transport protocol.  Interface: For a firewall with three or more ports, which interface of the firewall the packet came from or which interface of the firewall the packet is destined for.
 Types of Firewall 2. Stateful Inspection Firewall: A stateful packet inspection firewall tightens up the rules for TCP traffic by creating a directory of outbound TCP connections.  There is an entry for each currently established connection.  The packet filter will now allow incoming traffic to high- numbered ports only for those packets that fit the profile of one of the entries in this directory. A stateful packet inspection firewall reviews the same packet information as a packet filtering firewall, but also records information about TCP connections.  keep track of TCP sequence numbers to prevent attacks that depend on the sequence number  inspect data for protocols like FTP, IM, and SIPS
 Types of Firewall: 3. Application Proxy Firewall: An application – level gateway, also called an application proxy, acts as a rely of application – level traffic.  user requests service from proxy.  proxy validates request as legal.  then actions request and returns result to user.  can log / audit traffic at application level. Advantages of application proxy firewall  More secure than packet filter firewalls  Easy to log and audit incoming traffic Disadvantages of application proxy firewall  Additional processing overhead on each connection
 Types of Firewall 4. Circuit-Level Proxy firewall: This can be a stand – alone system or it can be a specialized functions performed by an application – level gateway for certain applications.  It does not permit an end – to – end TCP connection; rather, the gateway sets two TCP connections.  A typical use of the circuit – level gateway is a situation in which the system administrator trusts the internal users.  The gateway can be configured to support application – level or proxy service on inbound connections and circuit – level functions for outbound connections. Advantages of circuit-level proxy firewall  comparatively inexpensive and provide Anonymity to the private network. Disadvantages of circuit-level proxy firewall  do not filter Individual Packets
FIREWALL BASIING 04
 Firewall Basing It is common to base a firewall on a stand-alone machine running a common operating system, such as UNIX or Linux. Some additional firewall basing are as follows: 1. Bastion Host: A bastion host is a system identified by the firewall administrator as a critical strong point in the network’s security. It serves as a platform for an application level or circuit level gateway. Some common characteristics : o Executes a secure version of its OS, making it a hardened system. o Only the services that the network administrator considers essential are installed on the bastion host. o It may require some additional authentication before user is allowed access to the proxy services. 2. Host-based Firewalls: A host based firewall is a software module used to secure an individual host. Such modules are available in many OS or can be provided as an add-on packages. It filters and restricts the flow of packages.
 Firewall Basing 2. Host – based Firewalls: Advantages of host based firewalls are as follows:  Filtering rules can be tailored to the host environment  Protection is provided independent of technology. 3. Personal Firewalls: Personal firewall controls traffic between a personal computer or work – stations on one side and the Internet or Enterprise network on the other side.  These functionality can be used in the home environment and on corporate internets. It is the software module on the personal computer.  Firewall functionality can also be housed in a router that connects all of the home computers to a DSL, cable modem, or other internet interface.
FIREWALL LOCATION AND CONFIGURATION 05
Firewall Location and configuration a firewall is positioned to provide a protective barrier between an external source of traffic and an internal network  DMZ Networks: a common firewall configuration that includes an additional network segment between an internal and an external firewall. An external firewall is placed at the edge of a local or enterprise network, just inside the boundary router that connects to the Internet or some wide area network (WAN). One or more internal firewalls protect the bulk of the enterprise network. Between these two types of firewalls are one or more networked devices in a region referred to as a DMZ (demilitarized zone) network.  Virtual Private Networks: a VPN consists of a set of computers that interconnect by means of a relatively unsecure network and that make use of encryption and special protocols to provide security. At each corporate site, workstations, servers, and databases are linked by one or more local area networks (LANs).
Firewall Location and configuration  Distributed Firewalls: These firewalls protect against internal attacks and provide protection tailored to specific machines and applications. An important aspect of a distributed firewall configuration is security monitoring.  Summary of Firewall Locations and Topologies: A spectrum of firewall locations and topologies.  Host-resident firewall  Screening router  Single bastion inline:  Single bastion  Double bastion inline  Double bastion  Distributed firewall configuration
INTRUSION PREVENTION SYSTEMS 06
Intrusion Prevention Systems The range of security products is the intrusion prevention system (IPS), also known as intrusion detection and prevention system (IDPS). It is an extension of an IDS that includes the capability to attempt to block or prevent detected malicious activity.  Host-Based IPS: A host-based IPS (HIPS) can make use of either signature/heuristic or anomaly detection techniques to identify attacks. . Examples of the types of malicious behavior addressed by a HIPS include the following: o Modification of system resources o Privilege-escalation exploits  Network-Based IPS: The IPS device applies filters to the full content of the flow every time a new packet for the flow arrives. When a flow is determined to be malicious, the latest and all subsequent packets belonging to the suspect flow are dropped
Intrusion Prevention Systems  Distributed or Hybrid: The final category of IPS is in a distributed or hybrid approach. This gathers data from a large number of host and network-based sensors, relays this intelligence to a central analysis system able to correlate, and analyze the data, which can then return updated signatures and behavior patterns to enable all of the coordinated systems to respond and defend against malicious behavior. A number of such systems have been proposed. One of the best known is the digital immune system.  Snort Inline: Snort Inline adds three new rule types that provide intrusion prevention features:  Drop: Snort rejects a packet based on the options defined in the rule and logs the result.  Reject: Snort rejects a packet and logs the result  Sdrop: Snort rejects a packet but does not log the packet.
EXAMPLE: UNIFIED THREAT MANAGEMENT PROODUCTS 07
Unified Threat Management Product “Products that include multiple security features integrated into one box. To be included in this category, [an appliance] must be able to perform network firewalling, network intrusion detection and prevention and gateway anti-virus. All of the capabilities in the appliance need not be used concurrently, but the functions must exist inherently in the appliance.”
THANK YOU FOR YOUR ATTENTION!!!

