Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Firewalls

1,243 views

Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Firewalls

  1. 1. Shashwat Shriparv dwivedishashwat@gmail.com InfinitySoft Shashwat Shriparv dwivedishashwat@gmail.com InfinitySoft Shashwat Shriparv dwivedishashwat@gmail.com InfinitySoft
  2. 2. Firewalls  What is a Firewall  Types of Firewalls  Network Layer  Application Layer  Network Address Translations  Appropriate use of Firewalls  Configuration considerations
  3. 3. What is a Firewall  A firewall's basic task is to transfer traffic between computer networks of different trust levels.Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust. A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to as a "perimeter network" or Demilitarized zone (DMZ).
  4. 4.  A firewall's function within a network is similar to firewalls in building construction, because in both cases they are intended to isolate one "network" or "compartment" from another. However, network firewalls, unlike physical firewalls, are designed to allow some traffic to flow. What is a Firewall
  5. 5.  Without proper configuration, a firewall can often become worthless. Standard security practices dictate a "default-deny" firewall ruleset, in which the only network connections which are allowed are the ones that have been explicitly allowed. Unfortunately, such a configuration requires detailed understanding of the network applications and endpoints required for the organization's day-to-day operation. Many businesses lack such understanding, and therefore implement a "default-allow" ruleset, in which all traffic is allowed unless it has been specifically blocked. This configuration makes inadvertent network connections and system compromise much more likely. What is a Firewall
  6. 6. Types of Firewalls
  7. 7. Types of Firewalls  Network layer firewalls, also called packet filters, operate at a relatively low level of theTCP/IP protocol stack  They will not allow packets to pass through the firewall unless they match the established ruleset.The firewall administrator may define the rules; or default rules may apply.
  8. 8.  Network layer firewalls generally fall into two sub-categories, stateful and stateless.  Stateful firewalls maintain context about active sessions, and use that "state information" to speed up packet processing. Any existing network connection can be described by several properties, including source and destination IP address, UDP orTCP ports, and the current stage of the connection's lifetime (including session initiation, handshaking, data transfer, or completion connection. If a packet does not match an existing connection, it will be evaluated according to the ruleset for new connections. If a packet matches an existing connection based on comparison with the firewall's state table, it will be allowed to pass without further processing. Types of Firewalls
  9. 9.  Application-layer firewalls work on the application level of theTCP/IP stack (i.e., all browser traffic, or all telnet or ftp traffic), and may intercept all packets traveling to or from an application.They block other packets (usually dropping them without acknowledgement to the sender). In principle, application firewalls can prevent all unwanted outside traffic from reaching protected machines.  By inspecting all packets for improper content, firewalls can restrict or prevent outright the spread of networked computer worms and trojans. In practice, however, this becomes so complex and so difficult to attempt (given the variety of applications and the diversity of content each may allow in its packet traffic) that comprehensive firewall design does not generally attempt this approach Types of Firewalls
  10. 10. Network AddressTranslation (NAT, also known as Network Masquerading, Native AddressTranslation or IP Masquerading) involves re-writing the source and/or destination addresses of IP packets as they pass through a Router or firewall. Most systems using NAT do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address. Many network administrators find NAT a convenient technique and use it widely. Nonetheless, NAT can introduce complications in communication between hosts and may have a performance impact Types of Firewalls
  11. 11.  Network AddressTranslation  One-to-One (One private address for One public address)  Geared for applications that require use of many ports/apps (i.e. ftp, www, 8081).  Port AddressTranslation  One-to-many (One public IP address is used, but specific ports are translated).  Geared for applications that only need 1 port in connection (i.e. basic web servers, e-mail). Types of Firewalls
  12. 12. Appropriate use of Firewalls  Firewalls are applicable when –  When there is two networks that have a distinct trust factor (friend/foe).  When network topology is designed to flow all traffic thru a single interface which connects to the firewall (i.e. protected networks connection must terminate behind firewall).  When there is need for extra layer of protection for certain applications.
  13. 13.  Firewalls are NOT applicable when  When applications that transverse two networks are QoS sensitive.  Vendors use scare tactics and not give a qualified reason for firewall.  When you are only support and haven’t been trained.  When application/resource accessibility is more critical than security (timing). Appropriate use of Firewalls
  14. 14. Configuration Considerations  By default, less trusted networks has NO access to the trusted network (deny all).  Be port specific as possible when allowing outside host to access applications.  Remember ANY means ANY in a firewall ruleset! Outside of web and e-mail, this should not be used to allow access into applications.  For vendor support, restrict access just to their network or IP Address.  Certain applications are very firewall sensitive (i.e.Voice, H323 or any QoS type apps).
  15. 15.  Firewalls does not encrypt data unless specifically programmed( IPSec tunnel).  Rulesets/access-list will not work unless applied to interface. Configuration Considerations
  16. 16. Shashwat Shriparv dwivedishashwat@gmail.com InfinitySoft Shashwat Shriparv dwivedishashwat@gmail.com InfinitySoft

×