Outline The concept of perimeter defense and networks Firewalls.

Slides:



Advertisements
Similar presentations
FIREWALLS Chapter 11.
Advertisements

Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Security Firewall Firewall design principle. Firewall Characteristics.
Firewalls and Intrusion Detection Systems
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Guide to Computer Network Security
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Chapter 20 Firewalls.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
Intranet, Extranet, Firewall. Intranet and Extranet.
FIREWALL Mạng máy tính nâng cao-V1.
Chapter 6: Packet Filtering
October 15, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint SOEN321-Information-Systems Security Revision.
Internet and Intranet Fundamentals Class 9 Session A.
Lecture 15 Page 1 Advanced Network Security Perimeter Defense in Networks: Firewalls Configuration and Management Advanced Network Security Peter Reiher.
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
Lecture 9 Page 1 CS 136, Fall 2014 Network Security Computer Security Peter Reiher November 4, 2014.
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
1 Network Firewalls CSCI Web Security Spring 2003 Presented By Yasir Zahur.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
Lecture 12 Page 1 CS 236 Online Network Security: Firewalls, VPNs, and Honeypots CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Role Of Network IDS in Network Perimeter Defense.
Lecture 12 Page 1 CS 136, Fall 2011 Network Security, Continued CS 136 Computer Security Peter Reiher November 1, 2011.
Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.
Lecture 9 Page 1 CS 136, Spring 2014 Network Security CS 136 Computer Security Peter Reiher May 6, 2014.
Lecture 12 Page 1 CS 236, Spring 2008 Network Security: Firewalls, VPNs, and Honeypots CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.
Lecture 9 Page 1 CS 136, Spring 2016 Network Security Computer Security Peter Reiher April 26, 2016.
FIREWALLS By k.shivakumar 08k81f0025. CONTENTS Introduction. What is firewall? Hardware vs. software firewalls. Working of a software firewalls. Firewall.
Lecture 9 Page 1 CS 236 Online Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits.
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
Network Security Mechanisms
Some Important Network Characteristics for Security
Outline What is a firewall? Types of firewalls
Firewall.
Firewall Configuration and Administration
Computer Data Security & Privacy
Click to edit Master subtitle style
Outline Introduction Characteristics of intrusion detection systems
Introduction to Networking
Introduction to Networking
Firewalls.
6.6 Firewalls Packet Filter (=filtering router)
* Essential Network Security Book Slides.
Access Control Lists CCNA 2 v3 – Module 11
Firewalls Purpose of a Firewall Characteristic of a firewall
POOJA Programmer, CSE Department
Chapter 8 Network Perimeter Security
Firewalls Jiang Long Spring 2002.
دیواره ی آتش.
Firewall.
Firewalls.
Outline Network characteristics that affect security
Introduction to Network Security
FIREWALL.
Network Security: Firewalls, VPNs, and Honeypots CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Firewall Installation
Network Security: Firewalls, VPNs, and Honeypots CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Outline The spoofing problem Approaches to handle spoofing
Session 20 INST 346 Technologies, Infrastructure and Architecture
6. Application Software Security
Implementing Firewalls
Presentation transcript:

Perimeter Defense in Networks: Firewalls Advanced Network Security Peter Reiher August, 2014

Outline The concept of perimeter defense and networks Firewalls

Perimeter Defense What is perimeter defense? Protect something valuable by building an impenetrable perimeter around it With specified entry and exit points Control the entry and exit points If nothing bad can get in, I’m safe, right?

Weaknesses of Perimeter Defense Models Breaching the perimeter compromises all security Two major assumptions: The barrier is impenetrable We can carefully control the entrance and exit points How does this apply to networks? It usually isn’t We often can’t

Computer Networks and Perimeter Defense Seems like a good match for most networks Except wireless Which we’ll discuss later Usually, our network connects to other networks at a small number of points Surely if we protect those points . . .

