Uploaded bySerpent6
179 views

Network Security Unit 5.pdf for BCA BBA.

-

Embed presentation

Download to read offline
Unit 5: System Security
What are Intruders in Network Security? Intruders are often referred to as hackers and are the most harmful factors contributing to security vulnerability. They have immense knowledge and an in-depth understanding of technology and security. Intruders breach the privacy of users and aim to steal the confidential information of the users. The stolen information is then sold to third parties, aiming to misuse it for personal or professional gains.
Types of Intruders ● Masquerader: The category of individuals that are not authorized to use the system but still exploit users' privacy and confidential information by possessing techniques that give them control over the system, such category of intruders is referred to as Masquerader. Masqueraders are outsiders and hence they don't have direct access to the system, they aim to attack unethically to steal data. ● Misfeasor: The category of individuals that are authorized to use the system, but misuse the granted access and privilege. These are individuals that take undue advantage of the permissions and access given to them, such category of intruders is referred to as Misfeasor. Misfeasors are insiders and they have direct access to the system, which they aim to attack unethically for stealing data/ information. ● Clandestine User: The category of individuals who have supervision/administrative control over the system and misuse the authoritative power given to them. The misconduct of power is often done by superlative authorities for financial gains, such a category of intruders is referred to as Clandestine Users. A Clandestine User can be any of the two, insiders or outsiders, and accordingly, they can have direct/ indirect access to the system, which they aim to attack unethically by stealing data/ information.
Keeping Intruders Away ● Access Control: Implement strong authentication mechanisms, such as two-factor authentication (2FA) or multi-factor authentication (MFA). Regularly review and update user access permissions to ensure they align with job roles and responsibilities. ● Network Segmentation: Divide your network into segments to limit lateral movement for intruders. For example, separate guest Wi-Fi from internal networks. Use firewalls and access control lists (ACLs) to restrict communication between segments. ● Regular Patching: Keep software, operating systems, and applications up to date. Patch known vulnerabilities promptly. Monitor security advisories and apply patches as soon as they are released. ● Intrusion Detection and Prevention Systems (IDPS): Deploy Intrusion Detection and Prevention Systems (IDPS) solutions to detect and prevent suspicious activities. Set up alerts for any unauthorized access attempts. ● Security Awareness Training: Educate employees about phishing, social engineering, and safe online practices. Regularly conduct security awareness sessions. ● Encryption: Encrypt sensitive data in transit (using protocols like HTTPS) and at rest (using encryption algorithms). Use strong encryption keys and rotate them periodically.
Common Information Security Threats ● Virus: They have the ability to replicate themselves by hooking them to the program on the host computer like songs, videos etc and then they travel all over the Internet. The Creeper Virus was first detected on ARPANET. Examples include File Virus, Macro Virus, Boot Sector Virus, Stealth Virus etc. ● Worms: Worms are also self-replicating in nature but they don't hook themselves to the program on host computer. Biggest difference between virus and worms is that worms are network-aware. They can easily travel from one computer to another if network is available and on the target machine they will not do much harm, they will, for example, consume hard disk space thus slowing down the computer. ● Bots: Bots can be seen as advanced form of worms. They are automated processes that are designed to interact over the internet without the need for human interaction. They can be good or bad. Malicious bot can infect one host and after infecting will create connection to the central server which will provide commands to all infected hosts attached to that network called Botnet.
● Adware: Adware is not exactly malicious but they do breach privacy of the users. They display ads on a computer's desktop or inside individual programs. They come attached with free-to-use software, thus main source of revenue for such developers. They monitor your interests and display relevant ads. An attacker can embed malicious code inside the software and adware can monitor your system activities and can even compromise your machine. ● Spyware: It is a program or we can say software that monitors your activities on computer and reveal collected information to an interested party. Spyware are generally dropped by Trojans, viruses or worms. Once dropped they install themselves and sits silently to avoid detection. One of the most common example of spyware is KEYLOGGER. The basic job of keylogger is to record user keystrokes with timestamp. Thus capturing interesting information like username, passwords, credit card details etc. ● Ransomware: Ransomware is type of malware that will either encrypt your files or will lock your computer making it inaccessible either partially or wholly. Then a screen will be displayed asking for money i.e. ransom in exchange.