Recommended

Ch20 book
Ch20 bookCh20 book
Ch20 bookamitnitttr
 
Describe what you would do to protect a network from attack, mention .pdf
Describe what you would do to protect a network from attack, mention .pdfDescribe what you would do to protect a network from attack, mention .pdf
Describe what you would do to protect a network from attack, mention .pdfjibinsh
 
Firewall
Firewall Firewall
Firewall Amuthavalli Nachiyar
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...ams1ams11
 
[9] Firewall.pdf
[9] Firewall.pdf[9] Firewall.pdf
[9] Firewall.pdflamtran367679
 
internet-firewalls
internet-firewallsinternet-firewalls
internet-firewallsMiftakhul Hijriyah
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxShreyaBanerjee52
 

Recommended

Ch20 book
Ch20 bookCh20 book
Ch20 bookamitnitttr
 
Describe what you would do to protect a network from attack, mention .pdf
Describe what you would do to protect a network from attack, mention .pdfDescribe what you would do to protect a network from attack, mention .pdf
Describe what you would do to protect a network from attack, mention .pdfjibinsh
 
Firewall
Firewall Firewall
Firewall Amuthavalli Nachiyar
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...ams1ams11
 
[9] Firewall.pdf
[9] Firewall.pdf[9] Firewall.pdf
[9] Firewall.pdflamtran367679
 
internet-firewalls
internet-firewallsinternet-firewalls
internet-firewallsMiftakhul Hijriyah
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxShreyaBanerjee52
 
What are the Different Types of Firewall and its Architectures.pdf
What are the Different Types of Firewall and its Architectures.pdfWhat are the Different Types of Firewall and its Architectures.pdf
What are the Different Types of Firewall and its Architectures.pdfIT AMC Support Dubai - Techno Edge Systems LLC
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptOECLIB Odisha Electronics Control Library
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdfImXaib
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its typesMohammed Maajidh
 
Firewall
FirewallFirewall
Firewalltrilokchandra prakash
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet BawaPuneet Bawa
 
Firewall
FirewallFirewall
FirewallNaga Dinesh
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Radhika Talaviya
 
Firewalls
FirewallsFirewalls
FirewallsDeevena Dayaal
 
Firewall
FirewallFirewall
Firewallsyeda zoya mehdi
 
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPUREFIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURESakshiSolapure1
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)Amare Kassa
 
Firewall
FirewallFirewall
Firewallreddivarihareesh
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfDr. Shivashankar
 
Ch05 Network Defenses
Ch05 Network DefensesCh05 Network Defenses
Ch05 Network DefensesInformation Technology
 
Firewalls
FirewallsFirewalls
FirewallsVibhor Raut
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptRevanth71
 
A firewall is a network security device.
A firewall is a network security device.A firewall is a network security device.
A firewall is a network security device.abidhassan225
 
Firewalls
FirewallsFirewalls
FirewallsUniversity of Central Punjab
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 

More Related Content

Similar to firrewall and intrusion prevention system.pptx

Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdfImXaib
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet BawaPuneet Bawa
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Radhika Talaviya
 
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPUREFIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURESakshiSolapure1
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)Amare Kassa
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfDr. Shivashankar
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptRevanth71
 
