SlideShare a Scribd company logo

Firewall

Download as PPT, PDF
ਇਹ ਵੀ ਕੋਈ ਕੰਮ ਕਰਨ ਦੀ ਉਮਰ ਆ ਕਾਕਾ ਤਾ ਅਜੇ ਪੜਦਾ ਆ
ਇਹ ਵੀ ਕੋਈ ਕੰਮ ਕਰਨ ਦੀ ਉਮਰ ਆ ਕਾਕਾ ਤਾ ਅਜੇ ਪੜਦਾ ਆ
Internet
1 of 17
1 FirewallS Presented to MR.AMANDEEP SINGH Presented by SURESH KUMAR AMRIT SINGH SANDEEP UPPAL SATINDER SINGH
2 Firewalls • In most systems today, the firewall is the machine that implements the “security policy” for a system • A firewall is typically placed at the edge of a system and acts as a filter for unauthorized traffic • Filters tend to be simple: source and destination addresses, source and destination ports, or protocol (tcp, udp, icmp)
3 Outline • Intro to Security and Firewalls • Problems with Current Firewalls • Distributed Firewall Concept • Distributed Firewall Implementation • Conclusions
4 Intro to Security • Computer/Network Security - The prevention and detection of unauthorized actions by users of computer systems* • But what does “unauthorized” mean? • It depends on the system’s “security policy”
5 Firewall Drawbacks • Certain protocols (FTP, Real-Audio) are difficult for firewalls to process • Assumes inside users are “trusted” • Multiple entry points make firewalls hard to manage
6 Distributed Firewall Concept • Security policy is defined centrally • Enforcement of policy is done by network end point(s)
7 Standard Firewall Example Connection to web server Corporate Network Corporate Firewall Internet External Internal External Host Internal Host 1 Internal Host 2 (untrusted) Webserver Intranet Webserver (company private)
8 Standard Firewall Example Connection to internet Corporate Network Corporate Firewall Internet External Internal External Host Internal Host 1 Internal Host 2 (untrusted) Webserver Intranet Webserver (company private) blocked by firewall connection allowed, but should not be
9 Security Policy • A “security policy” defines the security rules of a system. • Without a defined security policy, there is no way to know what access is allowed or disallowed • An example policy: (simple) – Allow all connections to the web server
10 Distributed Firewall Implementation • Language to express policies and resolving requests (KeyNote system) • Mechanisms to distribute security policies (web server) • Mechanism that applies security policy to incoming packet (Policy daemon and kernel updates)
11 KeyNote Policies and Credentials • Policies and Credentials have same basic syntax • Policies are “local” • Credentials are “delegated” and MUST be signed
12 Distributed Firewall Implementation • Not a complete solution, only a prototype • Done on Open BSD • Filters done in kernel space • Focused on TCP connections only –connect and accept calls –When a connect is issued, a “policy context” is created
13 User Space • This design was not chosen because of the difficulty in “forcing” an application to use the modified library • For example, “telnetd”, “ftpd”
14 Policy Context • No limit to the kind of data that can be associated with the context • For a connect, context will include ID of user that initiated the connection, the destination address and destination port. • For an accept, context will include similar data to connect, except that the source address and source port are also included
15 Policy Device • Dev/policy – pseudo device driver • Communication path between the Policy Daemon and the “modified” kernel • Supports standard operations: open, close, read, write, • Independent of type of application
16 Future Work • High quality administration tools NEED to exist for distributed firewalls to be accepted • Allow per-packet scanning as opposed to per-connection scanning • Policy updating and revocation • Credential discovery
17 Thank YoU

Recommended

Cyber Securing Physical Security May 2015
Cyber Securing Physical Security May 2015Cyber Securing Physical Security May 2015
Cyber Securing Physical Security May 2015mauimarketing
 
Firewall
FirewallFirewall
FirewallRameswar Mishra
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglyAlgoSec
 
8 palo alto security policy concepts
8 palo alto security policy concepts8 palo alto security policy concepts
8 palo alto security policy conceptsMostafa El Lathy
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsSam Bowne
 
Internetworking With Pix Firewall
Internetworking With Pix FirewallInternetworking With Pix Firewall
Internetworking With Pix FirewallSouvik Santra
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptOECLIB Odisha Electronics Control Library
 

Recommended

Cyber Securing Physical Security May 2015
Cyber Securing Physical Security May 2015Cyber Securing Physical Security May 2015
Cyber Securing Physical Security May 2015mauimarketing
 
Firewall
FirewallFirewall
FirewallRameswar Mishra
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglyAlgoSec
 