● Scareware: It masquerades as a tool to help fix your system but when the software is executed it will infect your system or completely destroy it. The software will display a message to frighten you and force to take some action like pay them to fix your system. ● Rootkits: Rootkits are designed to gain root access or we can say administrative privileges in the user system. Once gained the root access, the exploiter can do anything from stealing private files to private data. ● Zombies - They work similar to Spyware. Infection mechanism is same but they don't spy and steal information rather they wait for the command from hackers.
Information Security Solutions ● Data Security Solutions: These protect sensitive data from unauthorized access. Examples include encryption, access controls, and data loss prevention tools. ● Network Security: Focuses on securing communication channels and devices within a network. Firewalls, intrusion detection systems, and VPNs fall into this category. ● Endpoint Security: Protects individual devices (e.g., laptops, smartphones) from threats. Antivirus software and device management tools are common here. ● Cloud Security: Ensures data security in cloud environments. Encryption, access controls, and monitoring play key roles. ● Identity and Access Management (IAM): Manages user access to systems and data. IAM solutions include single sign-on (SSO) and multi-factor authentication (MFA). ● Security Information and Event Management (SIEM): Security Information and Event Management (SIEM) Collects and analyzes security-related data to detect and respond to threats. ● Physical Security: Protects physical assets (e.g., servers, data centers) through access controls, surveillance, and alarms.
Firewall Design Principles A Firewall is a hardware or software to prevent a private computer or a network of computers from unauthorized access, it acts as a filter to avoid unauthorized users from accessing private computers and networks. It is a vital component of network security. It is the first line of defense for network security. It filters network packets and stops malware from entering the user's computer or network by blocking access and preventing the user from being infected.
Characteristics of Firewall 1. Physical Barrier: A firewall does not allow any external traffic to enter a system or a network without its allowance. A firewall creates a choke point for all the external data trying to enter the system or network and hence can easily block access if needed. 2. Multi-Purpose: A firewall has many functions other than security purposes. It configures domain names and Internet Protocol (IP) addresses. It also acts as a network address translator. It can act as a meter for internet usage. 3. Flexible Security Policies: Different local systems or networks need different security policies. A firewall can be modified according to the requirement of the user by changing its security policies. 4. Security Platform: It provides a platform from which any alert to the issue related to security or fixing issues can be accessed. All the queries related to security can be kept under check from one place in a system or network. 5. Access Handler: Determines which traffic needs to flow first according to priority or can change for a particular network or system. specific action requests may be initiated and allowed to flow through the firewall.
Need and Importance of Firewall Design Principles 1. Different Requirements: Every local network or system has its threats and requirements which needs different structure and devices. All this can only be identified while designing a firewall. Accessing the current security outline of a company can help to create a better firewall design. 2. Outlining Policies: Once a firewall is being designed, a system or network doesn't need to be secure. Some new threats can arise and if we have proper paperwork of policies then the security system can be modified again and the network will become more secure. 3. Identifying Requirements: While designing a firewall data related to threats, devices needed to be integrated, Missing resources, and updating security devices. All the information collected is combined to get the best results. Even if one of these things is misidentified leads to security issues. 4. Setting Restrictions: Every user has limitations to access different level of data or modify it and it needed to be identified and taken action accordingly. After retrieving and processing data, priority is set to people, devices, and applications. 5. Identify Deployment Location: Every firewall has its strengths and to get the most use out of it, we need to deploy each of them at the right place in a system or network. In the case of a packet filter firewall, it needs to be deployed at the edge of your network in between the internal network and web server to get the most out of it.
