SlideShare a Scribd company logo

How Computers Communicate, Internet Protocols (IP) and Firewalls

Download as PPTX, PDF
Devolutions
Devolutions

The document discusses how computers communicate over the internet using the Internet Protocol (IP). IP breaks data into packets that contain source and destination addresses and sends them over conduits. Each conduit can carry up to 65535 channels called ports. Firewalls were created to regulate this traffic and protect networks by allowing or denying packets based on complex rulesets that examine source/destination addresses and ports. Firewalls act like efficient mail sorting facilities that apply rules to determine if packets should be accepted or dropped.

1 of 39
Knowledge Base How computers communicate, Internet Protocol (IP) and Firewalls
 Most computer to computer communications use the Internet Protocol (IP). How computers communicate
 Most computer to computer communications use the Internet Protocol (IP).  This basically sends data information cut up in chunks. We call these Packets. How computers communicate
 Most computer to computer communications use the Internet Protocol (IP).  This basically sends data information cut up in chunks. We call these Packets.  Each Packet is identified with both the source and the destination addresses. You can therefore think of them as a shipping box containing a message. How computers communicate
 In the IP protocol, each computer has it’s own address. How computers communicate
 But the Internet is a network… of networks!  Billions of addresses are in play, making for a complex environment. How computers communicate
 There are tons of mechanisms in place to manage addresses, but ultimately we can make abstraction of that and concentrate on the fact that a computer can communicate with another when its address is known. How computers communicate
 But the address is just that, an address. What’s extremely important in IP is the conduit. How computers communicate
 But the address is just that, an address. What’s extremely important in IP is the conduit.  The conduit can carry a lot of information to an address, and we mean a lot! How computers communicate
 But the address is just that, an address. What’s extremely important in IP is the conduit.  The conduit can carry a lot of information to an address, and we mean a lot!  A good analogy can be made with Cable Television. A single cable (conduit) can carry many channels to your house. How computers communicate
 But the address is just that, an address. What’s extremely important in IP is the conduit.  The conduit can carry a lot of information to an address, and we mean a lot!  A good analogy can be made with Cable Television. A single cable (conduit) can carry many channels to your house.  In fact, in the IP protocol there are 65535 channels! We call them Ports. How computers communicate
 So we have packets of information, being sent from one computer to another. How computers communicate
 So we have packets of information, being sent from one computer to another.  Travelling on a conduit allowing for 65535 “channels”. How computers communicate
 This is one channel, receiving a flow of packets… How computers communicate
 This is one channel, receiving a flow of packets…  Now just imagine 65535 channels… How computers communicate
 Going back to our previous diagram, we see two networks connected to the Internet. Malicious users
 But the Internet is not just composed of nice people, hackers are either trying to infect your computer with viruses, or to get access to your data Malicious users
 This is why firewalls were created, a mechanism was needed to allow only authorized traffic into your company’s network. Firewalls
 This is why firewalls were created, a mechanism was needed to allow only authorized traffic into your company’s network.  They are often depicted by a nice brick wall, but the analogy is misleading. Firewalls
 We must allow some traffic through… Firewalls
 …while rejecting most of the rest Firewalls
 Really not how we see a brick wall, is it? Firewalls
 Its much better to visualize the firewall as a mail sorting facility, but with a highly regulated flow. Firewalls
 Its much better to visualize the firewall as a mail sorting facility, but with a highly regulated flow.  You can create rules for any of the 65535 ports. Firewalls
 Its much better to visualize the firewall as a mail sorting facility, but with a highly regulated flow.  You can create rules for any of the 65535 ports.  There rules can restrict source AND destination addresses. Firewalls
 Let’s say that you do not want any packet destined to port 21 to go through the firewall, you would have a rule like: Firewalls Port From To Action 21 * * DENY
 Let’s say that you do not want any packet destined to port 21 to go through the firewall, you would have a rule like:  The stars indicate that any address will match this rule. Firewalls Port From To Action 21 * * DENY
 Let’s say that you want to allow your users to browse the internet (incidentally, this uses port 80), you would have a rule like Firewalls Port From To Action 80 LOCAL * ALLOW
 Let’s say that you want to allow your users to browse the internet (incidentally, this uses port 80), you would have a rule like  In this case, the LOCAL keyword indicates that all of your local addresses are allowed. Meaning the addresses of your company’s computers. Firewalls Port From To Action 80 LOCAL * ALLOW
 So imagine a huge table of rules… Firewalls Port From To Action 21 * * DENY 80 LOCAL * ALLOW 115 * * DENY 3389 LOCAL * ALLOW 22 LOCAL * ALLOW 443 LOCAL * ALLOW 8181 EXTERNAL 192.168.10.10 ALLOW * 192.168.10.1 * DENY 34534 EXTERNAL 192.168.10.234 ALLOW 80 LOCAL facebook.com DENY 443 LOCAL facebook.com DENY 80 LOCAL pinterest.com DENY 443 LOCAL pinterest.com DENY 80 LOCAL ad.doubliclick.net DENY 443 LOCAL ad.doubliclick.net DENY 54322 EXTERNAL 192.189.10.199 ALLOW 22 LOCAL 165,10,23,33 ALLOW 1433 LOCAL 165,10.23.33 ALLOW 20222 EXTERNAL 192.168.10.143 ALLOW
 …and imagine a really efficient mail sorter Firewalls
 …and imagine a really efficient mail sorter  Looking at each packet  Source address…  Destination address…  Port… Firewalls
 …and imagine a really efficient mail sorter  Looking at each packet  Source address…  Destination address…  Port…  Searching for rules for that port in the rule table Firewalls
 …and imagine a really efficient mail sorter  Looking at each packet  Source address…  Destination address…  Port…  Searching for rules for that port in the rule table  Then ruthlessly applying the decision, for the Deny rules, it just drops the packet Firewalls
 So firewalls are that big mail sorting facility Firewalls
 So firewalls are that big mail sorting facility  Allowing some traffic to go through Firewalls
 So firewalls are that big mail sorting facility  Allowing some traffic to go through  But protecting you by dropping packets that may have been sent by malicious users Firewalls
 So firewalls are that big mail sorting facility  Allowing some traffic to go through  But protecting you by dropping packets that may have been sent by malicious users  If you need to go through a firewall to perform some work, you may have to use a Virtual Private Network (VPN), please consult our presentation on that subject. Firewalls
Visit us at: devolutions.net Devolutions is the creator of Remote Desktop Manager, a tool to manage remote access technologies, credentials, and VPNs.

