Introductory Video

(This has to be shown for 1 min only)
Firewalls

Group 2Section C
Avishek
Dasgupta
Tarun Gupta ()
Siddharth
Gautam (13P172)
Kanika Vimani
TThreats:
•Theft or
disclosure of
internal data
•Unauthorized
access to internal
hosts
•Interception or
alteration of data...
Firewall
System or set of systems designed to:
• Permit or deny network
transmissions
• Used to protect networks from
unau...
TYPES OF FIREWALL
• Network firewalls:
 Protect the perimeter of a network by
watching traffic that enters and leaves
 S...
TYPES OF FIREWALL
• Application-layer firewalls:
 Host-run proxy servers
 Early application layer firewalls are not
part...
TYPES OF FIREWALL
Hybrid firewalls:
Network
layer
firewalls
have
become
increasingly
“aware”
of
the
information
going
thro...
Anti-virus vs. Firewall

Scanning Software - disinfects an infected
computer

Search files, incoming, outgoing, and
stored...
How Firewalls Work

Firewalls uses one of the three methods to control
traffic flowing in and out of the network:

Packet ...
Video to exhibit Firewall’s
functioning
Classification based on working
Principle

Stateful
Inspection

Packet
Filtering
Firewalls as filters
Firewalls as filters
• When TCP/IP sends data packets they seldom go
straight from the host system that generated them
to ...
Firewalls as filters
• Routers make
their routing
decisions based
on tables of data
and rules. It is
possible to
manipulat...
Firewalls as Gateways
Firewalls as Gateways
• A gateway is a
computer that
provides relay
services between
two networks
• Traffic goes to
the ga...
Firewalls as Gateways
• Typically, the two
gateways will have
more open
communication
through the inside
filter than the
o...
Firewalls as Control
Points
Firewalls as Control
Points
• Firewalls can
provide
additional
security services
including traffic
encryption and
decrypti...
Firewalls for Small
Offices and Home Offices
• Now that high-speed, always-on Internet
connectivity is becoming more and m...
Internet Connection
Firewall (ICF)
• To prevent unsolicited traffic from the
public side of the connection from
entering t...
How a hardware firewall
is connected?
Firewalls for Enterprises
• Corporate networks employ
layers of defence:
– traffic screening at the router
connecting the ...
Demilitarized zone
• DMZ is a computer host or small network
inserted as a "neutral zone" between a
company's private netw...
Demilitarized zone
Future of Firewall
• 596 million Internet users in China
were attacked by viruses and
malware in the first half of 2010
• ...
Thank You !!
Section c group2_firewall_ final
Section c group2_firewall_ final
Section c group2_firewall_ final
Upcoming SlideShare
Loading in …5
×

Section c group2_firewall_ final

199 views

Published on

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
199
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  •  A simple router is the ``traditional'' network layer firewall, since it is not able to make particularly sophisticated decisions about what a packet is actually talking to or where it actually came from. Modern network layer firewalls have become increasingly sophisticated, and now maintain internal information about the state of connections passing through them, the contents of some of the data streamsSoftware-based Microsoft’s Internet Security and Acceleration (ISA) Server or the hardware-based Nortel Networks Alteon Switched Firewall Systemcorporate internet access management and total network defence against any external unwarranted interference.Host-based firewalls, such as Internet Connection Firewall (ICF—included with Windows XP and Windows Server 2003), protect an individual computer regardless of the network it’s connected to.
  • These generally are hosts running proxy servers, which permit no traffic directly between networks, and which perform elaborate logging and auditing of traffic passing through them. Since the proxy applications are software components running on the firewall, it is a good place to do lots of logging and access control. Application layer firewalls can be used as network address translators, since traffic goes in one ``side'' and out the other, after having passed through an application that effectively masks the origin of the initiating connection. Having an application in the way in some cases may impact performance and may make the firewall less transparent. Early application layer firewalls such as those built using the TIS firewall toolkit, are not particularly transparent to end users and may require some training. Modern application layer firewalls are often fully transparent. Application layer firewalls tend to provide more detailed audit reports and tend to enforce more conservative security models than network layer firewalls.
  • Application layer firewalls have become increasingly “low level” and transparent
  • Milan
  • Milan
  • Section c group2_firewall_ final