Firewall Design Principles 1. Developing Security Policy Security policy is a very essential part of firewall design. Security policy is designed according to the requirement of the company or client to know which kind of traffic is allowed to pass. Without a proper security policy, it is impossible to restrict or allow a specific user or worker in a company network or anywhere else. A properly developed security policy also knows what to do in case of a security breach. Without it, there is an increase in risk as there will not be a proper implementation of security solutions. 2. Simple Solution Design If the design of the solution is complex. then it will be difficult to implement it. If the solution is easy. then it will be easier to implement it. A simple design is easier to maintain. we can make upgrades in the simple design according to the new possible threats leaving it with an efficient but more simple structure. The problem that comes with complex designs is a configuration error that opens a path for external attacks.
3. Choosing the Right Device Every network security device has its purpose and its way of implementation. if we use the wrong device for the wrong problem, the network becomes vulnerable. if the outdated device is used for a designing firewall, it exposes the network to risk and is almost useless. Firstly the designing part must be done then the product requirements must be found out, if the product is already available then it is tried to fit in a design that makes security weak. 4. Layered Defense A network defense must be multiple-layered in the modern world because if the security is broken, the network will be exposed to external attacks. Multilayer security design can be set to deal with different levels of threat. It gives an edge to the security design and finally neutralizes the attack on the system. 5. Consider Internal Threats While giving a lot of attention to safeguarding the network or device from external attacks. The security becomes weak in case of internal attacks and most of the attacks are done internally as it is easy to access and designed weakly. Different levels can be set in network security while designing internal security. Filtering can be added to keep track of the traffic moving from lower-level security to higher level.
Advantages of Firewall: 1. Blocks infected files: While surfing the internet we encounter many unknown threats. Any friendly-looking file might have malware in it. The firewall neutralizes this kind of threat by blocking file access to the system. 2. Stop unwanted visitors: A firewall does not allow a cracker to break into the system through a network. A strong firewall detects the threat and then stops the possible loophole that can be used to penetrate through security into the system. 3. Safeguard the IP address: A network-based firewall like an internet connection firewall(ICF). Keeps track of the internet activities done on a network or a system and keeps the IP address hidden so that it can not be used to access sensitive information against the user. 4. Prevents Email spamming: In this too many emails are sent to the same address leading to the server crashing. A good firewall blocks the spammer source and prevents the server from crashing. 5. Stops Spyware: If a bug is implanted in a network or system it tracks all the data flowing and later uses it for the wrong purpose. A firewall keeps track of all the users accessing the system or network and if spyware is detected it disables it.
Limitations: 1. Internal loose ends: A firewall can not be deployed everywhere when it comes to internal attacks. Sometimes an attacker bypasses the firewall through a telephone lane that crosses paths with a data lane that carries the data packets or an employee who unwittingly cooperates with an external attacker. 2. Infected Files: In the modern world, we come across various kinds of files through emails or the internet. Most of the files are executable under the parameter of an operating system. It becomes impossible for the firewall to keep a track of all the files flowing through the system. 3. Effective Cost: As the requirements of a network or a system increase according to the level of threat increases. The cost of devices used to build the firewall increases. Even the maintenance cost of the firewall also increases. Making the overall cost of the firewall quite expensive. 4. User Restriction: Restrictions and rules implemented through a firewall make a network secure but they can make work less effective when it comes to a large organization or a company. Even making a slight change in data can require a permit from a person of higher authority making work slow. The overall productivity drops because of all of this.