Recommended

Ip addressing comp
Ip addressing compIp addressing comp
Ip addressing comp
safi Ullah
 
Lecture9
Lecture9Lecture9
Lecture9Vedpal Yadav
 
The internet
The internetThe internet
The internet
William Furminger
 
Ip addressing
Ip addressingIp addressing
Ip addressing
Mansour Naslcheraghi
 
IP address and Domain name
IP address and Domain nameIP address and Domain name
IP address and Domain name
University of Technology - Iraq
 
Networking Basics
Networking Basics Networking Basics
Networking Basics
lokeshw24
 
IP Addressing
IP AddressingIP Addressing
IP Addressing
Johnson Ubah
 
Assignment subnetting part1 - solutions
Assignment subnetting part1 - solutionsAssignment subnetting part1 - solutions
Assignment subnetting part1 - solutions
AnhMai173354
 

Recommended

Ip addressing comp
Ip addressing compIp addressing comp
Ip addressing comp
safi Ullah
 
Lecture9
Lecture9Lecture9
Lecture9Vedpal Yadav
 
The internet
The internetThe internet
The internet
William Furminger
 
Ip addressing
Ip addressingIp addressing
Ip addressing
Mansour Naslcheraghi
 
IP address and Domain name
IP address and Domain nameIP address and Domain name
IP address and Domain name
University of Technology - Iraq
 
Networking Basics
Networking Basics Networking Basics
Networking Basics
lokeshw24
 
IP Addressing
IP AddressingIP Addressing
IP Addressing
Johnson Ubah
 
Assignment subnetting part1 - solutions
Assignment subnetting part1 - solutionsAssignment subnetting part1 - solutions
Assignment subnetting part1 - solutions
AnhMai173354
 
Subnetting assignment 1
Subnetting assignment 1Subnetting assignment 1
Subnetting assignment 1
Drewshallperish
 
