Advance firewalls


Published on

Learn about advance Firewall features and their importance in IT security.

Published in: Education, Technology
  • Be the first to comment

Advance firewalls

  1. 1. FirewallsPresented By©Hackers Paradise
  2. 2. Outline• Introduction• Firewall Environments• Type of Firewalls• Future of Firewalls• Conclusion
  3. 3. Introduction• Firewalls control the flow of network traffic• Firewalls have applicability in networkswhere there is no internet connectivity• Firewalls operate on number of layers• Can also act as VPN gateways• Active content filtering technologies
  4. 4. Firewall Environments• There are different types of environmentswhere a firewall can be implemented.• Simple environment can be a packet filterfirewall• Complex environments can be severalfirewalls and proxies
  5. 5. DMZ Environment• Can be created out of a network connectingtwo firewalls• Boundary router filter packets protectingserver• First firewall provide access control andprotection from server if they are hacked
  6. 6. DMZ ENV
  7. 7. VPN• VPN is used to provide secure networklinks across networks• VPN is constructed on top of existingnetwork media and protocols• On protocol level IPsec is the first choice• Other protocols are PPTP, L2TP
  8. 8. VPN
  9. 9. Intranets• An intranet is a network that employs thesame types of services, applications, andprotocols present in an Internetimplementation, without involving externalconnectivity• Intranets are typically implemented behindfirewall environments.
  10. 10. Intranets
  11. 11. Extranets• Extranet is usually a business-to-businessintranet• Controlled access to remote users via someform of authentication and encryption suchas provided by a VPN• Extranets employ TCP/IP protocols, alongwith the same standard applications andservices
  12. 12. Type is Firewalls• Firewalls fall into four broad categories• Packet filters• Circuit level• Application level• Stateful multilayer
  13. 13. Packet Filter• Work at the network level of the OSI model• Each packet is compared to a set of criteriabefore it is forwarded• Packet filtering firewalls is low cost andlow impact on network performance
  14. 14. Packet Filtering
  15. 15. Circuit level• Circuit level gateways work at the sessionlayer of the OSI model, or the TCP layer ofTCP/IP• Monitor TCP handshaking between packetsto determine whether a requested session islegitimate.
  16. 16. Circuit Level
  17. 17. Application Level• Application level gateways, also calledproxies, are similar to circuit-level gatewaysexcept that they are application specific• Gateway that is configured to be a webproxy will not allow any ftp, gopher, telnetor other traffic through
  18. 18. Application Level
  19. 19. Stateful Multilayer• Stateful multilayer inspection firewallscombine the aspects of the other three typesof firewalls• They filter packets at the network layer,determine whether session packets arelegitimate and evaluate contents of packetsat the application layer
  20. 20. Stateful Multilayer
  21. 21. General Performance
  22. 22. Future of Firewalls• Firewalls will continue to advance as the attackson IT infrastructure become more and moresophisticated• More and more client and server applications arecoming with native support for proxiedenvironments• Firewalls that scan for viruses as they enter thenetwork and several firms are currently exploringthis idea, but it is not yet in wide use
  23. 23. Conclusion• It is clear that some form of security forprivate networks connected to the Internetis essential• A firewall is an important and necessarypart of that security, but cannot be expectedto perform all the required securityfunctions.