Chapter 5 Security Mechanisms iin computer security.pdf

Getnet T. Email: getnet6202@gmail.com , College of Informatics , University of Gondar, February 7, 2026
College of Informatics
Department of Computer Science
Computer Security (CoSc4035)
Chapter Five: Security Mechanisms
University of Gondar

Security Mechanisms
Objectives
By the end of this lesson, you will be able to:
Define what firewall means and its application for computer
security
1
Identify intrusion detection system and intrusion prevention
system for security
2
Identify remote access and site-to –site VPN types
3

Firewall
Proxy server
Virtual Private Network (VPN)
IDS/IPS
Security Mechanisms
Contents
1
2
3
4

Security Mechanisms
What is firewall
1
 A firewall is hardware, software, or
a combination of both that is used
to prevent unauthorized programs
or Internet users from accessing a
private network and/or a single
computer
 A Firewall
 Acts as a security gateway between
two networks
 Tracks and controls network
communications
• Decides whether to pass, reject,
encrypt, or log communications
(Access Control)

Security Mechanisms
Hardware vs. Software firewalls
1
 Hardware Firewalls
• Protect an entire network
• Implemented on the router level
• Usually more expensive, harder
to configure
 Software Firewalls
• Protect a single
computer
• Usually less expensive,
easier to configure
How does firewall work

Security Mechanisms
Types firewalls
1
 Packet filtering router
 Circuit gateways
 Application gateways
 Combination of above is dynamic packet filter
Packet Filtering Router

Security Mechanisms
Types firewalls
1
 Applies a set of rules to each incoming IP packet to decide whether it
should be forwarded or discarded.
 Packet filters also called screening router or screening filter.
 Filter packets going in both directions
 Header information is used for filtering ( e.g, Protocol number,
source and destination IP, source and destination port numbers,
etc.)
 Stateless: each IP packet is examined isolated from what has
happened in the past
 The packet filter is typically set up as a list of rules based on
matches to fields in the IP or TCP header.
 Often implemented by a router (screening router)

Security Mechanisms
Types firewalls
1
Placing a simple router (or
similar hardware) between
internal network and
“outside”
Allow/prohibit packets from
certain services
Private Network
Packet
Filter
Outside
Packet-level
rules

Security Mechanisms
Types firewalls
1
 Advantages of Packet
Filtering
 Does not change the
traffic flow or
characteristics –passes
it through or doesn’t
 Simple
 Cheap
 Flexible: filtering is
based on current rules
 Disadvantages of Packet
Filtering
– Direct communication
between multiple hosts and
internal network
– Unsophisticated (protects
against simple attacks)
– Calibrating rule set may be
tricky
– Limited auditing
– Single point of failure

Security Mechanisms
Types firewalls
1
 STATEFUL PACKET FILTERS(DYNAMIC PACKET FILTER)
 Called Stateful Inspection or Dynamic Packet Filtering
 Traditional packet filters do not examine higher layer
context
 i.e matching return packets with outgoing flow
 Stateful packet filters address this need
 They examine each IP packet in context
 Keep track of client-server sessions
 Check each packet validly belongs to one
 Hence are better able to detect bogus packets out of
context
 Maintains a history of previously seen packets to make better
decisions about current and future packets

Security Mechanisms
Types firewalls
1
 STATEFUL PACKET FILTERS(DYNAMIC PACKET FILTER)

Security Mechanisms
Types firewalls
1
APPLICATION-LEVEL GATEWAY(OR PROXY SERVER)
• Also called proxy server
• Works at the application layer  must understand and implement
application protocol
• Acts as a transmitter of application-level traffic

Security Mechanisms
Types firewalls
1
 Has full access to protocol
 user requests service from proxy
 proxy validates request as legal
 then actions request and returns result to user
 Simple flow:
• Client → ALG (proxy & inspection) → Server → ALG →
Client
 Need separate proxies for each service
 E.g., SMTP (E-Mail)
 NNTP (Net news)
 DNS (Domain Name System)
 NTP (Network Time Protocol)

Security Mechanisms
Types firewalls
1
 Advantages: by permitting application traffic directly to internal
hosts
 Information hiding: names of internal systems are not known to outside
systems
 Can limit capabilities within an application
 Robust authentication and logging: application traffic can be pre-
authenticated before reaching host and can be logged
 Cost effective: third-party software and hardware for authentication and
logging only on gateway
 Less-complex filtering rules for packet filtering routers: need to check only
destination
 Most secure

Security Mechanisms
Types firewalls
1
 Disadvantages:
 Keeping up with new applications
 Need to know all aspects of protocols
 May need to modify application
client/protocols

Security Mechanisms
Types firewalls
1
CIRCUIT-LEVEL GATEWAY
 Works at the transport layer
 Stand-alone system or Specialized function
performed by an Application-level Gateway.

Security Mechanisms
Types firewalls
1
 Is basically a generic proxy server for TCP
 Works like an application-level gateway, but at a lower level
 Helps in providing the security between UDP and TCP using
the connection
 It also acts as a handshaking device between trusted client or
servers to untrusted hosts and vise versa.

Security Mechanisms
Types firewalls
1
 Advantages:
 Don’t need a separate
proxy server for each
application
 Provides an option for
applications for which
proxy servers don’t yet
exist
 Simpler to implement
than application specific
proxy servers
 Disadvantages:
 No knowledge of higher level
protocols – can’t scan for
active content or disallowed
commands
 Can only handle TCP
connections – new extensions
proposed for UDP
 Proprietary packages, TCP/IP
stacks must be modified by
vendor to use circuit-level
gateways

Security Mechanisms
What is VPN
3
 A VPN is a private connection over an open
network
 VPNs extend corporate networks to remote
offices, mobile users, telecommuters and other
extranet partners.
 Basic functions include:
 Authentication – validates that the data was sent
from the sender.
 Access control – limiting unauthorized users from
accessing the network.
 Confidentiality – preventing the data to be read or
copied as the data is being transported.
 Data Integrity – ensuring that the data has not been
altered
Acme
Corp Site 2
Acme Corp
Site 1

Security Mechanisms
Types of VPN
3
 Remote access VPNs
 Establish secure, encrypted connections
between mobile or remote users and their
corporate networks via a third-party
network, such as a Internet Service
Provider(ISP)
 VPN client – software, hardware as well as
router, or firewall based solutions
available.
 Reduced cost of long distance access calls
and internal equipment inventory

Security Mechanisms
Types of VPN
3
 Site-to-Site VPNs
 are an alternative WAN
infrastructure that used to connect
branch offices, home offices, or
business partners' sites to all or
portions of a company's network.
 Intranet VPNs provide full access to
company’s network

Security Mechanisms
Types of VPN
3
Site-to-Site VPNs
 Extranet VPNS provide
business partners with
limited access to a
company’s network

Security Mechanisms
Overview of IDS/IPS
4
 Intrusion
• A set of actions aimed at compromising the security goals
(confidentiality, integrity, availability of a
computing/networking resource)
 Intrusion detection
• The process of identifying and responding to intrusion
activities
• Detects and alerts only
• Passive response (logs/alerts)
 Intrusion prevention
• The process of both detecting intrusion activities and
managing responsive actions throughout the network
• Detects and blocks traffic
• Active response (blocks/prevents)

Security Mechanisms
Components of Intrusion Detection System
4

Security Mechanisms
Thank You

Chapter 5 Security Mechanisms iin computer security.pdf

More Related Content

What's hot

Similar to Chapter 5 Security Mechanisms iin computer security.pdf

More from Getnet Tigabie Askale -(GM)

Recently uploaded

Chapter 5 Security Mechanisms iin computer security.pdf