IP fundamentals
IP fundamentals IP fundamentals
IP fundamentals sumit singh
 
Ip addressing upload
Ip addressing uploadIp addressing upload
Ip addressing upload
Debasis Dwibedy
 
iP Address ,
iP Address , iP Address ,
iP Address ,
Er Bhagat Sharma
 
IPv4 addressing and subnetting
IPv4 addressing and subnettingIPv4 addressing and subnetting
IPv4 addressing and subnetting
Shashank Asthana
 
Computer network
Computer network Computer network
Computer network
RinkuNahar
 
Ip and mac address
Ip and mac address Ip and mac address
Ip and mac address
MH Shihab
 
Routers
RoutersRouters
Routersricsanmae
 
Cn ipv4 addressing
Cn ipv4 addressingCn ipv4 addressing
Cn ipv4 addressing
SangeethaSasi1
 
Expl net fund_chapter_06_i_pv4_part_1
Expl net fund_chapter_06_i_pv4_part_1Expl net fund_chapter_06_i_pv4_part_1
Expl net fund_chapter_06_i_pv4_part_1
kurtmctaggart
 
Subnetting
SubnettingSubnetting
Subnettingashiesh0007
 
Expl net fund_chapter_06_i_pv4_part_3
Expl net fund_chapter_06_i_pv4_part_3Expl net fund_chapter_06_i_pv4_part_3
Expl net fund_chapter_06_i_pv4_part_3
kurtmctaggart
 
Subnetting
SubnettingSubnetting
Subnettingswascher
 
Unit 9 Research Paper
Unit 9 Research PaperUnit 9 Research Paper
Unit 9 Research PaperElizabeth Nunez
 
Expl net fund_chapter_06_i_pv4_part_2
Expl net fund_chapter_06_i_pv4_part_2Expl net fund_chapter_06_i_pv4_part_2
Expl net fund_chapter_06_i_pv4_part_2
kurtmctaggart
 
Ip addresses
Ip addressesIp addresses
Ip addressesAsif
 
Subnetting
SubnettingSubnetting
SubnettingSajedul Islam Chy
 
Basics of IP Addressing
Basics of IP AddressingBasics of IP Addressing
Basics of IP Addressing
Kushal Sheth
 
Subnetting
SubnettingSubnetting
Subnetting
selvakumar_b1985
 
Subnetting
SubnettingSubnetting
Subnetting
Fredrick Hall
 
Virtual Private Network (VPN)
Virtual Private Network (VPN)Virtual Private Network (VPN)
Virtual Private Network (VPN)
Devolutions
 
Zombie Virus Preparedness Kit
Zombie Virus Preparedness KitZombie Virus Preparedness Kit
Zombie Virus Preparedness Kit
Kamal Patel
 

More Related Content

What's hot

Subnetting assignment 1
Subnetting assignment 1Subnetting assignment 1
Subnetting assignment 1
Drewshallperish
 
IP fundamentals
IP fundamentals IP fundamentals
IP fundamentals sumit singh
 
Ip addressing upload
Ip addressing uploadIp addressing upload
Ip addressing upload
Debasis Dwibedy
 
iP Address ,
iP Address , iP Address ,
iP Address ,
Er Bhagat Sharma
 
IPv4 addressing and subnetting
IPv4 addressing and subnettingIPv4 addressing and subnetting
IPv4 addressing and subnetting
Shashank Asthana
 
Computer network
Computer network Computer network
Computer network
RinkuNahar
 
Ip and mac address
Ip and mac address Ip and mac address
Ip and mac address
MH Shihab
 
Cn ipv4 addressing
Cn ipv4 addressingCn ipv4 addressing
Cn ipv4 addressing
SangeethaSasi1
 
Expl net fund_chapter_06_i_pv4_part_1
Expl net fund_chapter_06_i_pv4_part_1Expl net fund_chapter_06_i_pv4_part_1
Expl net fund_chapter_06_i_pv4_part_1
kurtmctaggart
 
Expl net fund_chapter_06_i_pv4_part_3
Expl net fund_chapter_06_i_pv4_part_3Expl net fund_chapter_06_i_pv4_part_3
Expl net fund_chapter_06_i_pv4_part_3
kurtmctaggart
 