More Related Content

PPTX
Cyber Security Training. An Awareness on Security for Staff
byrasheedmumuni3
 
PPTX
Computer security
byEktaVaswani2
 
PPT
Chapter1 intro network_security_sunorganised
byBule Hora University
 
PPTX
Network security and firewalls
byMurali Mohan
 
PPTX
Network security presentation
byKudzai Rerayi
 
PPTX
Lecture 2.pptx
byMuhammadRehan856177
 
PPTX
IT Threats and Computer Security
byKongChunLeong1
 
PPTX
Lecture 2.pptx
byMuhammadRehan856177
 
Cyber Security Training. An Awareness on Security for Staff
byrasheedmumuni3
 
Computer security
byEktaVaswani2
 
Chapter1 intro network_security_sunorganised
byBule Hora University
 
Network security and firewalls
byMurali Mohan
 
Network security presentation
byKudzai Rerayi
 
Lecture 2.pptx
byMuhammadRehan856177
 
IT Threats and Computer Security
byKongChunLeong1
 
Lecture 2.pptx
byMuhammadRehan856177
 

Similar to Network Security Unit 5.pdf for BCA BBA.

PDF
Implications of Misuse and Cyber Security.pdf
bysrtwgwfwwgw
 
PDF
Network and Information security_new2.pdf
byAyanMujawar2
 
PPTX
Computer security
bysruthiKrishnaG
 
PDF
Chapter 2 konsep dasar keamanan
bynewbie2019
 
PPTX
23 network security threats pkg
byUmang Gupta
 
PPTX
Computer security threats & prevention
byPriSim
 
PPTX
BCE L-3omputer security Basics.pptx
byKirti Verma
 
PPTX
CYBERSECURITY | Why it is important?
byRONIKMEHRA
 
PPTX
SECURING INFORMATION SYSTEM 1.pptx
byCabdullhiY
 
PPT
CyberSecurity presentation for basic knowledge about this topic
bypiyushkamble6
 
PPTX
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
byEric Vanderburg
 
PPTX
Security Basics
byRishi Prasath
 
PDF
Mis 1
byRohit Garg
 
DOCX
Chapter 10.0
byAdebisi Tolulope
 
PPTX
Basics of System Security and Tools
byKaran Bhandari
 
PPTX
Security
bychian417
 
PPTX
LIS3353 SP12 Week 9
byAmanda Case
 
PPT
Complete notes security
byKitkat Emoo
 
PPT
COMPUTER SECURITY
byKak Yong
 
PPT
Threats
bysbmiller87
 
Implications of Misuse and Cyber Security.pdf
bysrtwgwfwwgw
 
Network and Information security_new2.pdf
byAyanMujawar2
 
Computer security
bysruthiKrishnaG
 
Chapter 2 konsep dasar keamanan
bynewbie2019
 
23 network security threats pkg
byUmang Gupta
 
Computer security threats & prevention
byPriSim
 
BCE L-3omputer security Basics.pptx
byKirti Verma
 
CYBERSECURITY | Why it is important?
byRONIKMEHRA
 
SECURING INFORMATION SYSTEM 1.pptx
byCabdullhiY
 
CyberSecurity presentation for basic knowledge about this topic
bypiyushkamble6
 
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
byEric Vanderburg
 
Security Basics
byRishi Prasath
 
Mis 1
byRohit Garg
 
Chapter 10.0
byAdebisi Tolulope
 
Basics of System Security and Tools
byKaran Bhandari
 
Security
bychian417
 
LIS3353 SP12 Week 9
byAmanda Case
 
Complete notes security
byKitkat Emoo
 
COMPUTER SECURITY
byKak Yong
 
Threats
bysbmiller87
 

Recently uploaded

PPTX
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
PDF
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
PPTX
AI_in_Cybersecurity_Insights_Case_Studies.pptx
bywrksmith9
 
PPTX
Unit 1 Introduction of Computer Networks
bySuvarnaSharma5
 
PPTX
Full course that Prymehat uploads for you
byOhenebaManu1
 
PDF
KM World 2025 Enterprises, KM, & Agentic AI
byEnterprise Knowledge
 
PDF
UiPath Coded Agents - A Developer Driven Agentic Automation Era
byUiPathCommunity
 
PDF
65 AI-related Posts Catalog https://tinyurl.com/mpavkr8z
byBob Marcus
 
PDF
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
PDF
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
PPTX
02_Extended Warehouse Management Functions and Features.pptx
byUdayakumar218983
 
PDF
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
PDF
2025-CB-NCAE-slide-deck.pptx-1-83.pdf Virtual Orientation on the Administrati...
byNelizabethEsplaguera1
 
PDF
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
PDF
Purple Team - Active Directory and AzureAD v1
byVICTOR MAESTRE RAMIREZ
 
PDF
Best Bank Statement Converter Software - A Documentation-Based Meta-Analysis ...
bylewisconrada
 
PDF
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
PPTX
KTU-PEMET413 -MODULE 2-POLYMER MATRIX COMPOSITES - LECTURE 1.pptx
byVINAY B
 
PPT
Waste water treatment plant operation and maintenance
byDuggineniRamakrishna
 
PPTX
Visual Foxpro-VFP9-Access-Report-Variable-Outside-the-report.pptx
bymanojbkalla
 
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
AI_in_Cybersecurity_Insights_Case_Studies.pptx
bywrksmith9
 
Unit 1 Introduction of Computer Networks
bySuvarnaSharma5
 
Full course that Prymehat uploads for you
byOhenebaManu1
 
KM World 2025 Enterprises, KM, & Agentic AI
byEnterprise Knowledge
 
UiPath Coded Agents - A Developer Driven Agentic Automation Era
byUiPathCommunity
 
