SlideShare a Scribd company logo

Firewalls

Tulakshana Weerasooriya
Tulakshana Weerasooriya
Technology
1 of 12
Download to read offline
Firewalls
Firewall Control the incoming and outgoing network traffic by analyzing the data packets and determining whether it should be allowed through or not, based on a predetermined rule set. Software/Hardware based
Filtering 1.Protocol 2.From (source) address and port 3.Schedule 4.To (destination) addresses, names, URLs 5.Users 6.Content groups
Case study A small organization which uses the following services •email •ftp •Internet
Firewall policy External users and internal users are prohibited from interaction with the firewall with the exception of email, ping, DNS and extremely limited ftp capacity. Internal network addresses are hidden from the external network.
Outbound requests from the internal network for WWW access to the Internet are permitted only for the marketing and sales department.
False sense of security Firewall alone will not keep the internal network safe. For example say the traffic coming through the public network to company's network is filtered using a firewall, but still internal people have access to resources. Procedural defenses should also be enforced
Attack scenario
Recommendations •An organization’s firewall policy should be based on a comprehensive risk analysis. •Firewall policies should be based on blocking all inbound and outbound traffic, with exceptions made for desired traffic. •Policies should take into account the source and destination of the traffic in addition to the content.
An organization should determine which applications may send traffic into or out of its network and make firewall policies to block traffic for other applications.
References [1] D. Drake and K. L. Morse, “Applying the Eight-Stage Risk Assessment Methodology to Firewalls,” in Proceedings of the 13th Annual Computer Security Applications Conference (ACSAC’97), 1997, pp. 44–52. [2] S. Myagmar, A. J. Lee, and W. Yurcik, “Threat modeling as a basis for security requirements,” in Proceedings of the Symposium on Requirements Engineering for Information Security (SREIS’05), 2005. [3] I. Georgakoudi, B. C. Jacobson, M. G. Müller, E. E. Sheets, K. Badizadegan, D. L. Carr-Locke, C. P. Crum, C. W. Boone, R. R. Dasari, J. Van Dam, and others, “NAD (P) H and collagen as in vivo quantitative fluorescent biomarkers of epithelial precancerous changes,” Cancer Research, vol. 62, no. 3, p. 682, 2002.
Thank You Group members, •Aroshan Fernando •Pavithra Kulathilaka •Madhushika Bandara •Tulakshana Weerasooriya •Dimuthu Samarasekara

Recommended

Research Ethics and Use of Restricted Access Data
Research Ethics and Use of Restricted Access DataResearch Ethics and Use of Restricted Access Data
Research Ethics and Use of Restricted Access Datalibbiestephenson
 
data mining for security application
data mining for security applicationdata mining for security application
data mining for security applicationbharatsvnit
 
pro-iBiosphere 2013-05 Linked Open Data (Gregor Hagedorn)
pro-iBiosphere 2013-05 Linked Open Data (Gregor Hagedorn)pro-iBiosphere 2013-05 Linked Open Data (Gregor Hagedorn)
pro-iBiosphere 2013-05 Linked Open Data (Gregor Hagedorn)Gregor Hagedorn
 
Preparing research data for sharing
Preparing research data for sharingPreparing research data for sharing
Preparing research data for sharingLondon School of Hygiene and Tropical Medicine
 
Michener-institutional and subject-specific data repositories-nfdp13
Michener-institutional and subject-specific data repositories-nfdp13Michener-institutional and subject-specific data repositories-nfdp13
Michener-institutional and subject-specific data repositories-nfdp13DataDryad
 
USE OF NETWORK FORENSIC MECHANISMS TO FORMULATE NETWORK SECURITY
USE OF NETWORK FORENSIC MECHANISMS TO FORMULATE NETWORK SECURITYUSE OF NETWORK FORENSIC MECHANISMS TO FORMULATE NETWORK SECURITY
USE OF NETWORK FORENSIC MECHANISMS TO FORMULATE NETWORK SECURITYIJMIT JOURNAL
 
The Mian cyber attack Groups in China (Chinese episonage)
The Mian cyber attack Groups in China (Chinese episonage)The Mian cyber attack Groups in China (Chinese episonage)
The Mian cyber attack Groups in China (Chinese episonage)Jeremiah Wakamu
 