Subnetting
SubnettingSubnetting
Subnettingswascher
 
Expl net fund_chapter_06_i_pv4_part_2
Expl net fund_chapter_06_i_pv4_part_2Expl net fund_chapter_06_i_pv4_part_2
Expl net fund_chapter_06_i_pv4_part_2
kurtmctaggart
 
Ip addresses
Ip addressesIp addresses
Ip addressesAsif
 
Basics of IP Addressing
Basics of IP AddressingBasics of IP Addressing
Basics of IP Addressing
Kushal Sheth
 
Subnetting
SubnettingSubnetting
Subnetting
selvakumar_b1985
 
Subnetting
SubnettingSubnetting
Subnetting
Fredrick Hall
 

What's hot (20)

Subnetting assignment 1
Subnetting assignment 1Subnetting assignment 1
Subnetting assignment 1
 
IP fundamentals
IP fundamentals IP fundamentals
IP fundamentals
 
Ip addressing upload
Ip addressing uploadIp addressing upload
Ip addressing upload
 
iP Address ,
iP Address , iP Address ,
iP Address ,
 
IPv4 addressing and subnetting
IPv4 addressing and subnettingIPv4 addressing and subnetting
IPv4 addressing and subnetting
 
Computer network
Computer network Computer network
Computer network
 
Ip and mac address
Ip and mac address Ip and mac address
Ip and mac address
 
Routers
RoutersRouters
Routers
 
Cn ipv4 addressing
Cn ipv4 addressingCn ipv4 addressing
Cn ipv4 addressing
 
Expl net fund_chapter_06_i_pv4_part_1
Expl net fund_chapter_06_i_pv4_part_1Expl net fund_chapter_06_i_pv4_part_1
Expl net fund_chapter_06_i_pv4_part_1
 
Subnetting
SubnettingSubnetting
Subnetting
 
Expl net fund_chapter_06_i_pv4_part_3
Expl net fund_chapter_06_i_pv4_part_3Expl net fund_chapter_06_i_pv4_part_3
Expl net fund_chapter_06_i_pv4_part_3
 
Subnetting
SubnettingSubnetting
Subnetting
 
Unit 9 Research Paper
Unit 9 Research PaperUnit 9 Research Paper
Unit 9 Research Paper
 
Expl net fund_chapter_06_i_pv4_part_2
Expl net fund_chapter_06_i_pv4_part_2Expl net fund_chapter_06_i_pv4_part_2
Expl net fund_chapter_06_i_pv4_part_2
 
Ip addresses
Ip addressesIp addresses
Ip addresses
 
Subnetting
SubnettingSubnetting
Subnetting
 
Basics of IP Addressing
Basics of IP AddressingBasics of IP Addressing
Basics of IP Addressing
 
Subnetting
SubnettingSubnetting
Subnetting
 
Subnetting
SubnettingSubnetting
Subnetting
 

Viewers also liked

Virtual Private Network (VPN)
Virtual Private Network (VPN)Virtual Private Network (VPN)
Virtual Private Network (VPN)
Devolutions
 
Zombie Virus Preparedness Kit
Zombie Virus Preparedness KitZombie Virus Preparedness Kit
Zombie Virus Preparedness Kit
Kamal Patel
 
Computer virus
Computer virusComputer virus
Computer virus
Mark Anthony Maranga
 
Firewalls Security – Features and Benefits
Firewalls Security – Features and BenefitsFirewalls Security – Features and Benefits
Firewalls Security – Features and Benefits
Anthony Daniel
 
Computer virus 1
Computer virus 1Computer virus 1
Computer virus 1
wargames12
 
Firewall
Firewall Firewall
Firewall
Amuthavalli Nachiyar
 
Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)ainizbahari97
 
Computer Virus powerpoint presentation
Computer Virus powerpoint presentationComputer Virus powerpoint presentation
Computer Virus powerpoint presentation
shohrabkhan
 

Viewers also liked (8)

Virtual Private Network (VPN)
Virtual Private Network (VPN)Virtual Private Network (VPN)
Virtual Private Network (VPN)
 