8 palo alto security policy concepts
8 palo alto security policy concepts8 palo alto security policy concepts
8 palo alto security policy conceptsMostafa El Lathy
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsSam Bowne
 
Internetworking With Pix Firewall
Internetworking With Pix FirewallInternetworking With Pix Firewall
Internetworking With Pix FirewallSouvik Santra
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptOECLIB Odisha Electronics Control Library
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filtersMOHIT AGARWAL
 
Firewalls
FirewallsFirewalls
FirewallsMunesh Kumar
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter newKarnav Rana
 
Firewall intro
Firewall introFirewall intro
Firewall introamar_panchal
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Advance firewalls
Advance firewallsAdvance firewalls
Advance firewallsSubi Mastermind
 
Dns firewalls null-may2020
Dns firewalls null-may2020Dns firewalls null-may2020
Dns firewalls null-may2020n|u - The Open Security Community
 
1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale1. Network Security Monitoring Rationale
1. Network Security Monitoring RationaleSam Bowne
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksJim Gilsinn
 
Ricon 2015 final
Ricon 2015 finalRicon 2015 final
Ricon 2015 finalKevin Jones
 
Security Onion
Security OnionSecurity Onion
Security Onionn|u - The Open Security Community
 
Presentation.firewell.pptx
Presentation.firewell.pptxPresentation.firewell.pptx
Presentation.firewell.pptxyashukapil
 
Seminar
SeminarSeminar
SeminarAbhinav Kushwah
 
Data Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak namData Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak namPT Datacomm Diangraha
 
Types Of Firewall Security
Types Of Firewall SecurityTypes Of Firewall Security
Types Of Firewall Securityiberrywifisecurity
 
Security Benefits of Firewall Protection
Security Benefits of Firewall ProtectionSecurity Benefits of Firewall Protection
Security Benefits of Firewall Protectiondavid rom
 
firewall
firewallfirewall
firewallChirag Patel
 
Developers Focus on Security-Minded Tooling - Quintis Venter
Developers Focus on Security-Minded Tooling - Quintis Venter �Developers Focus on Security-Minded Tooling - Quintis Venter �
Developers Focus on Security-Minded Tooling - Quintis Venter Thoughtworks
 
Final project
Final projectFinal project
Final projectrippea
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Victor Schrager
Victor Schrager Victor Schrager
Victor Schrager joshsampson14
 
Shutter Speed - Water
Shutter Speed - WaterShutter Speed - Water
Shutter Speed - Waterjoshsampson14
 

More Related Content

What's hot

Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filtersMOHIT AGARWAL
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter newKarnav Rana
 
1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale1. Network Security Monitoring Rationale
1. Network Security Monitoring RationaleSam Bowne
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksJim Gilsinn
 
Ricon 2015 final
Ricon 2015 finalRicon 2015 final
Ricon 2015 finalKevin Jones
 
Presentation.firewell.pptx
Presentation.firewell.pptxPresentation.firewell.pptx
Presentation.firewell.pptxyashukapil
 
Data Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak namData Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak namPT Datacomm Diangraha
 
Security Benefits of Firewall Protection
Security Benefits of Firewall ProtectionSecurity Benefits of Firewall Protection
Security Benefits of Firewall Protectiondavid rom
 
Developers Focus on Security-Minded Tooling - Quintis Venter
Developers Focus on Security-Minded Tooling - Quintis Venter �Developers Focus on Security-Minded Tooling - Quintis Venter �
Developers Focus on Security-Minded Tooling - Quintis Venter Thoughtworks
 
Final project
Final projectFinal project
Final projectrippea
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 

What's hot (20)

Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filters
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter new
 
Firewall intro
Firewall introFirewall intro
Firewall intro
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Advance firewalls
Advance firewallsAdvance firewalls
Advance firewalls
 
Dns firewalls null-may2020
Dns firewalls null-may2020Dns firewalls null-may2020
Dns firewalls null-may2020
 
1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO Networks
 
Ricon 2015 final
Ricon 2015 finalRicon 2015 final
Ricon 2015 final
 
Security Onion
Security OnionSecurity Onion
Security Onion
 
Presentation.firewell.pptx
Presentation.firewell.pptxPresentation.firewell.pptx
Presentation.firewell.pptx
 
Seminar
SeminarSeminar
Seminar
 
Data Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak namData Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak nam
 
Types Of Firewall Security
Types Of Firewall SecurityTypes Of Firewall Security
Types Of Firewall Security
 
