SlideShare a Scribd company logo

What is firewall

Harshana Jayarathna
Harshana Jayarathna

The document discusses firewalls, which were officially invented in the early 1990s. A firewall protects networked computers from unauthorized access and sits at the gateway between private and public networks like the Internet. Firewalls can be hardware devices or software programs and examine incoming and outgoing network traffic to filter it based on various criteria. There are different types of firewalls that operate at different layers of the network model, including packet filters, circuit gateways, application proxies, and stateful multilayer inspection firewalls.

EducationTechnology
1 of 30
Firewall Officially invented in early 1990s H.M.H.R.JAYARATHNA 1 E091040028
What is a firewall? • A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service • It may be a hardware device(fig.1) or a software program(fig.2) running on a secure host computer. H.M.H.R.JAYARATHNA 2 E091040028
• A firewall sits at the junction point or gateway between the two networks, usually a private network and a public network such as the Internet. • The earliest firewalls were simply routers H.M.H.R.JAYARATHNA 3 E091040028
Fig.1 Hardware firewall providing protection to a Local Network. H.M.H.R.JAYARATHNA 4 E091040028
Fig.2 Computer running firewall software to provide protection H.M.H.R.JAYARATHNA 5 E091040028
What does a firewall do? • examines all traffic routed between the two networks to see if it meets certain criteria • firewall filters both inbound and outbound traffic. • can filter packets based on their source and destination addresses and port numbers. known as address filtering. H.M.H.R.JAYARATHNA 6 E091040028
• can also filter specific types of network traffic. known as protocol filtering (Eg: HTTP, ftp or telnet.) • can also filter traffic by packet attribute or state. H.M.H.R.JAYARATHNA 7 E091040028
What can't a firewall do? • cannot prevent individual users with modems from dialling into or out of the network, bypassing the firewall altogether. • Cannot control employee misconduct or carelessness H.M.H.R.JAYARATHNA 8 E091040028
Who needs a firewall? • Anyone who is responsible for a single computer/private network that is connected to Internet via modem/a public network needs firewall H.M.H.R.JAYARATHNA 9 E091040028
How does a firewall work? • There are two access denial methodologies used – firewall may allow all traffic through unless it meets certain criteria – it may deny all traffic unless it meets certain criteria • Firewalls may be concerned with the type of traffic, or with source or destination addresses and ports. H.M.H.R.JAYARATHNA 10 E091040028
Fig.3 Basic Firewall Operation. H.M.H.R.JAYARATHNA 11 E091040028
What different types of firewalls are there? • four broad categories – packet filters – circuit level gateways – application level gateways – stateful multilayer inspection H.M.H.R.JAYARATHNA 12 E091040028
Packet filtering firewalls • work at the network level of the OSI model, or the IP layer of TCP/IP. • usually part of a router. • each packet is compared to a set of criteria before it is forwarded. • Depending on the packet and the criteria, the firewall can drop the packet, forward it or send a message to the originator. H.M.H.R.JAYARATHNA 13 E091040028
• Rules can include source and destination IP address, source and destination port number and protocol used. • Advantage: their low cost and low impact on network performance. • implementing packet filtering at the router level affords an initial degree of security at a low network layer. H.M.H.R.JAYARATHNA 14 E091040028
• This type of firewall only works at the network layer however and does not support sophisticated rule based models. • Network Address Translation (NAT) routers offer the advantages of packet filtering firewalls but can also hide the IP addresses of computers behind the firewall, and offer a level of circuit-based filtering. H.M.H.R.JAYARATHNA 15 E091040028
Packet Filtering Firewall H.M.H.R.JAYARATHNA 16 E091040028
circuit level gateways • work at the session layer of the OSI model, or the TCP layer of TCP/IP. • monitor TCP handshaking between packets to determine whether a requested session is legitimate. • Information passed to remote computer through a circuit level gateway appears to have originated from the gateway. H.M.H.R.JAYARATHNA 17 E091040028
• useful for hiding information about protected networks. • Circuit level gateways are relatively inexpensive • They do not filter individual packets. • Advantage: hiding information about private protect networks. H.M.H.R.JAYARATHNA 18 E091040028
Circuit level Gateway H.M.H.R.JAYARATHNA 19 E091040028
Application level gateways • also called proxies • similar to circuit-level gateways except that they are application specific. • can filter packets at the application layer of the OSI model. • Incoming or outgoing packets cannot access services for which there is no proxy. H.M.H.R.JAYARATHNA 20 E091040028
• an application level gateway that is configured to be a web proxy will not allow any FTP, gopher, telnet or other traffic through. • can filter application specific commands such as http:post and get, etc. • can also be used to log user activity and logins. H.M.H.R.JAYARATHNA 21 E091040028
• offer a high level of security, but have a significant impact on network performance. • This is because of context switches that slow down network access dramatically. • They are not transparent to end users and require manual configuration of each client computer. H.M.H.R.JAYARATHNA 22 E091040028
Application level Gateway H.M.H.R.JAYARATHNA 23 E091040028
Stateful Multilayer Inspection Firewall • filter packets at the network layer, determine whether session packets are legitimate and evaluate contents of packets at the application layer. • allow direct connection between client and host, alleviating the problem caused by the lack of transparency of application level gateways. H.M.H.R.JAYARATHNA 24 E091040028
• rely on algorithms to recognize and process application layer data instead of running application specific proxies. • offer a high level of security, good performance and transparency to end users. • are expensive • Due to their complexity are potentially less secure than simpler types of firewalls if not administered by highly competent personnel. H.M.H.R.JAYARATHNA 25 E091040028
Stateful Multilayer Inspection Firewall H.M.H.R.JAYARATHNA 26 E091040028
How do I implement a firewall? • Steps of implementing a firewall 1. Determine the access denial methodology to use. 2. Determine inbound access policy. 3. Determine outbound access policy 4. Determine if dial-in or dial-out access is required. 5. Decide whether to buy a complete firewall product, have one implemented by a systems integrator or implement one yourself. H.M.H.R.JAYARATHNA 27 E091040028
Firewall related problems • Firewalls restrict access to certain worthful services because those are not yet identified by firewall H.M.H.R.JAYARATHNA 28 E091040028
Benefits of a firewall • protect private local area networks from hostile intrusion from the Internet. • Firewalls allow network administrators to offer access to specific types of Internet services to selected LAN users. • Can control the access of outsiders(unidentifiers) to our network or a single machine H.M.H.R.JAYARATHNA 29 E091040028
• References – http://www.vicomsoft.com/learning-center/firewalls/ – A definition of Firewall Security from searchSecurity.com. – A definition of Firewalls from the FreeBSD Handbook – Network Security Tutorial from About.com. – Firewall.com - The Complete Security Portal – Security in Computing, 4th Edition, by Pfleeger & Pfleeger H.M.H.R.JAYARATHNA 30 E091040028