Zombie Virus Preparedness Kit
Zombie Virus Preparedness KitZombie Virus Preparedness Kit
Zombie Virus Preparedness Kit
 
Computer virus
Computer virusComputer virus
Computer virus
 
Firewalls Security – Features and Benefits
Firewalls Security – Features and BenefitsFirewalls Security – Features and Benefits
Firewalls Security – Features and Benefits
 
Computer virus 1
Computer virus 1Computer virus 1
Computer virus 1
 
Firewall
Firewall Firewall
Firewall
 
Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)
 
Computer Virus powerpoint presentation
Computer Virus powerpoint presentationComputer Virus powerpoint presentation
Computer Virus powerpoint presentation
 

Similar to How Computers Communicate, Internet Protocols (IP) and Firewalls

Internet Infrastructure 26 Jan 2004 3
Internet Infrastructure 26 Jan 2004 3Internet Infrastructure 26 Jan 2004 3
Internet Infrastructure 26 Jan 2004 3
Khawar Nehal khawar.nehal@atrc.net.pk
 
TCP/IP For Engineers
TCP/IP For EngineersTCP/IP For Engineers
TCP/IP For Engineers
Leif Bloomquist
 
Ip, subnet, gateway and routers
Ip, subnet, gateway and routersIp, subnet, gateway and routers
Ip, subnet, gateway and routersAdrian Suarez
 
ffuyu yguyguyg.pptx
ffuyu yguyguyg.pptxffuyu yguyguyg.pptx
ffuyu yguyguyg.pptx
vishweshbhat4
 
Cyber security and ethical hacking 3
Cyber security and ethical hacking 3Cyber security and ethical hacking 3
Cyber security and ethical hacking 3
Mehedi Hasan
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
Neel Kamal
 
Design of a campus network
Design of a campus networkDesign of a campus network
Design of a campus network
Aalap Tripathy
 
Cn lab-manual
Cn lab-manualCn lab-manual
Cn lab-manual
Anil Kumar
 
Cn lab-manual
Cn lab-manualCn lab-manual
Cn lab-manual
Kavitabani1
 
How Does The Internet Work? : Notes
How Does The Internet Work? : NotesHow Does The Internet Work? : Notes
How Does The Internet Work? : Notes
Subhajit Sahu
 
Lesson4.9 b u4l3 ip addresses
Lesson4.9 b u4l3 ip addressesLesson4.9 b u4l3 ip addresses
Lesson4.9 b u4l3 ip addresses
Lexume1
 
Network security
Network securityNetwork security
Network security
syed mehdi raza
 
Small office Home office , network setup in details
Small office Home office , network setup in detailsSmall office Home office , network setup in details
Small office Home office , network setup in details
apel7
 
Ipv4 & ipv6
Ipv4 & ipv6Ipv4 & ipv6
Ipv4 & ipv6
urooj ehsan
 
SOHO Network Setup Tutorial
SOHO Network Setup Tutorial SOHO Network Setup Tutorial
SOHO Network Setup Tutorial
junaidahmedsaba
 
Supportive Security Policies in SOHOTopic SUPPORTIVE SECURI.docx
Supportive Security Policies in SOHOTopic SUPPORTIVE SECURI.docxSupportive Security Policies in SOHOTopic SUPPORTIVE SECURI.docx
Supportive Security Policies in SOHOTopic SUPPORTIVE SECURI.docx
picklesvalery
 

Similar to How Computers Communicate, Internet Protocols (IP) and Firewalls (20)

Internet Infrastructure 26 Jan 2004 3
Internet Infrastructure 26 Jan 2004 3Internet Infrastructure 26 Jan 2004 3
Internet Infrastructure 26 Jan 2004 3
 
TCP/IP For Engineers
TCP/IP For EngineersTCP/IP For Engineers
TCP/IP For Engineers
 
Ip, subnet, gateway and routers
Ip, subnet, gateway and routersIp, subnet, gateway and routers
Ip, subnet, gateway and routers
 
Firewall
FirewallFirewall
Firewall
 
class12_Networking2
class12_Networking2class12_Networking2
class12_Networking2
 
ffuyu yguyguyg.pptx
ffuyu yguyguyg.pptxffuyu yguyguyg.pptx
ffuyu yguyguyg.pptx
 
Cyber security and ethical hacking 3
Cyber security and ethical hacking 3Cyber security and ethical hacking 3
Cyber security and ethical hacking 3
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Design of a campus network
Design of a campus networkDesign of a campus network
Design of a campus network
 