65 AI-related Posts Catalog https://tinyurl.com/mpavkr8z
byBob Marcus
 
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
Using Change Data Capture (CDC) to Ingest Data into Apache Kafka
byGiovanni Marigi
 
02_Extended Warehouse Management Functions and Features.pptx
byUdayakumar218983
 
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
2025-CB-NCAE-slide-deck.pptx-1-83.pdf Virtual Orientation on the Administrati...
byNelizabethEsplaguera1
 
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
Purple Team - Active Directory and AzureAD v1
byVICTOR MAESTRE RAMIREZ
 
Best Bank Statement Converter Software - A Documentation-Based Meta-Analysis ...
bylewisconrada
 
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
KTU-PEMET413 -MODULE 2-POLYMER MATRIX COMPOSITES - LECTURE 1.pptx
byVINAY B
 
Waste water treatment plant operation and maintenance
byDuggineniRamakrishna
 
Visual Foxpro-VFP9-Access-Report-Variable-Outside-the-report.pptx
bymanojbkalla
 

Network Security Unit 5.pdf for BCA BBA.

  • 1.
  • 2.
    What are Intrudersin Network Security? Intruders are often referred to as hackers and are the most harmful factors contributing to security vulnerability. They have immense knowledge and an in-depth understanding of technology and security. Intruders breach the privacy of users and aim to steal the confidential information of the users. The stolen information is then sold to third parties, aiming to misuse it for personal or professional gains.
  • 3.
    Types of Intruders ●Masquerader: The category of individuals that are not authorized to use the system but still exploit users' privacy and confidential information by possessing techniques that give them control over the system, such category of intruders is referred to as Masquerader. Masqueraders are outsiders and hence they don't have direct access to the system, they aim to attack unethically to steal data. ● Misfeasor: The category of individuals that are authorized to use the system, but misuse the granted access and privilege. These are individuals that take undue advantage of the permissions and access given to them, such category of intruders is referred to as Misfeasor. Misfeasors are insiders and they have direct access to the system, which they aim to attack unethically for stealing data/ information. ● Clandestine User: The category of individuals who have supervision/administrative control over the system and misuse the authoritative power given to them. The misconduct of power is often done by superlative authorities for financial gains, such a category of intruders is referred to as Clandestine Users. A Clandestine User can be any of the two, insiders or outsiders, and accordingly, they can have direct/ indirect access to the system, which they aim to attack unethically by stealing data/ information.
  • 4.
    Keeping Intruders Away ●Access Control: Implement strong authentication mechanisms, such as two-factor authentication (2FA) or multi-factor authentication (MFA). Regularly review and update user access permissions to ensure they align with job roles and responsibilities. ● Network Segmentation: Divide your network into segments to limit lateral movement for intruders. For example, separate guest Wi-Fi from internal networks. Use firewalls and access control lists (ACLs) to restrict communication between segments. ● Regular Patching: Keep software, operating systems, and applications up to date. Patch known vulnerabilities promptly. Monitor security advisories and apply patches as soon as they are released. ● Intrusion Detection and Prevention Systems (IDPS): Deploy Intrusion Detection and Prevention Systems (IDPS) solutions to detect and prevent suspicious activities. Set up alerts for any unauthorized access attempts. ● Security Awareness Training: Educate employees about phishing, social engineering, and safe online practices. Regularly conduct security awareness sessions. ● Encryption: Encrypt sensitive data in transit (using protocols like HTTPS) and at rest (using encryption algorithms). Use strong encryption keys and rotate them periodically.
  • 5.
    Common Information SecurityThreats ● Virus: They have the ability to replicate themselves by hooking them to the program on the host computer like songs, videos etc and then they travel all over the Internet. The Creeper Virus was first detected on ARPANET. Examples include File Virus, Macro Virus, Boot Sector Virus, Stealth Virus etc. ● Worms: Worms are also self-replicating in nature but they don't hook themselves to the program on host computer. Biggest difference between virus and worms is that worms are network-aware. They can easily travel from one computer to another if network is available and on the target machine they will not do much harm, they will, for example, consume hard disk space thus slowing down the computer. ● Bots: Bots can be seen as advanced form of worms. They are automated processes that are designed to interact over the internet without the need for human interaction. They can be good or bad. Malicious bot can infect one host and after infecting will create connection to the central server which will provide commands to all infected hosts attached to that network called Botnet.
  • 6.