Security Benefits of Firewall Protection
Security Benefits of Firewall ProtectionSecurity Benefits of Firewall Protection
Security Benefits of Firewall Protection
 
firewall
firewallfirewall
firewall
 
Developers Focus on Security-Minded Tooling - Quintis Venter
Developers Focus on Security-Minded Tooling - Quintis Venter �Developers Focus on Security-Minded Tooling - Quintis Venter �
Developers Focus on Security-Minded Tooling - Quintis Venter
 
Final project
Final projectFinal project
Final project
 
Types of firewall
Types of firewallTypes of firewall
Types of firewall
 

Viewers also liked

Shutter Speed - Water
Shutter Speed - WaterShutter Speed - Water
Shutter Speed - Waterjoshsampson14
 
Chuck's memorial slide show
Chuck's memorial slide showChuck's memorial slide show
Chuck's memorial slide showLisa Ginivisian
 
BrandTriad Mktg for Chiros PowerPoint
BrandTriad Mktg for Chiros PowerPointBrandTriad Mktg for Chiros PowerPoint
BrandTriad Mktg for Chiros PowerPointSteven Petty
 
30 day photo challenge
30 day photo challenge 30 day photo challenge
30 day photo challenge joshsampson14
 
ERA Product Catalog 2015_Emailnoprice
ERA Product Catalog 2015_EmailnopriceERA Product Catalog 2015_Emailnoprice
ERA Product Catalog 2015_EmailnopriceLeslie M
 
My Exam Unit - Photographs 3
My Exam Unit - Photographs 3My Exam Unit - Photographs 3
My Exam Unit - Photographs 3joshsampson14
 
Guy Bourdin Presentation
Guy Bourdin PresentationGuy Bourdin Presentation
Guy Bourdin Presentationjoshsampson14
 
Chuck close presentation
Chuck close presentationChuck close presentation
Chuck close presentationjoshsampson14
 
25 34 tv viewing habits 2013
25 34 tv viewing habits 201325 34 tv viewing habits 2013
25 34 tv viewing habits 2013Nile A. Kendall
 
BrandTriad Marketing for Dentists PowerPoint
BrandTriad Marketing for Dentists PowerPoint BrandTriad Marketing for Dentists PowerPoint
BrandTriad Marketing for Dentists PowerPoint Steven Petty
 

Viewers also liked (16)

Victor Schrager
Victor Schrager Victor Schrager
Victor Schrager
 
Shutter Speed - Water
Shutter Speed - WaterShutter Speed - Water
Shutter Speed - Water
 
Man Ray
Man RayMan Ray
Man Ray
 
Chuck's memorial slide show
Chuck's memorial slide showChuck's memorial slide show
Chuck's memorial slide show
 
MATHOMAT
MATHOMATMATHOMAT
MATHOMAT
 
BrandTriad Mktg for Chiros PowerPoint
BrandTriad Mktg for Chiros PowerPointBrandTriad Mktg for Chiros PowerPoint
BrandTriad Mktg for Chiros PowerPoint
 
30 day photo challenge
30 day photo challenge 30 day photo challenge
30 day photo challenge
 
Darren Almond
Darren AlmondDarren Almond
Darren Almond
 
ERA Product Catalog 2015_Emailnoprice
ERA Product Catalog 2015_EmailnopriceERA Product Catalog 2015_Emailnoprice
ERA Product Catalog 2015_Emailnoprice
 
Bill Wadman
Bill WadmanBill Wadman
Bill Wadman
 
My Exam Unit - Photographs 3
My Exam Unit - Photographs 3My Exam Unit - Photographs 3
My Exam Unit - Photographs 3
 
Guy Bourdin Presentation
Guy Bourdin PresentationGuy Bourdin Presentation
Guy Bourdin Presentation
 
Chuck close presentation
Chuck close presentationChuck close presentation
Chuck close presentation
 
Muybridge
MuybridgeMuybridge
Muybridge
 
25 34 tv viewing habits 2013
25 34 tv viewing habits 201325 34 tv viewing habits 2013
25 34 tv viewing habits 2013
 
BrandTriad Marketing for Dentists PowerPoint
BrandTriad Marketing for Dentists PowerPoint BrandTriad Marketing for Dentists PowerPoint
BrandTriad Marketing for Dentists PowerPoint
 

Similar to Firewall

Network defenses
Network defensesNetwork defenses
Network defensesG Prachi
 
Network security chapter 6 and 7 internet architecture
Network security chapter 6 and 7 internet architectureNetwork security chapter 6 and 7 internet architecture
Network security chapter 6 and 7 internet architectureMuhammad ismail Shah
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and functionNisarg Amin
 