A firewall is a network security device.
A firewall is a network security device.A firewall is a network security device.
A firewall is a network security device.abidhassan225
 

Similar to firrewall and intrusion prevention system.pptx (20)

What are the Different Types of Firewall and its Architectures.pdf
What are the Different Types of Firewall and its Architectures.pdfWhat are the Different Types of Firewall and its Architectures.pdf
What are the Different Types of Firewall and its Architectures.pdf
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
 
Firewall
FirewallFirewall
Firewall
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet Bawa
 
Firewall
FirewallFirewall
Firewall
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall
FirewallFirewall
Firewall
 
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPUREFIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
FIREWALL PROJECT.pptx BY SAKSHI SOLAPURE
 
Security assignment (copy)
Security assignment (copy)Security assignment (copy)
Security assignment (copy)
 
Firewall
FirewallFirewall
Firewall
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdf
 
Ch05 Network Defenses
Ch05 Network DefensesCh05 Network Defenses
Ch05 Network Defenses
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
A firewall is a network security device.
A firewall is a network security device.A firewall is a network security device.
A firewall is a network security device.
 
Firewalls
FirewallsFirewalls
Firewalls
 

Recently uploaded

Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...jaredbarbolino94
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 

Recently uploaded (20)

Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 

firrewall and intrusion prevention system.pptx

  • 3.  Need for Firewall  Protects System from Vulnerable Services : For example, firewalls could be configured to block services like NFS from entering or leaving the subnet.  Controlled Access to Systems : For example, seal off access to some information servers (like database servers) while allowing the others (like mailing servers).  Privacy : Firewalls can block useful information from reaching the hands of attackers.  Security: Firewalls offers a high degree of security because they provide a single point at which security needs to be maintained.  Protection of network and its resources: To protect our network & its resources from malicious users & accidents that originate outside of our network.  Firewall “Monitors and controls incoming and out coming traffic based on a predefined rules”
  • 5.  Characteristics of firewall  All traffic from inside to outside, and vice versa, must pass through the firewall. This is achieved by physically blocking all access to the local network except via the firewall.  Only authorized traffic, as defined by the local security policy, will be allowed to pass. Various types of firewalls are used, which implement various types of security policies.  The firewall itself is immune to penetration. This implies the use of a hardened system with a secured operating system. Trusted computer systems are suitable for hosting a firewall and often required in government applications.
  • 6.  Firewall Access Policy  A critical component in the planning and implementation of a firewall is specifying a suitable access policy o Types of traffic authorized to pass through the firewall. o Includes address ranges, protocols, applications and content types  The policy should be developed from the organization’s security risk assessment.  Should be developed from a broad specification of which traffic types the organization needs to support o Then refined to detail the filter elements which can then be implemented within an appropriate firewall topology.
  • 8. Types of Firewall Different types of firewalls are as follows: 1. Packet Filtering Firewall: A packet filtering firewall applies a set of rules to each incoming and outgoing IP packet and then forwards or discards the packet. Filtering rules are based on information contained in a network packet:  Source IP address: The IP address of the system that originated the IP packet (e.g., 192.178.1.1).  Destination IP address: The IP address of the system the IP packet is trying to reach (e.g., 192.168.1.2).  Source and destination transport-level address: The transport-level (e.g., TCP or UDP) port number, which defines applications such as SNMP or TELNET. •  IP protocol field: Defines the transport protocol.  Interface: For a firewall with three or more ports, which interface of the firewall the packet came from or which interface of the firewall the packet is destined for.
  • 9.  Types of Firewall 2. Stateful Inspection Firewall: A stateful packet inspection firewall tightens up the rules for TCP traffic by creating a directory of outbound TCP connections.  There is an entry for each currently established connection.  The packet filter will now allow incoming traffic to high- numbered ports only for those packets that fit the profile of one of the entries in this directory. A stateful packet inspection firewall reviews the same packet information as a packet filtering firewall, but also records information about TCP connections.  keep track of TCP sequence numbers to prevent attacks that depend on the sequence number  inspect data for protocols like FTP, IM, and SIPS
  • 10.  Types of Firewall: 3. Application Proxy Firewall: An application – level gateway, also called an application proxy, acts as a rely of application – level traffic.  user requests service from proxy.  proxy validates request as legal.  then actions request and returns result to user.  can log / audit traffic at application level. Advantages of application proxy firewall  More secure than packet filter firewalls  Easy to log and audit incoming traffic Disadvantages of application proxy firewall  Additional processing overhead on each connection