Findable, Accessible, Interoperable and Reusable (FAIR) data
Findable, Accessible, Interoperable and Reusable (FAIR) dataFindable, Accessible, Interoperable and Reusable (FAIR) data
Findable, Accessible, Interoperable and Reusable (FAIR) dataARDC
 

Recommended

Research Ethics and Use of Restricted Access Data
Research Ethics and Use of Restricted Access DataResearch Ethics and Use of Restricted Access Data
Research Ethics and Use of Restricted Access Datalibbiestephenson
 
data mining for security application
data mining for security applicationdata mining for security application
data mining for security applicationbharatsvnit
 
pro-iBiosphere 2013-05 Linked Open Data (Gregor Hagedorn)
pro-iBiosphere 2013-05 Linked Open Data (Gregor Hagedorn)pro-iBiosphere 2013-05 Linked Open Data (Gregor Hagedorn)
pro-iBiosphere 2013-05 Linked Open Data (Gregor Hagedorn)Gregor Hagedorn
 
Preparing research data for sharing
Preparing research data for sharingPreparing research data for sharing
Preparing research data for sharingLondon School of Hygiene and Tropical Medicine
 
Michener-institutional and subject-specific data repositories-nfdp13
Michener-institutional and subject-specific data repositories-nfdp13Michener-institutional and subject-specific data repositories-nfdp13
Michener-institutional and subject-specific data repositories-nfdp13DataDryad
 
USE OF NETWORK FORENSIC MECHANISMS TO FORMULATE NETWORK SECURITY
USE OF NETWORK FORENSIC MECHANISMS TO FORMULATE NETWORK SECURITYUSE OF NETWORK FORENSIC MECHANISMS TO FORMULATE NETWORK SECURITY
USE OF NETWORK FORENSIC MECHANISMS TO FORMULATE NETWORK SECURITYIJMIT JOURNAL
 
The Mian cyber attack Groups in China (Chinese episonage)
The Mian cyber attack Groups in China (Chinese episonage)The Mian cyber attack Groups in China (Chinese episonage)
The Mian cyber attack Groups in China (Chinese episonage)Jeremiah Wakamu
 
Findable, Accessible, Interoperable and Reusable (FAIR) data
Findable, Accessible, Interoperable and Reusable (FAIR) dataFindable, Accessible, Interoperable and Reusable (FAIR) data
Findable, Accessible, Interoperable and Reusable (FAIR) dataARDC
 
Privacy in Research Data Managemnt - Use Cases
Privacy in Research Data Managemnt - Use CasesPrivacy in Research Data Managemnt - Use Cases
Privacy in Research Data Managemnt - Use CasesMicah Altman
 
Making it Easier, Possibly Even Pleasant, to Author Rich Experimental Metadata
Making it Easier, Possibly Even Pleasant, to Author Rich Experimental MetadataMaking it Easier, Possibly Even Pleasant, to Author Rich Experimental Metadata
Making it Easier, Possibly Even Pleasant, to Author Rich Experimental MetadataMichel Dumontier
 
Internet Identifier SSR
Internet Identifier SSRInternet Identifier SSR
Internet Identifier SSRAPNIC
 
MOBILE DEVICE FORENSICS USING NLP
MOBILE DEVICE FORENSICS USING NLPMOBILE DEVICE FORENSICS USING NLP
MOBILE DEVICE FORENSICS USING NLPAnkita Jadhao
 
Shareable by Design: Making Better Use of your Research
Shareable by Design: Making Better Use of your ResearchShareable by Design: Making Better Use of your Research
Shareable by Design: Making Better Use of your ResearchLondon School of Hygiene and Tropical Medicine
 
FAIR Data Management and FAIR Data Sharing
FAIR Data Management and FAIR Data SharingFAIR Data Management and FAIR Data Sharing
FAIR Data Management and FAIR Data SharingMerce Crosas
 
Access and licencing of data
Access and licencing of dataAccess and licencing of data
Access and licencing of dataArhiv družboslovnih podatkov
 
