SlideShare a Scribd company logo

[9] Firewall.pdf

L
lamtran367679

A firewall is a system designed to restrict access between networks and protect private network resources. It imposes a gateway machine between the outside world and private network that software uses to decide whether to allow or reject incoming traffic. Firewalls implement security policies at a single point and monitor security events while providing strong authentication and allowing virtual private networks on a specially hardened operating system. Common types include packet filtering routers, application-level gateways, and circuit-level gateways, with hybrid firewalls combining techniques.

Education
1 of 26
Download to read offline
FIREWALL
2 What is a firewall?  Two goals:  To provide the people in your organization with access to the WWW without allowing the entire world to peak in;  To erect a barrier between an untrusted piece of software, your organization’s public Web server, and the sensitive information that resides on your private network.  Basic idea:  Impose a specifically configured gateway machine between the outside world and the site’s inner network.  All traffic must first go to the gateway, where software decide whether to allow or reject.
3 What is a firewall  A firewall is a system of hardware and software components designed to restrict access between or among networks, most often between the Internet and a private Internet.  The firewall is part of an overall security policy that creates a perimeter defense designed to protect the information resources of the organization.
4 Firewalls DO  Implement security policies at a single point  Monitor security-related events (audit, log)  Provide strong authentication  Allow virtual private networks  Have a specially hardened/secured operating system
5 Firewalls DON’T  Protect against attacks that bypass the firewall  Dial-out from internal host to an ISP  Protect against internal threats  disgruntled employee  Insider cooperates with and external attacker  Protect against the transfer of virus-infected programs or files
6 Types of Firewalls  Packet-Filtering Router  Application-Level Gateway  Circuit-Level Gateway  Hybrid Firewalls
7 Packet Filtering Routers • Forward or discard IP packet according a set of rules • Filtering rules are based on fields in the IP and transport header
8 What information is used for filtering decision?  Source IP address (IP header)  Destination IP address (IP header)  Protocol Type  Source port (TCP or UDP header)  Destination port (TCP or UDP header)  ACK. bit
9 Web Access Through a Packet Filter Firewall
10 Application Level Gateways (Proxy Server)
11 A Telnet Proxy
12 A sample telnet session
13 Application Level Gateways (Proxy Server)  Advantages:  complete control over each service (FTP/HTTP…)  complete control over which services are permitted  Strong user authentication (Smart Cards etc.)  Easy to log and audit at the application level  Filtering rules are easy to configure and test  Disadvantages:  A separate proxy must be installed for each application-level service  Not transparent to users
14 Circuit Level Gateways
15 Circuit Level Gateways (2)  Often used for outgoing connections where the system administrator trusts the internal users  The chief advantage is that a firewall can be configured as a hybrid gateway supporting application-level/proxy services for inbound connections and circuit-level functions for outbound connections
16 Hybrid Firewalls  In practice, many of today's commercial firewalls use a combination of these techniques.  Examples:  A product that originated as a packet-filtering firewall may since have been enhanced with smart filtering at the application level.  Application proxies in established areas such as FTP may augment an inspection-based filtering scheme.
17 Firewall Configurations  Bastion host  a system identified by firewall administrator as a critical strong point in the network’s security  typically serves as a platform for an application-level or circuit-level gateway  extra secure O/S, tougher to break into  Dual homed gateway  Two network interface cards: one to the outer network and the other to the inner  A proxy selectively forwards packets  Screened host firewall system  Uses a network router to forward all traffic from the outer and inner networks to the gateway machine  Screened-subnet firewall system
5/4/01 EMTM 553 18 Dual-homed gateway
19 Screened-host gateway
20 Screened Host Firewall
21 Screened Subnet Firewall
22 Screened subnet gateway
23 Selecting a firewall system  Operating system  Protocols handled  Filter types  Logging  Administration  Simplicity  Tunneling
24 Commercial Firewall Systems 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% C h e c k P o i n t C i s c o A x e n t N e t w o r k A s s o c i a t e s C y b e r G u a r d O t h e r s
25 Widely used commercial firewalls  AltaVista  BorderWare (Secure Computing Corporation)  CyberGurad Firewall (CyberGuard Corporation)  Eagle (Raptor Systems)  Firewall-1 (Checkpoint Software Technologies)  Gauntlet (Trusted Information Systems)  ON Guard (ON Technology Corporation)
[9] Firewall.pdf

Recommended

Types Of Firewall Security
Types Of Firewall SecurityTypes Of Firewall Security
Types Of Firewall Security
iberrywifisecurity
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filters
MOHIT AGARWAL
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
gaurav96raj
 