  • 11.  Types of Firewall 4. Circuit-Level Proxy firewall: This can be a stand – alone system or it can be a specialized functions performed by an application – level gateway for certain applications.  It does not permit an end – to – end TCP connection; rather, the gateway sets two TCP connections.  A typical use of the circuit – level gateway is a situation in which the system administrator trusts the internal users.  The gateway can be configured to support application – level or proxy service on inbound connections and circuit – level functions for outbound connections. Advantages of circuit-level proxy firewall  comparatively inexpensive and provide Anonymity to the private network. Disadvantages of circuit-level proxy firewall  do not filter Individual Packets
  • 13.  Firewall Basing It is common to base a firewall on a stand-alone machine running a common operating system, such as UNIX or Linux. Some additional firewall basing are as follows: 1. Bastion Host: A bastion host is a system identified by the firewall administrator as a critical strong point in the network’s security. It serves as a platform for an application level or circuit level gateway. Some common characteristics : o Executes a secure version of its OS, making it a hardened system. o Only the services that the network administrator considers essential are installed on the bastion host. o It may require some additional authentication before user is allowed access to the proxy services. 2. Host-based Firewalls: A host based firewall is a software module used to secure an individual host. Such modules are available in many OS or can be provided as an add-on packages. It filters and restricts the flow of packages.
  • 14.  Firewall Basing 2. Host – based Firewalls: Advantages of host based firewalls are as follows:  Filtering rules can be tailored to the host environment  Protection is provided independent of technology. 3. Personal Firewalls: Personal firewall controls traffic between a personal computer or work – stations on one side and the Internet or Enterprise network on the other side.  These functionality can be used in the home environment and on corporate internets. It is the software module on the personal computer.  Firewall functionality can also be housed in a router that connects all of the home computers to a DSL, cable modem, or other internet interface.
  • 16. Firewall Location and configuration a firewall is positioned to provide a protective barrier between an external source of traffic and an internal network  DMZ Networks: a common firewall configuration that includes an additional network segment between an internal and an external firewall. An external firewall is placed at the edge of a local or enterprise network, just inside the boundary router that connects to the Internet or some wide area network (WAN). One or more internal firewalls protect the bulk of the enterprise network. Between these two types of firewalls are one or more networked devices in a region referred to as a DMZ (demilitarized zone) network.  Virtual Private Networks: a VPN consists of a set of computers that interconnect by means of a relatively unsecure network and that make use of encryption and special protocols to provide security. At each corporate site, workstations, servers, and databases are linked by one or more local area networks (LANs).
  • 17. Firewall Location and configuration  Distributed Firewalls: These firewalls protect against internal attacks and provide protection tailored to specific machines and applications. An important aspect of a distributed firewall configuration is security monitoring.  Summary of Firewall Locations and Topologies: A spectrum of firewall locations and topologies.  Host-resident firewall  Screening router  Single bastion inline:  Single bastion  Double bastion inline  Double bastion  Distributed firewall configuration
  • 19. Intrusion Prevention Systems The range of security products is the intrusion prevention system (IPS), also known as intrusion detection and prevention system (IDPS). It is an extension of an IDS that includes the capability to attempt to block or prevent detected malicious activity.  Host-Based IPS: A host-based IPS (HIPS) can make use of either signature/heuristic or anomaly detection techniques to identify attacks. . Examples of the types of malicious behavior addressed by a HIPS include the following: o Modification of system resources o Privilege-escalation exploits  Network-Based IPS: The IPS device applies filters to the full content of the flow every time a new packet for the flow arrives. When a flow is determined to be malicious, the latest and all subsequent packets belonging to the suspect flow are dropped
  • 20. Intrusion Prevention Systems  Distributed or Hybrid: The final category of IPS is in a distributed or hybrid approach. This gathers data from a large number of host and network-based sensors, relays this intelligence to a central analysis system able to correlate, and analyze the data, which can then return updated signatures and behavior patterns to enable all of the coordinated systems to respond and defend against malicious behavior. A number of such systems have been proposed. One of the best known is the digital immune system.  Snort Inline: Snort Inline adds three new rule types that provide intrusion prevention features:  Drop: Snort rejects a packet based on the options defined in the rule and logs the result.  Reject: Snort rejects a packet and logs the result  Sdrop: Snort rejects a packet but does not log the packet.
  • 22. Unified Threat Management Product “Products that include multiple security features integrated into one box. To be included in this category, [an appliance] must be able to perform network firewalling, network intrusion detection and prevention and gateway anti-virus. All of the capabilities in the appliance need not be used concurrently, but the functions must exist inherently in the appliance.”
  • 23. THANK YOU FOR YOUR ATTENTION!!!