1. A.D.Patel Institute Of
Technology
Sub:- Cyber Security
Topic:- Firewall
Dept. :- Automobile Engineering
Prepared by :- Shah Jainam (140010102051)
Shah Parva (140010102053)
2. Outline:
• What Is Firewall?
• About Firewall
• Firewall Design Principles
• Firewall Characteristics
• Types Of Firewalls
• Firewall Configuration
• Firewall v/s Packet Filters
• 3rd Party Firewall
3. What is FIREWALL?
“Firewall software is commonly installed on computers in
order to monitor incoming and outgoing packet requests and
to block any that may be from an untrustworthy
source. Firewalls and antivirus programs are the two most
basic forms of computer protection.”
4. About FIREWALL
• It sits between two networks;
• Used to protect one from the other
• Places a bottleneck between the networks
• All communications must pass through the bottleneck –
this gives us a single point of control
5. Henric Johnson
Firewall Design Principles
• The firewall is inserted between the premises network and the
Internet
• Aims:
• Establish a controlled link
• Protect the premises network from Internet-based attacks
• Provide a single choke point
6. Firewall Characteristics
• Design goals:
• All traffic from inside to outside must pass through the firewall (physically
blocking all access to the local network except via the firewall)
• Only authorized traffic (defined by the local security police) will be allowed to
pass
7. Firewall Characteristics
• Four general techniques:
(1)Service control
• Determines the types of Internet services that can be accessed, inbound or
outbound.
(2)Direction control
• Determines the direction in which particular service requests are allowed to
flow.
8. Firewall Characteristics
(3)User control
• Controls access to a service according to which user is attempting to access it.
(4)Behavior control
• Controls how particular services are used (e.g. filter e-mail).
9. Types of Firewalls
• Three common types of Firewalls:
(1) Packet-filtering routers
(2) Application-level gateways
(3) Circuit-level gateways
11. Types of Firewalls
• Packet-filtering Router
• Applies a set of rules to each incoming IP packet and then forwards or discards
the packet
• Filter packets going in both directions
• The packet filter is typically set up as a list of rules based on matches to fields
in the IP or TCP header
• Two default policies (discard or forward)
12. Types of Firewalls
• Advantages:
• Simplicity
• Transparency to users
• High speed
• Disadvantages:
• Difficulty of setting up packet filter rules
• Lack of Authentication
14. Types of Firewalls
• Application-level Gateway
• Also called proxy server
• Acts as a relay of application-level traffic
15. Types of Firewalls
• Advantages:
• Higher security than packet filters
• Only need to scrutinize a few allowable applications
• Easy to log and audit all incoming traffic
• Disadvantages:
• Additional processing overhead on each connection (gateway as splice point)
17. Types of Firewalls
• Circuit-level Gateway
• The security function consists of determining which connections will be
allowed
• Typically use is a situation in which the system administrator trusts the internal
users
• An example is the SOCKS package
18. Firewall Configurations
• Bastion host
• a system identified by firewall administrator as a critical strong point in the network’s
security
• typically serves as a platform for an application-level or circuit-level gateway
• extra secure O/S, tougher to break into.
• Dual homed gateway
• Two network interface cards: one to the outer network and the other to the inner
• A proxy selectively forwards packets.
• Screened host firewall system
• Uses a network router to forward all traffic from the outer and inner networks to the
gateway machine.
• Screened-subnet firewall system
21. Firewalls V/S Packet Filters
• Firewalls
• A firewall is a computer connected to both a private (protected)
network and a public (unprotected) network, which receives and
resubmits specific kinds of network requests on behalf of network
clients on either the private or public network.
• Firewalls involve proxies. A proxy acts as a middle-man in a network
transaction. Rather than allowing a client to speak directly to a server,
the proxy server receives the request from the client, and then
resubmits the request, on behalf of the client, to the target server.
• Firewalls are not routers or address translators. Never does a firewall
copy or forward a packet from the internal network to the external
network, or vice versa. The internal network uses private address
space.
22. Firewalls V/S Packet Filters
• Packet Filters
• A packet filter is a set of rules, applied to a stream of data packets, which is
used to decide whether to permit or deny the forwarding of each packet.
Using a packet filter, an administrator can decide what types of packets are
allowed into or out of a network or computer.
• Some devices, such as the Cisco PIX, combine address translation with
packet filtering. Like a firewall, this prevents the outside network from
having knowledge of the address space on the protected network. This
certainly improves security, but, strictly speaking, this is not a firewall.
• It is worth noting that any good firewall will also employ packet filtering.
This is done to protect the firewall itself from intrusion and to isolate
intruders from the internal network should an attacker gain control of the
firewall.
23. When You Would Want a Third-Party Firewall
• By default, the Windows firewall only does what’s really important: block
incoming connections. It has some more advanced features, but they’re in a
hidden, harder-to-use interface.
• For example, most third-party firewalls allow you to easily control which
applications on your computer can connect to the Internet. They’ll pop up a
box when an application first initiates an outgoing connection. This allows you
to control which applications on your computer can access the Internet,
blocking certain applications from connecting. This can be a little annoying,
but it does give you more control if you’re a power user.
• If you want a firewall with loads of features, GlassWire is a third party firewall
that is really nice. Rather than just being a firewall, it also shows you beautiful
graphs of network activity, lets you drill down into exactly which application is
connecting to where, and how much bandwidth an individual application is
using.