Network security
Network securityNetwork security
Network security
Estiak Khan
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Firewalls
FirewallsFirewalls
FirewallsRam Dutt Shukla
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
Vivek Gandhi
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocols
Online
 

Recommended

Types Of Firewall Security
Types Of Firewall SecurityTypes Of Firewall Security
Types Of Firewall Security
iberrywifisecurity
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filters
MOHIT AGARWAL
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
gaurav96raj
 
Network security
Network securityNetwork security
Network security
Estiak Khan
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Firewalls
FirewallsFirewalls
FirewallsRam Dutt Shukla
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
Vivek Gandhi
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocols
Online
 
Network security
Network securityNetwork security
Network security
Nkosinathi Lungu
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?
Faith Zeller
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's Types
Hem Pokhrel
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 
Information security
Information securityInformation security
Information security
avinashbalakrishnan2
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
Coder Tech
 
Viruses And Hacking
Viruses And HackingViruses And Hacking
Viruses And HackingMuhammad Fahd Un-Nabi Khan
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and Attacks
Sachin Darekar
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Adri Jovin
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
Papun Papun
 
Firewalls
FirewallsFirewalls
Firewalls
Kalluri Madhuri
 
Firewall
FirewallFirewall
Firewall
Saurabh Chauhan
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and function
Nisarg Amin
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testing
Abu Sadat Mohammed Yasin
 
Email security
Email securityEmail security
Email security
Baliram Yadav
 
Mobility Trends
Mobility TrendsMobility Trends
Mobility Trends
Vishal Sharma
 
Chapter 15
Chapter 15Chapter 15
Chapter 15
Ali Broumandnia
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
ssuser530a07
 
firrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptxfirrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptx
fatimagull32
 

More Related Content

What's hot

Network security
Network securityNetwork security
Network security
Nkosinathi Lungu
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?
Faith Zeller
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's Types
Hem Pokhrel
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 
Information security
Information securityInformation security
Information security
avinashbalakrishnan2
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
Coder Tech
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and Attacks
Sachin Darekar
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Adri Jovin
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
Papun Papun
 
Firewalls
FirewallsFirewalls
Firewalls
Kalluri Madhuri
 
Firewall
FirewallFirewall
Firewall
Saurabh Chauhan
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and function
Nisarg Amin
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testing
Abu Sadat Mohammed Yasin
 
Email security
Email securityEmail security
Email security
Baliram Yadav
 
Mobility Trends
Mobility TrendsMobility Trends
Mobility Trends
Vishal Sharma
 
Chapter 15
Chapter 15Chapter 15
Chapter 15
Ali Broumandnia
 

What's hot (20)

Network security
Network securityNetwork security
Network security
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's Types
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Information security
Information securityInformation security
Information security
 
Network Security
Network SecurityNetwork Security
Network Security
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
 
Viruses And Hacking
Viruses And HackingViruses And Hacking
Viruses And Hacking
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and Attacks
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall
FirewallFirewall
Firewall
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and function
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testing
 
Email security
Email securityEmail security
Email security
 
Mobility Trends
Mobility TrendsMobility Trends
Mobility Trends
 
Chapter 15
Chapter 15Chapter 15
Chapter 15
 

Similar to [9] Firewall.pdf

firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
ssuser530a07
 
firrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptxfirrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptx
fatimagull32
 
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
FahmiOlayah
 
Firewall and its Types
Firewall and its TypesFirewall and its Types
Firewall and its Types
crisma baby mathew
 
Firewalls
FirewallsFirewalls
Firewalls
University of Central Punjab
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter new
Karnav Rana
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdf
Dr. Shivashankar
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
Jainam Shah
 
Firewall
FirewallFirewall
Firewall
reddivarihareesh
 
Chapter_Five[1].ppt
Chapter_Five[1].pptChapter_Five[1].ppt
Chapter_Five[1].ppt
BachaSirata
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
OECLIB Odisha Electronics Control Library
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
ImXaib
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
Divya Jyoti
 
Firewall
FirewallFirewall
Firewall
Naga Dinesh
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
Revanth71
 
firewalls.ppt
firewalls.pptfirewalls.ppt
firewalls.ppt
Raj Kumar
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptx
ShreyaBanerjee52
 
Firewalls
FirewallsFirewalls
Firewalls
vaishnavi
 
Firewall
FirewallFirewall
Firewall
Ydel Capales
 

Similar to [9] Firewall.pdf (20)

firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
 
firrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptxfirrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptx
 
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
 
Firewall and its Types
Firewall and its TypesFirewall and its Types
Firewall and its Types
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter new
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdf
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
 
