Introduction to Networking

Slides:

Advertisements

Similar presentations

Personal Info 1 Prepared by: Mr. NHEAN Sophan  Presenter: Mr. NHEAN Sophan  Position: Desktop Support  Company: Khalibre Co,. Ltd 

Advertisements

1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

Firewalls and Intrusion Detection Systems

WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.

Department Of Computer Engineering

1 Enabling Secure Internet Access with ISA Server.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Chapter 8 PIX Firewall. Adaptive Security Algorithm (ASA)  Used by Cisco PIX Firewall  Keeps track of connections originating from the protected inside.

Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

FIREWALL Mạng máy tính nâng cao-V1.

Sales Kickoff - ARCserve

Using Windows Firewall and Windows Defender

Chapter 6: Packet Filtering

By : Himanshu Mishra Nimish Agarwal CPSC 624.  A system designed to prevent unauthorized access to or from a private network.  It must have at least.

FEATURES & FUNCTIONALITY. Page 2 Agenda Main topics Packet Filter Firewall Application Control Other features.

1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

1 Chapter 20: Firewalls Fourth Edition by William Stallings Lecture slides by Lawrie Brown(modified by Prof. M. Singhal, U of Kentucky)

Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine

Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.

1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.

Page 1 Chapter 11 CCNA2 Chapter 11 Access Control Lists : Creating ACLs, using Wildcard Mask Bits, Standard and Extended ACLs.

Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.

Security fundamentals Topic 10 Securing the network perimeter.

Tracking Rejected Traffic.  When creating Cisco router access lists, one of the greatest downfalls of the log keyword is that it only records matches.

Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.

Firewalls Check incoming and outgoing TCP/IP messages Try to roughly identify abnormal traffic Regulate Inbound and Outbound connections - Make your machine.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.

Network Router Security Packeting Filtering. OSI Model 1.It is the most commonly refrenced protocol model. It provides common ground when describing any.

Firewalls Priyanka Verma & Jessica Wong. What is it? n A firewall is a collection of security measures designed to prevent unauthorised electronic access.

Role Of Network IDS in Network Perimeter Defense.

What's a Firewall? A security system that acts as a protective boundary between a network and the outside world Isolates computer from the internet using.

ITP 457 Network Security Networking Technologies III IP, Subnets & NAT.

SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.

By Steve Shenfield COSC 480.  Definition  Incidents  Damages  Defense Mechanisms Firewalls/Switches/Routers Routing Techniques (Blackholing/Sinkholing)

IP packet filtering Breno de Medeiros. Florida State University Fall 2005 Packet filtering Packet filtering is a network security mechanism that works.

Cryptography and Network Security

Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.

FIREWALLS By k.shivakumar 08k81f0025. CONTENTS Introduction. What is firewall? Hardware vs. software firewalls. Working of a software firewalls. Firewall.

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

Security fundamentals

Instructor & Todd Lammle

Internet Protocol Address

Working at a Small-to-Medium Business or ISP – Chapter 8

FIREWALL configuration in linux

Securing the Network Perimeter with ISA 2004

Outline Basics of network security Definitions Sample attacks

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

Troubleshooting IP Communications

Introduction to Networking

Introducing To Networking

Introduction to Networking

Security of a Local Area Network

Firewall Exercise.

Network Security: IP Spoofing and Firewall

Access Control Lists CCNA 2 v3 – Module 11

Firewalls Purpose of a Firewall Characteristic of a firewall

Firewalls Routers, Switches, Hubs VPNs

Firewalls Chapter 8.

AbbottLink™ - IP Address Overview

Session 20 INST 346 Technologies, Infrastructure and Architecture

Outline Basics of network security Definitions Sample attacks

Presentation transcript:

Introduction to Networking Firewalls Part 4

Custom Services/Schedules Creating a custom service will allow us to define a new connection with its own type (which is the protocol it will use) as well as the ports used We can also create a schedule that will allow us to apply different rules at different times/days For example, we may want to separate business hours and after-hours and treat them separately

Default Outbound Policy Our default inbound rule (connections coming in from the internet) is to always block any connection unless there is a rule allowing it For our default outbound rule (connections originating from our private network) we can decide whether to allow or block connections without rules This would typically be based on the user’s needs. If they access one or two specific websites for their work, we can block everything and only allow access to those IP addresses. If the users need to access websites in order to perform research or test things, we could allow everything and only block malicious or inappropriate sites

Blocking a Service Here’s an example of blocking a service We can choose what zone the connection starts from and what zone we are attempting to connect to We can choose from a list of predefined services, or create our own We can choose to always block, always allow, or block/allow by schedule We can choose a specific IP or a range for either the source or destination. Alternatively, we can say that this rule applies to all hosts We can also choose whether or not to log when this blocking happens. This can tell us if an employee is trying to access something they shouldn’t, or help us investigate an attack on our system

Rule Priority Note that we could have rules that can’t always be satisfied at the same time, they may contradict each other For example, we may allow access from our network to the IP address 184.76.52.139, and deny access from our network to port 22. What would happen then, if we tried to access 184.76.52.139 through port 22? We’d have to look at their order on this list. Whatever rule is higher would take priority

Blocking Attacks We have the ability to automatically defend against specific types of attacks For example, we can disable responses to ping or any ICMP messages We can set a detection rate for SYN floods. If the firewall detects too many SYN handshake requests, we’ll register it as an attack and respond appropriately, depending on the firewall

MAC Addresses We are able to control our network traffic by MAC addresses as well We can set our firewall so that only certain MAC addresses are permitted, and the rest our blocked, or we can block a few and let the rest through. The former is usually preferred, and definitely more secure We can also set up an IP address - MAC address binding We would do this for when we have a MAC address that always uses the same IP address (for example, with a static IP) This would prevent other devices from joining our network using these addresses illegitimately, trying to get through our firewall

Session Settings Session Settings are another tool we have to prevent attacks on our system We can limit the maximum number of half open sessions to prevent a SYN flood We can also set timeouts for other sessions. This controls how long the network will consider a session open without a reply