Recommended

Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security DefinitionPatten John
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Firewalls
FirewallsFirewalls
FirewallsKalluri Madhuri
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationyogendrasinghchahar
 
Firewall
FirewallFirewall
FirewallMudasser Afzal
 
Firewalls
FirewallsFirewalls
FirewallsShreya Singireddy
 

Recommended

Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security DefinitionPatten John
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Firewalls
FirewallsFirewalls
FirewallsKalluri Madhuri
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationyogendrasinghchahar
 
Firewall
FirewallFirewall
FirewallMudasser Afzal
 
Firewalls
FirewallsFirewalls
FirewallsShreya Singireddy
 
Firewall
FirewallFirewall
FirewallNilkanth Shingala
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Firewall
FirewallFirewall
FirewallMuhammad Sohaib Afzaal
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationTayabaZahid
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its typesMohammed Maajidh
 
Firewall fundamentals
Firewall fundamentalsFirewall fundamentals
Firewall fundamentalsThang Man
 
Types Of Firewall Security
Types Of Firewall SecurityTypes Of Firewall Security
Types Of Firewall Securityiberrywifisecurity
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Firewall
Firewall Firewall
Firewall Amuthavalli Nachiyar
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)Jainam Shah
 
Firewall
FirewallFirewall
Firewallreddivarihareesh
 
Firewall basics
Firewall basicsFirewall basics
Firewall basicsFredrick Hall
 
Firewall
FirewallFirewall
FirewallSaurabh Chauhan
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)LJ PROJECTS
 