Managing and Sharing Research Data - Workshop at UiO - December 04, 2017
Managing and Sharing Research Data - Workshop at UiO - December 04, 2017Managing and Sharing Research Data - Workshop at UiO - December 04, 2017
Managing and Sharing Research Data - Workshop at UiO - December 04, 2017Michel Heeremans
 
Publishing and sharing sensitive data 28 June
Publishing and sharing sensitive data 28 JunePublishing and sharing sensitive data 28 June
Publishing and sharing sensitive data 28 JuneARDC
 
Getting started-with-open-data
Getting started-with-open-dataGetting started-with-open-data
Getting started-with-open-dataRolf Kleef
 
Link Analysis of Life Sciences Linked Data
Link Analysis of Life Sciences Linked DataLink Analysis of Life Sciences Linked Data
Link Analysis of Life Sciences Linked DataMichel Dumontier
 
Security & Privacy - Lecture A
Security & Privacy - Lecture ASecurity & Privacy - Lecture A
Security & Privacy - Lecture ACMDLearning
 
Web data mining
Web data miningWeb data mining
Web data miningMILIND GAIKWAD
 
Prediction of terrorist on the basis of semantic association building ontolog...
Prediction of terrorist on the basis of semantic association building ontolog...Prediction of terrorist on the basis of semantic association building ontolog...
Prediction of terrorist on the basis of semantic association building ontolog...Nawaraj Ghimire
 
W3C HCLS Dataset Description Guidelines
W3C HCLS Dataset Description GuidelinesW3C HCLS Dataset Description Guidelines
W3C HCLS Dataset Description GuidelinesMichel Dumontier
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)ijcisjournal
 
Semantically-Enabled Digital Investigations - Research Overview
Semantically-Enabled Digital Investigations - Research OverviewSemantically-Enabled Digital Investigations - Research Overview
Semantically-Enabled Digital Investigations - Research Overviewinbroker
 
Presentation network security
Presentation network securityPresentation network security
Presentation network securityTalent Dzinoruma
 
Vocab1
Vocab1Vocab1
Vocab1shahed
 
Adding iOS simulators
Adding iOS simulatorsAdding iOS simulators
Adding iOS simulatorsTulakshana Weerasooriya
 
عبارت موصول
عبارت موصولعبارت موصول
عبارت موصولshahed
 
Lot
LotLot
Lotshahed
 

More Related Content

What's hot

Privacy in Research Data Managemnt - Use Cases
Privacy in Research Data Managemnt - Use CasesPrivacy in Research Data Managemnt - Use Cases
Privacy in Research Data Managemnt - Use CasesMicah Altman
 
Making it Easier, Possibly Even Pleasant, to Author Rich Experimental Metadata
Making it Easier, Possibly Even Pleasant, to Author Rich Experimental MetadataMaking it Easier, Possibly Even Pleasant, to Author Rich Experimental Metadata
Making it Easier, Possibly Even Pleasant, to Author Rich Experimental MetadataMichel Dumontier
 
Internet Identifier SSR
Internet Identifier SSRInternet Identifier SSR
Internet Identifier SSRAPNIC
 
MOBILE DEVICE FORENSICS USING NLP
MOBILE DEVICE FORENSICS USING NLPMOBILE DEVICE FORENSICS USING NLP
MOBILE DEVICE FORENSICS USING NLPAnkita Jadhao
 
FAIR Data Management and FAIR Data Sharing
FAIR Data Management and FAIR Data SharingFAIR Data Management and FAIR Data Sharing
FAIR Data Management and FAIR Data SharingMerce Crosas
 
Managing and Sharing Research Data - Workshop at UiO - December 04, 2017
Managing and Sharing Research Data - Workshop at UiO - December 04, 2017Managing and Sharing Research Data - Workshop at UiO - December 04, 2017
Managing and Sharing Research Data - Workshop at UiO - December 04, 2017Michel Heeremans
 
Publishing and sharing sensitive data 28 June
Publishing and sharing sensitive data 28 JunePublishing and sharing sensitive data 28 June
Publishing and sharing sensitive data 28 JuneARDC
 
Getting started-with-open-data
Getting started-with-open-dataGetting started-with-open-data
Getting started-with-open-dataRolf Kleef
 
