A firewall is hardware or software that inspects network traffic and allows or denies passage based on rules. It provides security between networks and protects local systems from network threats while allowing internet access. Firewalls can filter packets, monitor security events, and implement VPNs. They are limited as they cannot protect against all threats, like attacks that bypass the firewall or internal threats. Firewalls are classified by the protocol level they control, including packet filtering, circuit gateways, and application gateways.

1. 1
PREPARED BY :- Shingala Nilkanth
Bhaskar Jigar
Sardhara Piyush
1

2. What is Firewall
• A firewall is a dedicated hardware, or software or a
combination of both, which inspects network traffic
passing through it, and denies or permits passage based
on a set of rules.
• As the name implies, a firewall acts to provide
secured access between two networks.
• Effective means of protection a local system or
network of systems from network-based security
threats while affording access to the outside world
via WAN`s or the Internet.
22

3. Firewall Capabilities
• A firewall defines a single choke point that keeps
unauthorized users out the protected network……..
• A firewall provides a location for monitoring
security-related events. Audits and alarms can be
implemented on the firewall system.
• A firewall is a convenient platform for several
Internet functions that are not security related.
• A firewall can serve as the platform for IPSec.
Using the tunnel mode capability, the firewall can
be used to implement virtual private network.
33

4. Firewall Limitation
• The firewall can not protect against attacks that
bypass the firewall (dial-up…).
• The firewall does not protect against internal
threats.
• The firewall can not protect against the transfer of
virus-infected programs or files.
44

5. Features of Firewall
• Port Control
• Network Address Translation
• Application Monitoring (Program Control)
• Packet Filtering
• Data encryption
• Hiding presence
• e-mail virus protection
• Pop-up ad blocking
• Cookie digestion
• Spy ware protection
55

6. Classification of Firewall
Characterized by protocol level it controls in
• Packet filtering
• Circuit gateways
• Application gateways
66

7. Packet Filtering
77

8. Continues….
– Applies a set of rules to each incoming IP
packet and then forwards or discards the
packet
– Filter packets going in both directions
– The packet filter is typically set up as a list of
rules based on matches to fields in the IP or
TCP header
88

9. Continues….
• Advantages:
– Simplicity
– Transparency to users
– High speed
• Disadvantages:
– Difficulty of setting up packet filter rules
– Lack of Authentication
99

10. Circuit gateways
10

11. Continues….
 Unlike a packet filtering firewall, a circuit-level
gateway does not examine individual packets.
Instead, circuit-level gateways monitor TCP or
UDP sessions.
 Once a session has been established, it leaves the
port open to allow all other packets belonging to
that session to pass.
 The port is closed when the session is
terminated.
11

12. Application Gateway
12

13. Continues….
 Also called proxy server
 Acts as a relay of application-level traffic
 The application gateway/proxy acts as an
intermediary between the two endpoints.
 This packet screening method actually breaks the
client/server model in that two connections are
required: one from the source to the
gateway/proxy and one from the gateway/proxy
to the destination.
13

14. Continues….
• Advantages:
– Higher security than packet filters
– Only need to scrutinize a few allowable
applications
– Easy to log and audit all incoming traffic
• Disadvantages:
– Additional processing overhead on each
connection (gateway as splice point)
14

15. 15