Firewalls
FirewallsFirewalls
Firewallsvaishnavi
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.pptssuser530a07
 
Aws security with HIDS, OSSEC
Aws security with HIDS, OSSECAws security with HIDS, OSSEC
Aws security with HIDS, OSSECMayank Gaikwad
 
Introducao WAF Tchelinux 2012
Introducao WAF Tchelinux 2012Introducao WAF Tchelinux 2012
Introducao WAF Tchelinux 2012Jeronimo Zucco
 

More Related Content

What's hot

Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationTayabaZahid
 
Firewall fundamentals
Firewall fundamentalsFirewall fundamentals
Firewall fundamentalsThang Man
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)Jainam Shah
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)LJ PROJECTS
 

What's hot (20)

Firewall
FirewallFirewall
Firewall
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
Firewall
FirewallFirewall
Firewall
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purpose
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
 
Firewall fundamentals
Firewall fundamentalsFirewall fundamentals
Firewall fundamentals
 
Types Of Firewall Security
Types Of Firewall SecurityTypes Of Firewall Security
Types Of Firewall Security
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Firewall
Firewall Firewall
Firewall
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
 
Firewall
FirewallFirewall
Firewall
 
Firewall basics
Firewall basicsFirewall basics
Firewall basics
 
Firewall
FirewallFirewall
Firewall
 
Types of firewall
Types of firewallTypes of firewall
Types of firewall
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewalls
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
 
Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)
 
Firewalls
FirewallsFirewalls
Firewalls
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
 

Viewers also liked

Aws security with HIDS, OSSEC
Aws security with HIDS, OSSECAws security with HIDS, OSSEC
Aws security with HIDS, OSSECMayank Gaikwad
 
Introducao WAF Tchelinux 2012
Introducao WAF Tchelinux 2012Introducao WAF Tchelinux 2012
Introducao WAF Tchelinux 2012Jeronimo Zucco
 
Securing Hadoop with OSSEC
Securing Hadoop with OSSECSecuring Hadoop with OSSEC
Securing Hadoop with OSSECVic Hargrave
 
Managing Your Security Logs with Elasticsearch
Managing Your Security Logs with ElasticsearchManaging Your Security Logs with Elasticsearch
Managing Your Security Logs with ElasticsearchVic Hargrave
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMAlienVault
 
Malware Detection with OSSEC HIDS - OSSECCON 2014
Malware Detection with OSSEC HIDS - OSSECCON 2014Malware Detection with OSSEC HIDS - OSSECCON 2014
Malware Detection with OSSEC HIDS - OSSECCON 2014Santiago Bassett
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)Papun Papun
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)k33a
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 

Viewers also liked (12)

Aws security with HIDS, OSSEC
Aws security with HIDS, OSSECAws security with HIDS, OSSEC
Aws security with HIDS, OSSEC
 
Introducao WAF Tchelinux 2012
Introducao WAF Tchelinux 2012Introducao WAF Tchelinux 2012
Introducao WAF Tchelinux 2012
 
Securing Hadoop with OSSEC
Securing Hadoop with OSSECSecuring Hadoop with OSSEC
Securing Hadoop with OSSEC
 
Managing Your Security Logs with Elasticsearch
Managing Your Security Logs with ElasticsearchManaging Your Security Logs with Elasticsearch
Managing Your Security Logs with Elasticsearch
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
 
Malware Detection with OSSEC HIDS - OSSECCON 2014
Malware Detection with OSSEC HIDS - OSSECCON 2014Malware Detection with OSSEC HIDS - OSSECCON 2014
Malware Detection with OSSEC HIDS - OSSECCON 2014
 
Implementing ossec
Implementing ossecImplementing ossec
Implementing ossec
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
 
HP ArcSight
HP ArcSight HP ArcSight
HP ArcSight
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 

Similar to What is firewall

Firewall (2)
Firewall (2)Firewall (2)
Firewall (2)marghali
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfDr. Shivashankar
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8limsh
 
Section c group2_firewall_ final
Section c group2_firewall_ finalSection c group2_firewall_ final
Section c group2_firewall_ finalpg13tarun_g
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and functionNisarg Amin
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Radhika Talaviya
 