Link Analysis of Life Sciences Linked Data
Link Analysis of Life Sciences Linked DataLink Analysis of Life Sciences Linked Data
Link Analysis of Life Sciences Linked DataMichel Dumontier
 
Security & Privacy - Lecture A
Security & Privacy - Lecture ASecurity & Privacy - Lecture A
Security & Privacy - Lecture ACMDLearning
 
Prediction of terrorist on the basis of semantic association building ontolog...
Prediction of terrorist on the basis of semantic association building ontolog...Prediction of terrorist on the basis of semantic association building ontolog...
Prediction of terrorist on the basis of semantic association building ontolog...Nawaraj Ghimire
 
W3C HCLS Dataset Description Guidelines
W3C HCLS Dataset Description GuidelinesW3C HCLS Dataset Description Guidelines
W3C HCLS Dataset Description GuidelinesMichel Dumontier
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)ijcisjournal
 
Semantically-Enabled Digital Investigations - Research Overview
Semantically-Enabled Digital Investigations - Research OverviewSemantically-Enabled Digital Investigations - Research Overview
Semantically-Enabled Digital Investigations - Research Overviewinbroker
 
Presentation network security
Presentation network securityPresentation network security
Presentation network securityTalent Dzinoruma
 

What's hot (18)

Privacy in Research Data Managemnt - Use Cases
Privacy in Research Data Managemnt - Use CasesPrivacy in Research Data Managemnt - Use Cases
Privacy in Research Data Managemnt - Use Cases
 
Making it Easier, Possibly Even Pleasant, to Author Rich Experimental Metadata
Making it Easier, Possibly Even Pleasant, to Author Rich Experimental MetadataMaking it Easier, Possibly Even Pleasant, to Author Rich Experimental Metadata
Making it Easier, Possibly Even Pleasant, to Author Rich Experimental Metadata
 
Internet Identifier SSR
Internet Identifier SSRInternet Identifier SSR
Internet Identifier SSR
 
MOBILE DEVICE FORENSICS USING NLP
MOBILE DEVICE FORENSICS USING NLPMOBILE DEVICE FORENSICS USING NLP
MOBILE DEVICE FORENSICS USING NLP
 
Shareable by Design: Making Better Use of your Research
Shareable by Design: Making Better Use of your ResearchShareable by Design: Making Better Use of your Research
Shareable by Design: Making Better Use of your Research
 
FAIR Data Management and FAIR Data Sharing
FAIR Data Management and FAIR Data SharingFAIR Data Management and FAIR Data Sharing
FAIR Data Management and FAIR Data Sharing
 
Access and licencing of data
Access and licencing of dataAccess and licencing of data
Access and licencing of data
 
Managing and Sharing Research Data - Workshop at UiO - December 04, 2017
Managing and Sharing Research Data - Workshop at UiO - December 04, 2017Managing and Sharing Research Data - Workshop at UiO - December 04, 2017
Managing and Sharing Research Data - Workshop at UiO - December 04, 2017
 
Publishing and sharing sensitive data 28 June
Publishing and sharing sensitive data 28 JunePublishing and sharing sensitive data 28 June
Publishing and sharing sensitive data 28 June
 
Getting started-with-open-data
Getting started-with-open-dataGetting started-with-open-data
Getting started-with-open-data
 
Link Analysis of Life Sciences Linked Data
Link Analysis of Life Sciences Linked DataLink Analysis of Life Sciences Linked Data
Link Analysis of Life Sciences Linked Data
 
Security & Privacy - Lecture A
Security & Privacy - Lecture ASecurity & Privacy - Lecture A
Security & Privacy - Lecture A
 
Web data mining
Web data miningWeb data mining
Web data mining
 
Prediction of terrorist on the basis of semantic association building ontolog...
Prediction of terrorist on the basis of semantic association building ontolog...Prediction of terrorist on the basis of semantic association building ontolog...
Prediction of terrorist on the basis of semantic association building ontolog...
 