    1. 1. Introductory Video (This has to be shown for 1 min only)
    2. 2. Firewalls Group 2Section C Avishek Dasgupta Tarun Gupta () Siddharth Gautam (13P172) Kanika Vimani
    3. 3. TThreats: •Theft or disclosure of internal data •Unauthorized access to internal hosts •Interception or alteration of data •Vandalism or denial of service
    4. 4. Firewall System or set of systems designed to: • Permit or deny network transmissions • Used to protect networks from unauthorized access • Permit legitimate communication to pass • Protect data integrity of critical information
    5. 5. TYPES OF FIREWALL • Network firewalls:  Protect the perimeter of a network by watching traffic that enters and leaves  Simple router or “traditional” network layer firewall  Modern network layer firewalls
    6. 6. TYPES OF FIREWALL • Application-layer firewalls:  Host-run proxy servers  Early application layer firewalls are not particularly transparent to end users and may require some training. Modern application layer firewalls are often fully transparent
    7. 7. TYPES OF FIREWALL Hybrid firewalls: Network layer firewalls have become increasingly “aware” of the information going through them Application layer firewalls have become increasingly “low level” and transparent • Fast packet-screening systems that log and audit data as they pass through the system • Increasingly, firewalls (network and application layer) incorporate encryption so that they may protect traffic passing between them over the Internet
    8. 8. Anti-virus vs. Firewall Scanning Software - disinfects an infected computer Search files, incoming, outgoing, and stored on hard drives and other storage devices which can be potentially hazardous to your internal network or PC Filtering device - prevents the computer from getting outward Control or regulate theinfected bound traffic from your internal network to sites outside and prevent access to sites not considered appropriate
    9. 9. How Firewalls Work Firewalls uses one of the three methods to control traffic flowing in and out of the network: Packet Filtering Proxy Service Stateful Inspection
    10. 10. Video to exhibit Firewall’s functioning
    11. 11. Classification based on working Principle Stateful Inspection Packet Filtering
    12. 12. Firewalls as filters
    13. 13. Firewalls as filters • When TCP/IP sends data packets they seldom go straight from the host system that generated them to the client that requested them. Along the way they normally pass through one or more routers • Routers look at the address information in TCP/IP packets and direct them accordingly • For Example, Data packets transmitted over the Internet from the Web browser on a PC in Gurgaon to a Web server in Bangalore will pass through numerous routers along the way, each of which makes decisions about where to direct the traffic
    14. 14. Firewalls as filters • Routers make their routing decisions based on tables of data and rules. It is possible to manipulate these rules by means of filters so that, for example, only data from
    15. 15. Firewalls as Gateways
    16. 16. Firewalls as Gateways • A gateway is a computer that provides relay services between two networks • Traffic goes to the gateway instead of directly entering the connected network. • The gateway machine then
    17. 17. Firewalls as Gateways • Typically, the two gateways will have more open communication through the inside filter than the outside gateway has to other internal hosts. The outside filter can be used to protect the gateway from attack, while the inside gateway is used to guard against
    18. 18. Firewalls as Control Points
    19. 19. Firewalls as Control Points • Firewalls can provide additional security services including traffic encryption and decryption • In order to communicate in encryption mode, the sending and receiving firewalls must use compatible encrypting systems
    20. 20. Firewalls for Small Offices and Home Offices • Now that high-speed, always-on Internet connectivity is becoming more and more common, so too are attacks against connected computers and hence it has become very important to protect our personal computers. • Firewalls help us by: – screening out many types of malicious traffic – keep your computer from participating in attacks on others without your knowledge • Firewall products come in many different forms, from freely available software for your computer to tamper-resistant industrial units • For maximum security, the most reliable
    21. 21. Internet Connection Firewall (ICF) • To prevent unsolicited traffic from the public side of the connection from entering the private side • To thwart common hacking attempts (such as port scanning), the firewall drops communications that originate from the Internet. • ICF silently discards unsolicited communications • ICF blocks the following kinds: • Scans • Many Trojans
    22. 22. How a hardware firewall is connected?
    23. 23. Firewalls for Enterprises • Corporate networks employ layers of defence: – traffic screening at the router connecting the network to the Internet – one or more enterprise-class firewalls – virus scanning engines on the email servers – and some kind of intrusion detection mechanism • Do host based firewalls make sense in corporate network?
    24. 24. Demilitarized zone • DMZ is a computer host or small network inserted as a "neutral zone" between a company's private network and the outside public network • DMZs allow computers behind the firewall to initiate requests outbound to the DMZ • Computers in the DMZ in turn respond, forward or re-issue requests out to the Internet or other public network • The LAN firewall, though, prevents computers in the DMZ from initiating
    25. 25. Demilitarized zone
    26. 26. Future of Firewall • 596 million Internet users in China were attacked by viruses and malware in the first half of 2010 • Current Systems are obsoleting fast • Vendors are Focusing on developing "next-generation firewalls” • Superior protection without bottlenecking the system performance • Enterprise Firewall – The Next
    27. 27. Thank You !!

    ×