    ● Adware: Adwareis not exactly malicious but they do breach privacy of the users. They display ads on a computer's desktop or inside individual programs. They come attached with free-to-use software, thus main source of revenue for such developers. They monitor your interests and display relevant ads. An attacker can embed malicious code inside the software and adware can monitor your system activities and can even compromise your machine. ● Spyware: It is a program or we can say software that monitors your activities on computer and reveal collected information to an interested party. Spyware are generally dropped by Trojans, viruses or worms. Once dropped they install themselves and sits silently to avoid detection. One of the most common example of spyware is KEYLOGGER. The basic job of keylogger is to record user keystrokes with timestamp. Thus capturing interesting information like username, passwords, credit card details etc. ● Ransomware: Ransomware is type of malware that will either encrypt your files or will lock your computer making it inaccessible either partially or wholly. Then a screen will be displayed asking for money i.e. ransom in exchange.
  • 7.
    ● Scareware: Itmasquerades as a tool to help fix your system but when the software is executed it will infect your system or completely destroy it. The software will display a message to frighten you and force to take some action like pay them to fix your system. ● Rootkits: Rootkits are designed to gain root access or we can say administrative privileges in the user system. Once gained the root access, the exploiter can do anything from stealing private files to private data. ● Zombies - They work similar to Spyware. Infection mechanism is same but they don't spy and steal information rather they wait for the command from hackers.
  • 8.
    Information Security Solutions ●Data Security Solutions: These protect sensitive data from unauthorized access. Examples include encryption, access controls, and data loss prevention tools. ● Network Security: Focuses on securing communication channels and devices within a network. Firewalls, intrusion detection systems, and VPNs fall into this category. ● Endpoint Security: Protects individual devices (e.g., laptops, smartphones) from threats. Antivirus software and device management tools are common here. ● Cloud Security: Ensures data security in cloud environments. Encryption, access controls, and monitoring play key roles. ● Identity and Access Management (IAM): Manages user access to systems and data. IAM solutions include single sign-on (SSO) and multi-factor authentication (MFA). ● Security Information and Event Management (SIEM): Security Information and Event Management (SIEM) Collects and analyzes security-related data to detect and respond to threats. ● Physical Security: Protects physical assets (e.g., servers, data centers) through access controls, surveillance, and alarms.
  • 9.
    Firewall Design Principles AFirewall is a hardware or software to prevent a private computer or a network of computers from unauthorized access, it acts as a filter to avoid unauthorized users from accessing private computers and networks. It is a vital component of network security. It is the first line of defense for network security. It filters network packets and stops malware from entering the user's computer or network by blocking access and preventing the user from being infected.
  • 10.
    Characteristics of Firewall 1.Physical Barrier: A firewall does not allow any external traffic to enter a system or a network without its allowance. A firewall creates a choke point for all the external data trying to enter the system or network and hence can easily block access if needed. 2. Multi-Purpose: A firewall has many functions other than security purposes. It configures domain names and Internet Protocol (IP) addresses. It also acts as a network address translator. It can act as a meter for internet usage. 3. Flexible Security Policies: Different local systems or networks need different security policies. A firewall can be modified according to the requirement of the user by changing its security policies. 4. Security Platform: It provides a platform from which any alert to the issue related to security or fixing issues can be accessed. All the queries related to security can be kept under check from one place in a system or network. 5. Access Handler: Determines which traffic needs to flow first according to priority or can change for a particular network or system. specific action requests may be initiated and allowed to flow through the firewall.
  • 11.
    Need and Importanceof Firewall Design Principles 1. Different Requirements: Every local network or system has its threats and requirements which needs different structure and devices. All this can only be identified while designing a firewall. Accessing the current security outline of a company can help to create a better firewall design. 2. Outlining Policies: Once a firewall is being designed, a system or network doesn't need to be secure. Some new threats can arise and if we have proper paperwork of policies then the security system can be modified again and the network will become more secure. 3. Identifying Requirements: While designing a firewall data related to threats, devices needed to be integrated, Missing resources, and updating security devices. All the information collected is combined to get the best results. Even if one of these things is misidentified leads to security issues. 4. Setting Restrictions: Every user has limitations to access different level of data or modify it and it needed to be identified and taken action accordingly. After retrieving and processing data, priority is set to people, devices, and applications. 5. Identify Deployment Location: Every firewall has its strengths and to get the most use out of it, we need to deploy each of them at the right place in a system or network. In the case of a packet filter firewall, it needs to be deployed at the edge of your network in between the internal network and web server to get the most out of it.