W3C HCLS Dataset Description Guidelines
W3C HCLS Dataset Description GuidelinesW3C HCLS Dataset Description Guidelines
W3C HCLS Dataset Description Guidelines
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)
 
Semantically-Enabled Digital Investigations - Research Overview
Semantically-Enabled Digital Investigations - Research OverviewSemantically-Enabled Digital Investigations - Research Overview
Semantically-Enabled Digital Investigations - Research Overview
 
Presentation network security
Presentation network securityPresentation network security
Presentation network security
 

Viewers also liked

Vocab1
Vocab1Vocab1
Vocab1shahed
 
عبارت موصول
عبارت موصولعبارت موصول
عبارت موصولshahed
 
Have to
Have toHave to
Have toshahed
 
Impact of online social networks on games
Impact of online social networks on gamesImpact of online social networks on games
Impact of online social networks on gamesTulakshana Weerasooriya
 
English book 2
English book 2English book 2
English book 2shahed
 

Viewers also liked (7)

Vocab1
Vocab1Vocab1
Vocab1
 
Adding iOS simulators
Adding iOS simulatorsAdding iOS simulators
Adding iOS simulators
 
عبارت موصول
عبارت موصولعبارت موصول
عبارت موصول
 
Lot
LotLot
Lot
 
Have to
Have toHave to
Have to
 
Impact of online social networks on games
Impact of online social networks on gamesImpact of online social networks on games
Impact of online social networks on games
 
English book 2
English book 2English book 2
English book 2
 

Similar to Firewalls

Bolton Health Service Secure Network Design.docx
Bolton Health Service Secure Network Design.docxBolton Health Service Secure Network Design.docx
Bolton Health Service Secure Network Design.docxwrite31
 
Evaluation the performanc of dmz
Evaluation the performanc of dmzEvaluation the performanc of dmz
Evaluation the performanc of dmzBaha Rababah
 
Use of network forensic mechanisms to formulate network security
Use of network forensic mechanisms to formulate network securityUse of network forensic mechanisms to formulate network security
Use of network forensic mechanisms to formulate network securityIJMIT JOURNAL
 
Review on Computer Forensic
Review on Computer ForensicReview on Computer Forensic
Review on Computer ForensicEditor IJCTER
 
RFC 2196 Site Security Handbook
RFC 2196 Site Security HandbookRFC 2196 Site Security Handbook
RFC 2196 Site Security HandbookDavid Sweigert
 
Chapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdfChapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdfAschalewAyele2
 
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...IJCNCJournal
 
Paper Titled Information Security in an organization
Paper Titled Information Security in an organizationPaper Titled Information Security in an organization
Paper Titled Information Security in an organizationMohammed Mahfouz Alhassan
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
Accessing secured data in cloud computing environment
Accessing secured data in cloud computing environmentAccessing secured data in cloud computing environment
Accessing secured data in cloud computing environmentIJNSA Journal
 
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENTACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENTIJNSA Journal
 
Network design consideration
Network design considerationNetwork design consideration
Network design considerationlavanya marichamy
 
Cryptography Project by Aelsayed & Kyasser.pdf
Cryptography Project by Aelsayed & Kyasser.pdfCryptography Project by Aelsayed & Kyasser.pdf
Cryptography Project by Aelsayed & Kyasser.pdfahmeddeath6
 
OTechs Cloud computing security
OTechs Cloud computing securityOTechs Cloud computing security
OTechs Cloud computing securityOsman Suliman
 
Case Cyber Security.docx
Case Cyber Security.docxCase Cyber Security.docx
Case Cyber Security.docxstudywriters
 
Case Cyber Security.docx
Case Cyber Security.docxCase Cyber Security.docx
Case Cyber Security.docxbkbk37
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power pointbodo-con
 

Similar to Firewalls (20)

Bolton Health Service Secure Network Design.docx
Bolton Health Service Secure Network Design.docxBolton Health Service Secure Network Design.docx
Bolton Health Service Secure Network Design.docx
 
Evaluation the performanc of dmz
Evaluation the performanc of dmzEvaluation the performanc of dmz
Evaluation the performanc of dmz
 
Use of network forensic mechanisms to formulate network security
Use of network forensic mechanisms to formulate network securityUse of network forensic mechanisms to formulate network security
Use of network forensic mechanisms to formulate network security
 