Module 7 Firewalls Part - 2 Presentation
Module 7 Firewalls Part - 2 PresentationModule 7 Firewalls Part - 2 Presentation
Module 7 Firewalls Part - 2 Presentation9921103075
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8limsh
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)Jainam Shah
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11Waqas Ahmed Nawaz
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Radhika Talaviya
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
98 366 mva slides lesson 8
98 366 mva slides lesson 898 366 mva slides lesson 8
98 366 mva slides lesson 8suddenven
 

Similar to Firewall (20)

Lessson 2
Lessson 2Lessson 2
Lessson 2
 
Network defenses
Network defensesNetwork defenses
Network defenses
 
Network security chapter 6 and 7 internet architecture
Network security chapter 6 and 7 internet architectureNetwork security chapter 6 and 7 internet architecture
Network security chapter 6 and 7 internet architecture
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and function
 
Module 7 Firewalls Part - 2 Presentation
Module 7 Firewalls Part - 2 PresentationModule 7 Firewalls Part - 2 Presentation
Module 7 Firewalls Part - 2 Presentation
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
 
Lessson 2 - Application Layer
Lessson 2 - Application LayerLessson 2 - Application Layer
Lessson 2 - Application Layer
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
 
Firewall
FirewallFirewall
Firewall
 
Linux and firewall
Linux and firewallLinux and firewall
Linux and firewall
 
Divyanshu.pptx
Divyanshu.pptxDivyanshu.pptx
Divyanshu.pptx
 
Vp ns
Vp nsVp ns
Vp ns
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
MVA slides lesson 8
MVA slides lesson 8MVA slides lesson 8
MVA slides lesson 8
 
98 366 mva slides lesson 8
98 366 mva slides lesson 898 366 mva slides lesson 8
98 366 mva slides lesson 8
 

Recently uploaded

一比一原版帝国理工学院毕业证如何办理
一比一原版帝国理工学院毕业证如何办理一比一原版帝国理工学院毕业证如何办理
一比一原版帝国理工学院毕业证如何办理F
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27APNIC
 
一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理F
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
 
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样AS
 
一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样
一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样
一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样AS
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdfMatthew Sinclair
 
Beyond Inbound: Unlocking the Secrets of API Egress Traffic Management
Beyond Inbound: Unlocking the Secrets of API Egress Traffic ManagementBeyond Inbound: Unlocking the Secrets of API Egress Traffic Management
Beyond Inbound: Unlocking the Secrets of API Egress Traffic Managementseank14
 
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书AS
 
原版定制英国赫瑞瓦特大学毕业证原件一模一样
原版定制英国赫瑞瓦特大学毕业证原件一模一样原版定制英国赫瑞瓦特大学毕业证原件一模一样
原版定制英国赫瑞瓦特大学毕业证原件一模一样AS
 
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样Fi
 
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理apekaom
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrHenryBriggs2
 
一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样
一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样
一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样ayvbos
 
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证hfkmxufye
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样ayvbos
 
Research Assignment - NIST SP800 [172 A] - Presentation.pptx
Research Assignment - NIST SP800 [172 A] - Presentation.pptxResearch Assignment - NIST SP800 [172 A] - Presentation.pptx
Research Assignment - NIST SP800 [172 A] - Presentation.pptxi191686
 
一比一原版美国北卡罗莱纳大学毕业证如何办理
一比一原版美国北卡罗莱纳大学毕业证如何办理一比一原版美国北卡罗莱纳大学毕业证如何办理
一比一原版美国北卡罗莱纳大学毕业证如何办理A
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理F
 
一比一原版(Dundee毕业证书)英国爱丁堡龙比亚大学毕业证如何办理
一比一原版(Dundee毕业证书)英国爱丁堡龙比亚大学毕业证如何办理一比一原版(Dundee毕业证书)英国爱丁堡龙比亚大学毕业证如何办理
一比一原版(Dundee毕业证书)英国爱丁堡龙比亚大学毕业证如何办理AS
 

Recently uploaded (20)

一比一原版帝国理工学院毕业证如何办理
一比一原版帝国理工学院毕业证如何办理一比一原版帝国理工学院毕业证如何办理
一比一原版帝国理工学院毕业证如何办理
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27
 
一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
 
一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样
一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样
一比一原版(毕业证书)新加坡南洋理工学院毕业证原件一模一样
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
Beyond Inbound: Unlocking the Secrets of API Egress Traffic Management
Beyond Inbound: Unlocking the Secrets of API Egress Traffic ManagementBeyond Inbound: Unlocking the Secrets of API Egress Traffic Management
Beyond Inbound: Unlocking the Secrets of API Egress Traffic Management
 