  • 12.
    Firewall Design Principles 1.Developing Security Policy Security policy is a very essential part of firewall design. Security policy is designed according to the requirement of the company or client to know which kind of traffic is allowed to pass. Without a proper security policy, it is impossible to restrict or allow a specific user or worker in a company network or anywhere else. A properly developed security policy also knows what to do in case of a security breach. Without it, there is an increase in risk as there will not be a proper implementation of security solutions. 2. Simple Solution Design If the design of the solution is complex. then it will be difficult to implement it. If the solution is easy. then it will be easier to implement it. A simple design is easier to maintain. we can make upgrades in the simple design according to the new possible threats leaving it with an efficient but more simple structure. The problem that comes with complex designs is a configuration error that opens a path for external attacks.
  • 13.
    3. Choosing theRight Device Every network security device has its purpose and its way of implementation. if we use the wrong device for the wrong problem, the network becomes vulnerable. if the outdated device is used for a designing firewall, it exposes the network to risk and is almost useless. Firstly the designing part must be done then the product requirements must be found out, if the product is already available then it is tried to fit in a design that makes security weak. 4. Layered Defense A network defense must be multiple-layered in the modern world because if the security is broken, the network will be exposed to external attacks. Multilayer security design can be set to deal with different levels of threat. It gives an edge to the security design and finally neutralizes the attack on the system. 5. Consider Internal Threats While giving a lot of attention to safeguarding the network or device from external attacks. The security becomes weak in case of internal attacks and most of the attacks are done internally as it is easy to access and designed weakly. Different levels can be set in network security while designing internal security. Filtering can be added to keep track of the traffic moving from lower-level security to higher level.
  • 14.
    Advantages of Firewall: 1.Blocks infected files: While surfing the internet we encounter many unknown threats. Any friendly-looking file might have malware in it. The firewall neutralizes this kind of threat by blocking file access to the system. 2. Stop unwanted visitors: A firewall does not allow a cracker to break into the system through a network. A strong firewall detects the threat and then stops the possible loophole that can be used to penetrate through security into the system. 3. Safeguard the IP address: A network-based firewall like an internet connection firewall(ICF). Keeps track of the internet activities done on a network or a system and keeps the IP address hidden so that it can not be used to access sensitive information against the user. 4. Prevents Email spamming: In this too many emails are sent to the same address leading to the server crashing. A good firewall blocks the spammer source and prevents the server from crashing. 5. Stops Spyware: If a bug is implanted in a network or system it tracks all the data flowing and later uses it for the wrong purpose. A firewall keeps track of all the users accessing the system or network and if spyware is detected it disables it.
  • 15.
    Limitations: 1. Internal looseends: A firewall can not be deployed everywhere when it comes to internal attacks. Sometimes an attacker bypasses the firewall through a telephone lane that crosses paths with a data lane that carries the data packets or an employee who unwittingly cooperates with an external attacker. 2. Infected Files: In the modern world, we come across various kinds of files through emails or the internet. Most of the files are executable under the parameter of an operating system. It becomes impossible for the firewall to keep a track of all the files flowing through the system. 3. Effective Cost: As the requirements of a network or a system increase according to the level of threat increases. The cost of devices used to build the firewall increases. Even the maintenance cost of the firewall also increases. Making the overall cost of the firewall quite expensive. 4. User Restriction: Restrictions and rules implemented through a firewall make a network secure but they can make work less effective when it comes to a large organization or a company. Even making a slight change in data can require a permit from a person of higher authority making work slow. The overall productivity drops because of all of this.