Review on Computer Forensic
Review on Computer ForensicReview on Computer Forensic
Review on Computer Forensic
 
RFC 2196 Site Security Handbook
RFC 2196 Site Security HandbookRFC 2196 Site Security Handbook
RFC 2196 Site Security Handbook
 
Firewalls
FirewallsFirewalls
Firewalls
 
Chapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdfChapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdf
 
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
 
Paper Titled Information Security in an organization
Paper Titled Information Security in an organizationPaper Titled Information Security in an organization
Paper Titled Information Security in an organization
 
820 1961-1-pb
820 1961-1-pb820 1961-1-pb
820 1961-1-pb
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
 
Accessing secured data in cloud computing environment
Accessing secured data in cloud computing environmentAccessing secured data in cloud computing environment
Accessing secured data in cloud computing environment
 
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENTACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
ACCESSING SECURED DATA IN CLOUD COMPUTING ENVIRONMENT
 
Network design consideration
Network design considerationNetwork design consideration
Network design consideration
 
Cryptography Project by Aelsayed & Kyasser.pdf
Cryptography Project by Aelsayed & Kyasser.pdfCryptography Project by Aelsayed & Kyasser.pdf
Cryptography Project by Aelsayed & Kyasser.pdf
 
network security.pdf
network security.pdfnetwork security.pdf
network security.pdf
 
OTechs Cloud computing security
OTechs Cloud computing securityOTechs Cloud computing security
OTechs Cloud computing security
 
Case Cyber Security.docx
Case Cyber Security.docxCase Cyber Security.docx
Case Cyber Security.docx
 
Case Cyber Security.docx
Case Cyber Security.docxCase Cyber Security.docx
Case Cyber Security.docx
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power point
 

Recently uploaded

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 

Recently uploaded (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 

Firewalls

  • 2. Firewall Control the incoming and outgoing network traffic by analyzing the data packets and determining whether it should be allowed through or not, based on a predetermined rule set. Software/Hardware based
  • 3. Filtering 1.Protocol 2.From (source) address and port 3.Schedule 4.To (destination) addresses, names, URLs 5.Users 6.Content groups
  • 4. Case study A small organization which uses the following services •email •ftp •Internet
  • 5. Firewall policy External users and internal users are prohibited from interaction with the firewall with the exception of email, ping, DNS and extremely limited ftp capacity. Internal network addresses are hidden from the external network.
  • 6. Outbound requests from the internal network for WWW access to the Internet are permitted only for the marketing and sales department.
  • 7. False sense of security Firewall alone will not keep the internal network safe. For example say the traffic coming through the public network to company's network is filtered using a firewall, but still internal people have access to resources. Procedural defenses should also be enforced
  • 9. Recommendations •An organization’s firewall policy should be based on a comprehensive risk analysis. •Firewall policies should be based on blocking all inbound and outbound traffic, with exceptions made for desired traffic. •Policies should take into account the source and destination of the traffic in addition to the content.
  • 10. An organization should determine which applications may send traffic into or out of its network and make firewall policies to block traffic for other applications.
  • 11. References [1] D. Drake and K. L. Morse, “Applying the Eight-Stage Risk Assessment Methodology to Firewalls,” in Proceedings of the 13th Annual Computer Security Applications Conference (ACSAC’97), 1997, pp. 44–52. [2] S. Myagmar, A. J. Lee, and W. Yurcik, “Threat modeling as a basis for security requirements,” in Proceedings of the Symposium on Requirements Engineering for Information Security (SREIS’05), 2005. [3] I. Georgakoudi, B. C. Jacobson, M. G. Müller, E. E. Sheets, K. Badizadegan, D. L. Carr-Locke, C. P. Crum, C. W. Boone, R. R. Dasari, J. Van Dam, and others, “NAD (P) H and collagen as in vivo quantitative fluorescent biomarkers of epithelial precancerous changes,” Cancer Research, vol. 62, no. 3, p. 682, 2002.
  • 12. Thank You Group members, •Aroshan Fernando •Pavithra Kulathilaka •Madhushika Bandara •Tulakshana Weerasooriya •Dimuthu Samarasekara