IP-Subnetworking
IP-SubnetworkingIP-Subnetworking
IP-Subnetworking
 
Cn lab-manual
Cn lab-manualCn lab-manual
Cn lab-manual
 
Cn lab-manual
Cn lab-manualCn lab-manual
Cn lab-manual
 
How Does The Internet Work? : Notes
How Does The Internet Work? : NotesHow Does The Internet Work? : Notes
How Does The Internet Work? : Notes
 
Lesson4.9 b u4l3 ip addresses
Lesson4.9 b u4l3 ip addressesLesson4.9 b u4l3 ip addresses
Lesson4.9 b u4l3 ip addresses
 
Network security
Network securityNetwork security
Network security
 
Small office Home office , network setup in details
Small office Home office , network setup in detailsSmall office Home office , network setup in details
Small office Home office , network setup in details
 
3.Network
3.Network3.Network
3.Network
 
Ipv4 & ipv6
Ipv4 & ipv6Ipv4 & ipv6
Ipv4 & ipv6
 
SOHO Network Setup Tutorial
SOHO Network Setup Tutorial SOHO Network Setup Tutorial
SOHO Network Setup Tutorial
 
Supportive Security Policies in SOHOTopic SUPPORTIVE SECURI.docx
Supportive Security Policies in SOHOTopic SUPPORTIVE SECURI.docxSupportive Security Policies in SOHOTopic SUPPORTIVE SECURI.docx
Supportive Security Policies in SOHOTopic SUPPORTIVE SECURI.docx
 

Recently uploaded

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 

Recently uploaded (20)