Firewall
FirewallFirewall
Firewall
 
Chapter_Five[1].ppt
Chapter_Five[1].pptChapter_Five[1].ppt
Chapter_Five[1].ppt
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
 
Firewall
FirewallFirewall
Firewall
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Divyanshu.pptx
Divyanshu.pptxDivyanshu.pptx
Divyanshu.pptx
 
firewalls.ppt
firewalls.pptfirewalls.ppt
firewalls.ppt
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptx
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall
FirewallFirewall
Firewall
 

Recently uploaded

Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
Jisc
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
Peter Windle
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
RaedMohamed3
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Vikramjit Singh
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
EverAndrsGuerraGuerr
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
siemaillard
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
DeeptiGupta154
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
Atul Kumar Singh
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
Peter Windle
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
CarlosHernanMontoyab2
 
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdfAdversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Po-Chuan Chen
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
Vivekanand Anglo Vedic Academy
 
Honest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptxHonest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptx
timhan337
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 

Recently uploaded (20)

Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
 
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdfAdversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
 
Honest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptxHonest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptx
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 

[9] Firewall.pdf

  • 2. 2 What is a firewall?  Two goals:  To provide the people in your organization with access to the WWW without allowing the entire world to peak in;  To erect a barrier between an untrusted piece of software, your organization’s public Web server, and the sensitive information that resides on your private network.  Basic idea:  Impose a specifically configured gateway machine between the outside world and the site’s inner network.  All traffic must first go to the gateway, where software decide whether to allow or reject.
  • 3. 3 What is a firewall  A firewall is a system of hardware and software components designed to restrict access between or among networks, most often between the Internet and a private Internet.  The firewall is part of an overall security policy that creates a perimeter defense designed to protect the information resources of the organization.
  • 4. 4 Firewalls DO  Implement security policies at a single point  Monitor security-related events (audit, log)  Provide strong authentication  Allow virtual private networks  Have a specially hardened/secured operating system
  • 5. 5 Firewalls DON’T  Protect against attacks that bypass the firewall  Dial-out from internal host to an ISP  Protect against internal threats  disgruntled employee  Insider cooperates with and external attacker  Protect against the transfer of virus-infected programs or files
  • 6. 6 Types of Firewalls  Packet-Filtering Router  Application-Level Gateway  Circuit-Level Gateway  Hybrid Firewalls
  • 7. 7 Packet Filtering Routers • Forward or discard IP packet according a set of rules • Filtering rules are based on fields in the IP and transport header
  • 8. 8 What information is used for filtering decision?  Source IP address (IP header)  Destination IP address (IP header)  Protocol Type  Source port (TCP or UDP header)  Destination port (TCP or UDP header)  ACK. bit
  • 9. 9 Web Access Through a Packet Filter Firewall
  • 13. 13 Application Level Gateways (Proxy Server)  Advantages:  complete control over each service (FTP/HTTP…)  complete control over which services are permitted  Strong user authentication (Smart Cards etc.)  Easy to log and audit at the application level  Filtering rules are easy to configure and test  Disadvantages:  A separate proxy must be installed for each application-level service  Not transparent to users
  • 15. 15 Circuit Level Gateways (2)  Often used for outgoing connections where the system administrator trusts the internal users  The chief advantage is that a firewall can be configured as a hybrid gateway supporting application-level/proxy services for inbound connections and circuit-level functions for outbound connections
  • 16. 16 Hybrid Firewalls  In practice, many of today's commercial firewalls use a combination of these techniques.  Examples:  A product that originated as a packet-filtering firewall may since have been enhanced with smart filtering at the application level.  Application proxies in established areas such as FTP may augment an inspection-based filtering scheme.
  • 17. 17 Firewall Configurations  Bastion host  a system identified by firewall administrator as a critical strong point in the network’s security  typically serves as a platform for an application-level or circuit-level gateway  extra secure O/S, tougher to break into  Dual homed gateway  Two network interface cards: one to the outer network and the other to the inner  A proxy selectively forwards packets  Screened host firewall system  Uses a network router to forward all traffic from the outer and inner networks to the gateway machine  Screened-subnet firewall system
  • 23. 23 Selecting a firewall system  Operating system  Protocols handled  Filter types  Logging  Administration  Simplicity  Tunneling
  • 25. 25 Widely used commercial firewalls  AltaVista  BorderWare (Secure Computing Corporation)  CyberGurad Firewall (CyberGuard Corporation)  Eagle (Raptor Systems)  Firewall-1 (Checkpoint Software Technologies)  Gauntlet (Trusted Information Systems)  ON Guard (ON Technology Corporation)