Network Security (Firewall) Instructor: Professor Morteza Anvari Student: Xiuxian Chen ID: 93036 Term: Spring 2001.

Slides:



Advertisements
Similar presentations
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Advertisements

FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Security Firewall Firewall design principle. Firewall Characteristics.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Chapter 7 Firewalls. Firewall Definition  A network device that enforces network access control based upon a defined security policy.
Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.
Networking Components Chad Benedict – LTEC
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.
By: Colby Shifflett Dr. Grossman Computer Science /01/2009.
A Brief Taxonomy of Firewalls
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
Firewalls. What are firewalls? a hardware device and/or software program which sits between the Internet and the intranet, internet, of an organization.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
Intranet, Extranet, Firewall. Intranet and Extranet.
Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
Network Components: Assignment Three
1 Pertemuan 13 IDS dan Firewall Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
FIREWALLS Prepared By: Hilal TORGAY Uğurcan SOYLU.
Firewalls, etc.. Network Security2 Outline Intro Various firewall technologies: –Static Packet Filtering (or nonstateful packet filter) –Dynamic Packet.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Firewall Security.
1 Firewalls Types of Firewalls Inspection Methods  Static Packet Inspection  Stateful Packet Inspection  NAT  Application Firewalls Firewall Architecture.
Karlstad University Firewall Ge Zhang. Karlstad University A typical network topology Threats example –Back door –Port scanning –…–…
1 Network Firewalls CSCI Web Security Spring 2003 Presented By Yasir Zahur.
Firewalls2 By using a firewall: We can disable a service by throwing out packets whose source or destination port is the port number for that service.
INTRODUCTION Firewall is a concept which blocks unwanted traffic and passes desirable traffic to and from both sides of the network.
1 Internet Firewall Security Present by: Ying Fu Department of Computer Science South Eastern University February, 2001.
CSCE 201 Network Security Firewalls Fall CSCE Farkas2 Traffic Control – Firewall Brick wall placed between apartments to prevent the spread.
Networking Components Assignment 3 Corbin Watkins.
Kevin Harrison LTEC 4550 Assignment 3.  Ethernet Hub  An unsophisticated device that is used for connecting multiple Ethernet devices together.  Typically.
Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.
I NTRODUCTION TO F IREWALLS. O VERVIEW OF F IREWALLS As the name implies, a firewall acts to provide secured access between two networks A firewall may.
Presented By Hareesh Pattipati.  Introduction  Firewall Environments  Type of Firewalls  Future of Firewalls  Conclusion.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.
Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos
Computer Data Security & Privacy
Prepared By : Pina Chhatrala
Introduction to Networking
Firewalls.
* Essential Network Security Book Slides.
Firewalls Routers, Switches, Hubs VPNs
Firewalls Jiang Long Spring 2002.
Firewall.
Firewalls.
Introduction to Network Security
FIREWALL.
Presentation transcript:

Network Security (Firewall) Instructor: Professor Morteza Anvari Student: Xiuxian Chen ID: Term: Spring 2001

Definition of Firewall In non-computer industries, a firewall is a specially designed wall that controls the spreading of a fire. In networking, a firewall could be described as a specially designed device that controls the spreading of a network threat. The most commonly talked about source of network threats is the Internet. A firewall is simply a group of components that collectively form a barrier between two networks.

Firewall Diagram

Types of Firewall Packet-filtering Firewall A packet-filtering firewall is a router or computer running software that has been configured to screen incoming and outgoing packets. A packet- filtering firewall accepts or denies packets based on information contained in the packets' TCP and IP headers. The headers consist of the following: 1).Source address 2). Destination address 3). Application or protocol 4). Source port number 5). Destination port number

Types of Firewall [continued] Packet-filtering Firewall [continued] Before forwarding a packet, the firewall compares the full association against a table containing rules that dictate whether the firewall should deny or permit packets to pass. The primary advantage of using a packet-filtering firewall is that it provides some measure of protection for relatively low cost and causes little to no delay in network performance. It primarily operates only at the network layer of the Open Systems Interconnection (OSI) model.

Types of Firewall [continued] Circuit-level Gateway A circuit-level gateway monitors TCP handshaking between packets from trusted clients or servers to untrusted hosts and vice versa to determine whether a requested session is legitimate. To filter packets in this way, a circuit-level gateway relies on data contained in the packet headers for the Internet's TCP session-layer protocol.

Types of Firewall [continued] Circuit-level Gateway [continued] Monitoring Handshaking ---To determine whether a requested session is legitimate. a circuit- level gateway uses a process similar to the following: A trusted client requests a service, and the gateway accepts this request, assuming that the client meets basic filtering criteria. Next, acting on behalf of the client, the gateway opens a connection to the requested untrusted host and then closely monitors the TCP handshaking.

Types of Firewall [continued] Circuit-level Gateway [continued] Pipe Proxies -- After a circuit-level gateway determines that the trusted client and the untrusted host are authorized to participate in a TCP session and verifies the legitimacy of this session, the gateway establishes a connection. From this point on, the circuit-level gateway simply copies and forwards packets back and forth without further filtering them. A circuit-level gateway relies on special applications to perform copy and forward services. These applications are sometimes called pipe (or generic) proxies.

Types of Firewall [continued] Circuit-level Gateway [continued] Seldom Standalone -- Most circuit-level gateways are not stand-alone products but instead are packaged with application-level gateways. Proxy Server Protection. A circuit-level gateway provides one other important security function: It is a proxy server. A proxy server is a firewall that uses a process called address translation to map all of internal IP addresses to one “safe” IP address. This address is associated with the firewall from which all outgoing packets originate.

Types of Firewall [continued] Circuit-level Gateway [continued] Circumventing Circuits. --A circuit-level gateway has one inherently vulnerable characteristic. Once a circuit-level gateway establishes a connection, any application can run across that connection because a circuit-level gateway filters packets only at the session layer of the OSI model.

Types of Firewall [continued] Application-level Gateway An application-level gateway intercepts incoming and outgoing packets, runs proxies that copy and forward information across the gateway, and functions as a proxy server, preventing any direct connection between a trusted server or client and an untrusted host. The proxies are application specific. The proxies can filter packets at the application layer of the OSI model.

Types of Firewall [continued] Application-level Gateway [continued] Application-specific Proxies. --Application- specific proxies accept only packets generated by services they are designed to copy, forward, and filter. Application-level Filtering. --An application-level gateway runs proxies that examine and filter individual packets, rather than simply copying them and blindly forwarding them across the gateway.

Types of Firewall [continued] Stateful Inspection Firewall A stateful inspection firewall combines aspects of a packet-filtering firewall, a circuit-level gateway, and an application-level gateway. Like a packet-filtering firewall, a stateful inspection firewall operates at the network layer of the OSI model, filtering all incoming and outgoing packets based on source and destination IP addresses and port numbers. A stateful inspection firewall also functions as a circuit-level gateway, determining whether the packets in a session are appropriate.

Types of Firewall [continued] Stateful Inspection Firewall [continued] A stateful inspection firewall mimics an application-level gateway: The firewall evaluates the contents of each packet up through the application layer and ensures that these contents match the rules in company's network security policy. A stateful inspection firewall allows a direct connection between a trusted client and an untrusted host. And it relies on algorithms to recognize and process application-layer data. These algorithms compare packets against known bit patterns of authorized packets.

Conclusion The key for building a secure network is to define what security means to you. Once it has been defined, everything it goes on with the network can be evaluated with respect to that policy. Projects and systems can then be broken down into their components, and it becomes much simpler to decide whether what is proposed will conflict with your security policies and practices.

Thank you

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.