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 

How Computers Communicate, Internet Protocols (IP) and Firewalls

  • 2.  Most computer to computer communications use the Internet Protocol (IP). How computers communicate
  • 3.  Most computer to computer communications use the Internet Protocol (IP).  This basically sends data information cut up in chunks. We call these Packets. How computers communicate
  • 4.  Most computer to computer communications use the Internet Protocol (IP).  This basically sends data information cut up in chunks. We call these Packets.  Each Packet is identified with both the source and the destination addresses. You can therefore think of them as a shipping box containing a message. How computers communicate
  • 5.  In the IP protocol, each computer has it’s own address. How computers communicate
  • 6.  But the Internet is a network… of networks!  Billions of addresses are in play, making for a complex environment. How computers communicate
  • 7.  There are tons of mechanisms in place to manage addresses, but ultimately we can make abstraction of that and concentrate on the fact that a computer can communicate with another when its address is known. How computers communicate
  • 8.  But the address is just that, an address. What’s extremely important in IP is the conduit. How computers communicate
  • 9.  But the address is just that, an address. What’s extremely important in IP is the conduit.  The conduit can carry a lot of information to an address, and we mean a lot! How computers communicate
  • 10.  But the address is just that, an address. What’s extremely important in IP is the conduit.  The conduit can carry a lot of information to an address, and we mean a lot!  A good analogy can be made with Cable Television. A single cable (conduit) can carry many channels to your house. How computers communicate
  • 11.  But the address is just that, an address. What’s extremely important in IP is the conduit.  The conduit can carry a lot of information to an address, and we mean a lot!  A good analogy can be made with Cable Television. A single cable (conduit) can carry many channels to your house.  In fact, in the IP protocol there are 65535 channels! We call them Ports. How computers communicate
  • 12.  So we have packets of information, being sent from one computer to another. How computers communicate
  • 13.  So we have packets of information, being sent from one computer to another.  Travelling on a conduit allowing for 65535 “channels”. How computers communicate
  • 14.  This is one channel, receiving a flow of packets… How computers communicate
  • 15.  This is one channel, receiving a flow of packets…  Now just imagine 65535 channels… How computers communicate
  • 16.  Going back to our previous diagram, we see two networks connected to the Internet. Malicious users
  • 17.  But the Internet is not just composed of nice people, hackers are either trying to infect your computer with viruses, or to get access to your data Malicious users
  • 18.  This is why firewalls were created, a mechanism was needed to allow only authorized traffic into your company’s network. Firewalls
  • 19.  This is why firewalls were created, a mechanism was needed to allow only authorized traffic into your company’s network.  They are often depicted by a nice brick wall, but the analogy is misleading. Firewalls
  • 20.  We must allow some traffic through… Firewalls
  • 21.  …while rejecting most of the rest Firewalls
  • 22.  Really not how we see a brick wall, is it? Firewalls
  • 23.  Its much better to visualize the firewall as a mail sorting facility, but with a highly regulated flow. Firewalls
  • 24.  Its much better to visualize the firewall as a mail sorting facility, but with a highly regulated flow.  You can create rules for any of the 65535 ports. Firewalls
  • 25.  Its much better to visualize the firewall as a mail sorting facility, but with a highly regulated flow.  You can create rules for any of the 65535 ports.  There rules can restrict source AND destination addresses. Firewalls
  • 26.  Let’s say that you do not want any packet destined to port 21 to go through the firewall, you would have a rule like: Firewalls Port From To Action 21 * * DENY
  • 27.  Let’s say that you do not want any packet destined to port 21 to go through the firewall, you would have a rule like:  The stars indicate that any address will match this rule. Firewalls Port From To Action 21 * * DENY
  • 28.  Let’s say that you want to allow your users to browse the internet (incidentally, this uses port 80), you would have a rule like Firewalls Port From To Action 80 LOCAL * ALLOW
  • 29.  Let’s say that you want to allow your users to browse the internet (incidentally, this uses port 80), you would have a rule like  In this case, the LOCAL keyword indicates that all of your local addresses are allowed. Meaning the addresses of your company’s computers. Firewalls Port From To Action 80 LOCAL * ALLOW
  • 30.  So imagine a huge table of rules… Firewalls Port From To Action 21 * * DENY 80 LOCAL * ALLOW 115 * * DENY 3389 LOCAL * ALLOW 22 LOCAL * ALLOW 443 LOCAL * ALLOW 8181 EXTERNAL 192.168.10.10 ALLOW * 192.168.10.1 * DENY 34534 EXTERNAL 192.168.10.234 ALLOW 80 LOCAL facebook.com DENY 443 LOCAL facebook.com DENY 80 LOCAL pinterest.com DENY 443 LOCAL pinterest.com DENY 80 LOCAL ad.doubliclick.net DENY 443 LOCAL ad.doubliclick.net DENY 54322 EXTERNAL 192.189.10.199 ALLOW 22 LOCAL 165,10,23,33 ALLOW 1433 LOCAL 165,10.23.33 ALLOW 20222 EXTERNAL 192.168.10.143 ALLOW
  • 31.  …and imagine a really efficient mail sorter Firewalls
  • 32.  …and imagine a really efficient mail sorter  Looking at each packet  Source address…  Destination address…  Port… Firewalls
  • 33.  …and imagine a really efficient mail sorter  Looking at each packet  Source address…  Destination address…  Port…  Searching for rules for that port in the rule table Firewalls
  • 34.  …and imagine a really efficient mail sorter  Looking at each packet  Source address…  Destination address…  Port…  Searching for rules for that port in the rule table  Then ruthlessly applying the decision, for the Deny rules, it just drops the packet Firewalls
  • 35.  So firewalls are that big mail sorting facility Firewalls
  • 36.  So firewalls are that big mail sorting facility  Allowing some traffic to go through Firewalls
  • 37.  So firewalls are that big mail sorting facility  Allowing some traffic to go through  But protecting you by dropping packets that may have been sent by malicious users Firewalls
  • 38.  So firewalls are that big mail sorting facility  Allowing some traffic to go through  But protecting you by dropping packets that may have been sent by malicious users  If you need to go through a firewall to perform some work, you may have to use a Virtual Private Network (VPN), please consult our presentation on that subject. Firewalls
  • 39. Visit us at: devolutions.net Devolutions is the creator of Remote Desktop Manager, a tool to manage remote access technologies, credentials, and VPNs.

Editor's Notes

  1. Maybe have a small version of the envelope used in a later slide
  2. Replace blackhat image with an original one