201302057 lakshay it.pptx
201302057 lakshay it.pptx201302057 lakshay it.pptx
201302057 lakshay it.pptxLakshayYadav46
 
Information Security (Firewall)
Information Security (Firewall)Information Security (Firewall)
Information Security (Firewall)Zara Nawaz
 
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...ams1ams11
 
Network defenses
Network defensesNetwork defenses
Network defensesG Prachi
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxShreyaBanerjee52
 

Similar to What is firewall (20)

Seminar
SeminarSeminar
Seminar
 
Firewall (2)
Firewall (2)Firewall (2)
Firewall (2)
 
[9] Firewall.pdf
[9] Firewall.pdf[9] Firewall.pdf
[9] Firewall.pdf
 
Firewall and its Types
Firewall and its TypesFirewall and its Types
Firewall and its Types
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdf
 
Firewall
FirewallFirewall
Firewall
 
Divyanshu.pptx
Divyanshu.pptxDivyanshu.pptx
Divyanshu.pptx
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8
 
Section c group2_firewall_ final
Section c group2_firewall_ finalSection c group2_firewall_ final
Section c group2_firewall_ final
 
firewall.pdf
firewall.pdffirewall.pdf
firewall.pdf
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and function
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters
 
201302057 lakshay it.pptx
201302057 lakshay it.pptx201302057 lakshay it.pptx
201302057 lakshay it.pptx
 
Information Security (Firewall)
Information Security (Firewall)Information Security (Firewall)
Information Security (Firewall)
 
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
 
Network defenses
Network defensesNetwork defenses
Network defenses
 
Firewall
FirewallFirewall
Firewall
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptx
 

Recently uploaded

Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...M56BOOKSTORE PRODUCT/SERVICE
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 

Recently uploaded (20)

Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 

What is firewall

  • 1. Firewall Officially invented in early 1990s H.M.H.R.JAYARATHNA 1 E091040028
  • 2. What is a firewall? • A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service • It may be a hardware device(fig.1) or a software program(fig.2) running on a secure host computer. H.M.H.R.JAYARATHNA 2 E091040028
  • 3. • A firewall sits at the junction point or gateway between the two networks, usually a private network and a public network such as the Internet. • The earliest firewalls were simply routers H.M.H.R.JAYARATHNA 3 E091040028
  • 4. Fig.1 Hardware firewall providing protection to a Local Network. H.M.H.R.JAYARATHNA 4 E091040028
  • 5. Fig.2 Computer running firewall software to provide protection H.M.H.R.JAYARATHNA 5 E091040028
  • 6. What does a firewall do? • examines all traffic routed between the two networks to see if it meets certain criteria • firewall filters both inbound and outbound traffic. • can filter packets based on their source and destination addresses and port numbers. known as address filtering. H.M.H.R.JAYARATHNA 6 E091040028
  • 7. • can also filter specific types of network traffic. known as protocol filtering (Eg: HTTP, ftp or telnet.) • can also filter traffic by packet attribute or state. H.M.H.R.JAYARATHNA 7 E091040028
  • 8. What can't a firewall do? • cannot prevent individual users with modems from dialling into or out of the network, bypassing the firewall altogether. • Cannot control employee misconduct or carelessness H.M.H.R.JAYARATHNA 8 E091040028
  • 9. Who needs a firewall? • Anyone who is responsible for a single computer/private network that is connected to Internet via modem/a public network needs firewall H.M.H.R.JAYARATHNA 9 E091040028
  • 10. How does a firewall work? • There are two access denial methodologies used – firewall may allow all traffic through unless it meets certain criteria – it may deny all traffic unless it meets certain criteria • Firewalls may be concerned with the type of traffic, or with source or destination addresses and ports. H.M.H.R.JAYARATHNA 10 E091040028
  • 11. Fig.3 Basic Firewall Operation. H.M.H.R.JAYARATHNA 11 E091040028
  • 12. What different types of firewalls are there? • four broad categories – packet filters – circuit level gateways – application level gateways – stateful multilayer inspection H.M.H.R.JAYARATHNA 12 E091040028
  • 13. Packet filtering firewalls • work at the network level of the OSI model, or the IP layer of TCP/IP. • usually part of a router. • each packet is compared to a set of criteria before it is forwarded. • Depending on the packet and the criteria, the firewall can drop the packet, forward it or send a message to the originator. H.M.H.R.JAYARATHNA 13 E091040028
  • 14. • Rules can include source and destination IP address, source and destination port number and protocol used. • Advantage: their low cost and low impact on network performance. • implementing packet filtering at the router level affords an initial degree of security at a low network layer. H.M.H.R.JAYARATHNA 14 E091040028
  • 15. • This type of firewall only works at the network layer however and does not support sophisticated rule based models. • Network Address Translation (NAT) routers offer the advantages of packet filtering firewalls but can also hide the IP addresses of computers behind the firewall, and offer a level of circuit-based filtering. H.M.H.R.JAYARATHNA 15 E091040028
  • 16. Packet Filtering Firewall H.M.H.R.JAYARATHNA 16 E091040028
  • 17. circuit level gateways • work at the session layer of the OSI model, or the TCP layer of TCP/IP. • monitor TCP handshaking between packets to determine whether a requested session is legitimate. • Information passed to remote computer through a circuit level gateway appears to have originated from the gateway. H.M.H.R.JAYARATHNA 17 E091040028
  • 18. • useful for hiding information about protected networks. • Circuit level gateways are relatively inexpensive • They do not filter individual packets. • Advantage: hiding information about private protect networks. H.M.H.R.JAYARATHNA 18 E091040028
  • 19. Circuit level Gateway H.M.H.R.JAYARATHNA 19 E091040028
  • 20. Application level gateways • also called proxies • similar to circuit-level gateways except that they are application specific. • can filter packets at the application layer of the OSI model. • Incoming or outgoing packets cannot access services for which there is no proxy. H.M.H.R.JAYARATHNA 20 E091040028
  • 21. • an application level gateway that is configured to be a web proxy will not allow any FTP, gopher, telnet or other traffic through. • can filter application specific commands such as http:post and get, etc. • can also be used to log user activity and logins. H.M.H.R.JAYARATHNA 21 E091040028
  • 22. • offer a high level of security, but have a significant impact on network performance. • This is because of context switches that slow down network access dramatically. • They are not transparent to end users and require manual configuration of each client computer. H.M.H.R.JAYARATHNA 22 E091040028
  • 23. Application level Gateway H.M.H.R.JAYARATHNA 23 E091040028
  • 24. Stateful Multilayer Inspection Firewall • filter packets at the network layer, determine whether session packets are legitimate and evaluate contents of packets at the application layer. • allow direct connection between client and host, alleviating the problem caused by the lack of transparency of application level gateways. H.M.H.R.JAYARATHNA 24 E091040028
  • 25. • rely on algorithms to recognize and process application layer data instead of running application specific proxies. • offer a high level of security, good performance and transparency to end users. • are expensive • Due to their complexity are potentially less secure than simpler types of firewalls if not administered by highly competent personnel. H.M.H.R.JAYARATHNA 25 E091040028
  • 26. Stateful Multilayer Inspection Firewall H.M.H.R.JAYARATHNA 26 E091040028
  • 27. How do I implement a firewall? • Steps of implementing a firewall 1. Determine the access denial methodology to use. 2. Determine inbound access policy. 3. Determine outbound access policy 4. Determine if dial-in or dial-out access is required. 5. Decide whether to buy a complete firewall product, have one implemented by a systems integrator or implement one yourself. H.M.H.R.JAYARATHNA 27 E091040028
  • 28. Firewall related problems • Firewalls restrict access to certain worthful services because those are not yet identified by firewall H.M.H.R.JAYARATHNA 28 E091040028
  • 29. Benefits of a firewall • protect private local area networks from hostile intrusion from the Internet. • Firewalls allow network administrators to offer access to specific types of Internet services to selected LAN users. • Can control the access of outsiders(unidentifiers) to our network or a single machine H.M.H.R.JAYARATHNA 29 E091040028
  • 30. • References – http://www.vicomsoft.com/learning-center/firewalls/ – A definition of Firewall Security from searchSecurity.com. – A definition of Firewalls from the FreeBSD Handbook – Network Security Tutorial from About.com. – Firewall.com - The Complete Security Portal – Security in Computing, 4th Edition, by Pfleeger & Pfleeger H.M.H.R.JAYARATHNA 30 E091040028