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
 
原版定制英国赫瑞瓦特大学毕业证原件一模一样
原版定制英国赫瑞瓦特大学毕业证原件一模一样原版定制英国赫瑞瓦特大学毕业证原件一模一样
原版定制英国赫瑞瓦特大学毕业证原件一模一样
 
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
 
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样
一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样
一比一原版(USYD毕业证书)悉尼大学毕业证原件一模一样
 
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
Research Assignment - NIST SP800 [172 A] - Presentation.pptx
Research Assignment - NIST SP800 [172 A] - Presentation.pptxResearch Assignment - NIST SP800 [172 A] - Presentation.pptx
Research Assignment - NIST SP800 [172 A] - Presentation.pptx
 
一比一原版美国北卡罗莱纳大学毕业证如何办理
一比一原版美国北卡罗莱纳大学毕业证如何办理一比一原版美国北卡罗莱纳大学毕业证如何办理
一比一原版美国北卡罗莱纳大学毕业证如何办理
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
 
一比一原版(Dundee毕业证书)英国爱丁堡龙比亚大学毕业证如何办理
一比一原版(Dundee毕业证书)英国爱丁堡龙比亚大学毕业证如何办理一比一原版(Dundee毕业证书)英国爱丁堡龙比亚大学毕业证如何办理
一比一原版(Dundee毕业证书)英国爱丁堡龙比亚大学毕业证如何办理
 

Firewall

  • 1. 1 FirewallS Presented to MR.AMANDEEP SINGH Presented by SURESH KUMAR AMRIT SINGH SANDEEP UPPAL SATINDER SINGH
  • 2. 2 Firewalls • In most systems today, the firewall is the machine that implements the “security policy” for a system • A firewall is typically placed at the edge of a system and acts as a filter for unauthorized traffic • Filters tend to be simple: source and destination addresses, source and destination ports, or protocol (tcp, udp, icmp)
  • 3. 3 Outline • Intro to Security and Firewalls • Problems with Current Firewalls • Distributed Firewall Concept • Distributed Firewall Implementation • Conclusions
  • 4. 4 Intro to Security • Computer/Network Security - The prevention and detection of unauthorized actions by users of computer systems* • But what does “unauthorized” mean? • It depends on the system’s “security policy”
  • 5. 5 Firewall Drawbacks • Certain protocols (FTP, Real-Audio) are difficult for firewalls to process • Assumes inside users are “trusted” • Multiple entry points make firewalls hard to manage
  • 6. 6 Distributed Firewall Concept • Security policy is defined centrally • Enforcement of policy is done by network end point(s)
  • 7. 7 Standard Firewall Example Connection to web server Corporate Network Corporate Firewall Internet External Internal External Host Internal Host 1 Internal Host 2 (untrusted) Webserver Intranet Webserver (company private)
  • 8. 8 Standard Firewall Example Connection to internet Corporate Network Corporate Firewall Internet External Internal External Host Internal Host 1 Internal Host 2 (untrusted) Webserver Intranet Webserver (company private) blocked by firewall connection allowed, but should not be
  • 9. 9 Security Policy • A “security policy” defines the security rules of a system. • Without a defined security policy, there is no way to know what access is allowed or disallowed • An example policy: (simple) – Allow all connections to the web server
  • 10. 10 Distributed Firewall Implementation • Language to express policies and resolving requests (KeyNote system) • Mechanisms to distribute security policies (web server) • Mechanism that applies security policy to incoming packet (Policy daemon and kernel updates)
  • 11. 11 KeyNote Policies and Credentials • Policies and Credentials have same basic syntax • Policies are “local” • Credentials are “delegated” and MUST be signed
  • 12. 12 Distributed Firewall Implementation • Not a complete solution, only a prototype • Done on Open BSD • Filters done in kernel space • Focused on TCP connections only –connect and accept calls –When a connect is issued, a “policy context” is created
  • 13. 13 User Space • This design was not chosen because of the difficulty in “forcing” an application to use the modified library • For example, “telnetd”, “ftpd”
  • 14. 14 Policy Context • No limit to the kind of data that can be associated with the context • For a connect, context will include ID of user that initiated the connection, the destination address and destination port. • For an accept, context will include similar data to connect, except that the source address and source port are also included
  • 15. 15 Policy Device • Dev/policy – pseudo device driver • Communication path between the Policy Daemon and the “modified” kernel • Supports standard operations: open, close, read, write, • Independent of type of application
  • 16. 16 Future Work • High quality administration tools NEED to exist for distributed firewalls to be accepted • Allow per-packet scanning as opposed to per-connection scanning • Policy updating and revocation • Credential discovery