Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Slides:



Advertisements
Similar presentations
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.
Advertisements

Network Security Essentials Chapter 11
Lecture slides for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 9 “Firewalls and Intrusion Prevention.
Denial of Service, Firewalls, and Intrusion Detection
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 9: Firewalls and Intrusion Prevention.
Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 9 – Firewalls and.
Firewalls Uyanga Tserengombo
IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.
Lecture 14 Firewalls modified from slides of Lawrie Brown.
Security Firewall Firewall design principle. Firewall Characteristics.
—On War, Carl Von Clausewitz
Chapter 11 Firewalls.
Chapter 10 Firewalls. Introduction seen evolution of information systems now everyone want to be on the Internet and to interconnect networks has persistent.
1 Pertemuan 05 Firewall Matakuliah: H0451/Praktikum Jaringan Komputer Tahun: 2006 Versi: 1/0.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
Firewalls. What is a Firewall? A choke point of control and monitoring A choke point of control and monitoring Interconnects networks with differing trust.
Cryptography and Network Security Chapter 20 Fourth Edition by William Stallings.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Cryptography and Network Security Chapter 20 Firewalls
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Lecture 15 Firewalls modified from slides of Lawrie Brown.
Chapter 20 Firewalls.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
NW Security and Firewalls Network Security
Intranet, Extranet, Firewall. Intranet and Extranet.
Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Pertemuan 13 IDS dan Firewall Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
The Security Aspect of Social Engineering Justin Steele.
CSCE 815 Network Security Lecture 23 Jails and such April 15, 2003.
1 Internet Firewalls What it is all about Concurrency System Lab, EE, National Taiwan University R355.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
1 Chapter 20: Firewalls Fourth Edition by William Stallings Lecture slides by Lawrie Brown(modified by Prof. M. Singhal, U of Kentucky)
Firewalls. What is a Firewall? A choke point of control and monitoring A choke point of control and monitoring Interconnects networks with differing trust.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Chapter 20 – Firewalls The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz.
Data Security and Encryption (CSE348)
Chapter 9 Firewalls and Intrusion Prevention Systems.
NS-H /11041 Intruder. NS-H /11042 Intruders Three classes of intruders (hackers or crackers): –Masquerader –Misfeasor –Clandestine user.
Security fundamentals Topic 10 Securing the network perimeter.
Firewalls Lesson Introduction Part of network defense-in-depth
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Cryptography and Network Security
Computer Security Firewalls and Intrusion Prevention Systems.
Security fundamentals
Firewalls.
Why do we need Firewalls?
Firewall.
Computer Data Security & Privacy
Prepared By : Pina Chhatrala
G. Pullaiah College of Engineering and Technology
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
PROJECT PRESENTATION ON INTERNET FIREWALLS PRESENTED BY THE GUARDS
Cryptography and Network Security Chapter 22
* Essential Network Security Book Slides.
Firewalls Purpose of a Firewall Characteristic of a firewall
Subject Name: NETWORK SECURITY Subject Code: 10EC832
POOJA Programmer, CSE Department
Firewalls Jiang Long Spring 2002.
Chapter 20: Firewalls Fourth Edition by William Stallings
Firewalls.
Presentation transcript:

Firewalls By Tahaei Fall 2012

What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions on network services –only authorized traffic is allowed auditing and controlling access –can implement alarms for abnormal behavior provide NAT & usage monitoring implement VPNs using IPSec must be immune to penetration 2

What is a firewall? 3

Firewall Limitations cannot protect from attacks bypassing it –eg sneaker net, utility modems, trusted organisations, trusted services (eg SSL/SSH) cannot protect against internal threats –eg disgruntled or colluding employees cannot protect against access via WLAN –if improperly secured against external use cannot protect against malware imported via laptop, PDA, storage infected outside 4

Firewalls – Packet Filters simplest, fastest firewall component foundation of any firewall system examine each IP packet (no context) and permit or deny according to rules hence restrict access to services (ports) possible default policies –that not expressly permitted is prohibited (default action is discard packet) –that not expressly prohibited is permitted (default action is forward packet) 5

Firewalls – Packet Filters 6

7

Attacks on Packet Filters IP address spoofing –fake source address to be trusted –add filters on router to block source routing attacks –attacker sets a route other than default –block source routed packets tiny fragment attacks –split header info over several tiny packets –either discard or reassemble before check 8

Firewalls – Statefull Packet Filters traditional packet filters do not examine higher layer context –ie matching return packets with outgoing flow statefull packet filters address this need they examine each IP packet in context –keep track of client-server sessions –check each packet validly belongs to one hence are better able to detect bogus packets out of context may even inspect limited application data 9

Firewalls - Application Level Gateway (or Proxy) have application specific gateway / proxy has full access to protocol –user requests service from proxy –proxy validates request as legal –then actions request and returns result to user –can log / audit traffic at application level need separate proxies for each service –some services naturally support proxying –others are more problematic 10

Firewalls - Application Level Gateway (or Proxy) 11

Firewalls - Circuit Level Gateway relays two TCP connections imposes security by limiting which such connections are allowed once created usually relays traffic without examining contents typically used when trust internal users by allowing general outbound connections SOCKS is commonly used 12

Firewalls - Circuit Level Gateway 13

Bastion Host highly secure host system runs circuit / application level gateways or provides externally accessible services potentially exposed to "hostile" elements hence is secured to withstand this –hardened O/S, essential services, extra auth –proxies small, secure, independent, non-privileged may support 2 or more net connections may be trusted to enforce policy of trusted separation between these net connections 14

Host-Based Firewalls s/w module used to secure individual host –available in many operating systems –or can be provided as an add-on package often used on servers advantages: –can tailor filtering rules to host environment –protection is provided independent of topology –provides an additional layer of protection 15

Personal Firewalls controls traffic between PC/workstation and Internet or enterprise network a software module on personal computer or in home/office DSL/cable/ISP router typically much less complex than other firewall types primary role to deny unauthorized remote access to the computer and monitor outgoing activity for malware 16

Personal Firewalls 17

Firewall Configurations 18

Firewall Configurations 19

Firewall Configurations 20

DMZ Networks 21

Virtual Private Networks 22

Distributed Firewalls 23