Achieving Perimeter Defense in Networks The bad guys are here Internet And maybe here ISP So defend here! Router connecting to ISP Local network

What Is the Perimeter Defense for Networks? A big, vicious dog won’t help Can’t read packets Couldn’t bite packets if he could We need computer equipment that can take cyber actions The basic choice is a firewall

What Is a Firewall? A machine to protect a network from malicious external attacks Typically a machine that sits between a LAN/WAN and the Internet Running special software to regulate network traffic

The Brass Tacks of Firewalls What do they really do? Examine each incoming packet Decide to let the packet through or drop it Criteria could be simple or complex Perhaps log the decision Maybe send rejected packets elsewhere Pretty much all there is to it

Types of Firewalls Filtering gateways AKA screening routers Application level gateways AKA proxy gateways Reverse firewalls

Filtering Gateways Based on packet header information Primarily, IP addresses, port numbers, and protocol numbers Based on that information, either let the packet through or reject it Stateless firewalls

Example Use of Filtering Gateways Allow particular external machines to telnet into specific internal machines Denying telnet to other machines Or allow full access to some external machines And none to others

A Fundamental Problem IP addresses can be spoofed If your filtering firewall trusts packet headers, it offers little protection Situation may be improved by IPsec But hasn’t been yet Firewalls can perform the ingress/egress filtering discussed earlier

Filtering Based on Ports Most incoming traffic is destined for a particular machine and port Which can be derived from the IP and TCP headers Only let through packets to select machines at specific ports Makes it impossible to externally exploit flaws in little-used ports If you configure the firewall right . . .

Pros and Cons of Filtering Gateways Fast Cheap Flexible Transparent Limited capabilities Dependent on header authentication Generally poor logging May rely on router security

Application Level Gateways Also known as proxy gateways Firewalls that understand the application-level details of network traffic To some degree Traffic is accepted or rejected based on the probable results of accepting it Stateful firewalls

How Application Level Gateways Work The firewall serves as a general framework Various proxies are plugged into the framework Incoming packets are examined Handed to the appropriate proxy Proxy typically accepts or rejects

Deep Packet Inspection Another name for typical activity of application level firewalls Looking into packets beyond their headers Especially the IP header “Deep” sometimes also means deeper understanding of what’s going on Though not always

Firewall Proxies Programs capable of understanding particular kinds of traffic E.g., FTP, HTTP, videoconferencing Proxies are specialized A good proxy has deep understanding of the network application Typically limited by complexity and performance issues

Performance of Application Level Firewalls Can be fast If they don’t do sophisticated processing But if they don’t do sophisticated processing, why bother with them? Need to balance: How carefully they look at packets Vs. how long they take to do it

Pros and Cons of Application Level Gateways Highly flexible Good logging Content-based filtering Potentially transparent Slower More complex and expensive Highly dependent on proxy quality

Reverse Firewalls Normal firewalls keep stuff from the outside from getting inside Reverse firewalls keep stuff from the insider from getting outside Often colocated with regular firewalls Why do we need them?

Possible Uses of Reverse Firewalls Concealing details of your network from attackers Preventing compromised machines from sending things out E.g., intercepting bot communications or stopping DDoS Preventing data exfiltration

Single Machine Firewalls Instead of separate machine protecting network, A machine puts software between the outside world and the rest of machine Under its own control To protect itself Available on most modern systems

Pros and Cons of Individual Firewalls Customized to particular machine Specific to local software and usage Under machine owner’s control Can use in-machine knowledge for its decisions May be able to do deeper inspection Provides defense in depth

Cons of Personal Firewalls Only protects that machine Less likely to be properly configured Since most users don’t understand security well And/or don’t view it as their job Probably set to the default On the whole, generally viewed as valuable

Conclusion Firewalls are the building block of perimeter defense Different firewall types have different characteristics There are challenges in looking deeply enough to find problems While not delaying network traffic too much

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.