Intranet, Extranet, Firewall. Intranet and Extranet.

Slides:

Advertisements

Similar presentations

Network Security Essentials Chapter 11

Advertisements

Lecture slides for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 9 “Firewalls and Intrusion Prevention.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.

Firewalls Uyanga Tserengombo

IUT– Network Security Course 1 Network Security Firewalls.

FIREWALLS Chapter 11.

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS – Chapter 20 network-based threats access to outside world Functionality, Design Security – trusted system.

Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.

Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

Kittiphan Techakittiroj (21/05/58 10:00 น. 21/05/58 10:00 น. 21/05/58 10:00 น.) Firewall Kittiphan Techakittiroj

Lecture 14 Firewalls modified from slides of Lawrie Brown.

Security Firewall Firewall design principle. Firewall Characteristics.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

—On War, Carl Von Clausewitz

Chapter 11 Firewalls.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

EE579T/10 #1 Spring 2003 © , Richard A. Stanley WPI EE579T Network Security 10: Firewalls Prof. Richard A. Stanley.

Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.

Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey

EE579T/6GD #1 Summer 2003 © , Richard A. Stanley EE579T Network Security 6: Firewalls and Trusted Networks Prof. Richard A. Stanley.

Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Network Security (Firewall) Instructor: Professor Morteza Anvari Student: Xiuxian Chen ID: Term: Spring 2001.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

Chapter 20 Firewalls.

Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.

NW Security and Firewalls Network Security

Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Fall 2004CS 395: Computer Security1 Chapter 20: Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the.

January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

1 Pertemuan 13 IDS dan Firewall Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

Växjö University, Sweden

Chapter 11 Firewalls.

8: Network Management1 Firewalls. 8: Network Management2 Firewalls Two firewall types: m packet filter m application gateways To prevent denial of service.

1 Internet Firewalls What it is all about Concurrency System Lab, EE, National Taiwan University R355.

Firewalls, etc.. Network Security2 Outline Intro Various firewall technologies: –Static Packet Filtering (or nonstateful packet filter) –Dynamic Packet.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

NS-H /11041 Intruder. NS-H /11042 Intruders Three classes of intruders (hackers or crackers): –Masquerader –Misfeasor –Clandestine user.

TCP/IP Protocols Contains Five Layers

Firewall – Survey Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic Characteristic of a firewall – All traffic must go through.

Karlstad University Firewall Ge Zhang. Karlstad University A typical network topology Threats example –Back door –Port scanning –…–…

Security fundamentals Topic 10 Securing the network perimeter.

COMPUTER INTERNET, INTRANET & EXTRANET. INTERNET 1) It is a worldwide system which has the following characteristics: 2) Internet is a world-wide / global.

1 Ola Flygt Växjö University, Sweden Firewalls.

UNIT -5 Password Management Firewall Design Principles.

SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.

Presented By Hareesh Pattipati.  Introduction  Firewall Environments  Type of Firewalls  Future of Firewalls  Conclusion.

Fall 2006CS 395: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.

Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos

Defining Network Infrastructure and Network Security Lesson 8.

Security fundamentals

Why do we need Firewalls?

Computer Data Security & Privacy

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

Lecture # 7 Firewalls الجدر النارية. Lecture # 7 Firewalls الجدر النارية.

* Essential Network Security Book Slides.

Firewalls Purpose of a Firewall Characteristic of a firewall

Firewalls Routers, Switches, Hubs VPNs

Presentation transcript:

Intranet, Extranet, Firewall

Intranet and Extranet

What is Intranet Definition: An Intranet is a private computer network that uses Internet protocols, network connectivity, and possibly the public telecommunication system to securely share part of an organization’s information or operations with its employee.

Basically It uses the same concepts and technologies of the internet (clients and servers) running on the TCP/IP protocol suite. HTTP, FTP and SMTP and very commonly used. Access to information is typically through browsers. Platform independent. No need to install special software on clients.

Advantage: Intranet help employees to quickly locate information and applications relevant to their roles and responsibilities. Standard interface, allowing “access from anywhere”. Can serve as a powerful tool for communication within an organization. Both vertically and horizontally Permits information to be published.

What is Extranet Definition An Extranet is private network that uses internet protocols, network connectivity, and possibly the public communication system to securely share part of an organization’s information or operations with suppliers, partners, customers, or other businesses. Can be viewed as part of a company’s Intranet that is extended to users outside the company.

Basically It is “a private internet over the Internet”. Used to designate “private parts” of a website. Only registered users can navigate. It requires security and privacy. Firewall server management. Issuance and use of digital certificates or similar means of authentication. Encryption of messages. Use of Virtual Private Network (VPN) that tunnel through the public network.

Advantages: Can improve organization productivity. Allows information to be viewed at times convenient for external users. Cut down on meeting times. Information can be updated instantly. Authorized users have immediate access to latest information Can improve relationships with customers.

Firewall

Why Firewalls Firewall are effective to: Protect local systems. Protect network-based security threats. Provide secured and controlled access to Internet Provide restricted and controlled access from the Internet to local servers.

Firewall Characteristics Design goals: All traffic from inside to outside must pass through the firewall. Only authorized traffic will be allowed to pass. Defined by local security policy. The firewall itself is immune to penetration. Use of trusted system with a secure operating system.

Types of Firewalls 1. Packet filters. 2. Application-level gateways 3. Circuit-level gateways.

Packet Filtering Firewall Some of the attacks that can be made on packet filtering routers: IP address spooling Source Routing attacks Internet Private network Packet Filtering router

Packet Filtering Firewall Applies a set of rules to each incoming IP packet and then forwards or discards the packet. Typically based on IP addresses and port numbers. Filter packets going in both directions. The packet filter is typically set up as a list of rules based on matches to fields in the IP or TCP header. Two default policies (discard or forward).

Packet Filtering Firewall Advantages: Simplicity Transparency to users High speed Disadvantages: Difficulty of setting up packet filter rules Lack of authentication

Application-Level gateway Also called a Proxy Server; acts as relay of application level traffic. It is service specific. FTP HTTP SMTP Inside Connection Outside Connection Application-Level Gateway Inside Host Outside Host

Application-level Gateway Also called proxy server Acts as a relay of application-level traffic Advantages: Higher security than packet filters Only need to scrutinize a few allowable applications Easy to log and audit all incoming traffic Disadvantages: Additional processing overhead on each connection (gateway as splice point)

Circuit-level gateway In O ut Inside Connection Outside Connection Inside Host Outside Host Circuit-level gateway

Circuit-level Gateway Stand-alone system, or specialized function performed by an Application-level Gateway. Does not permit end-to-end TCP connection; rather the gateway sets up two TCP connections: The gateway typically relays TCP segments from one connection to the other without examining the contents. The security function consists of determining which connections will be allowed.

Bastion Host It is a system identified by the firewall administrator as a critical point in the network’s security. It executes a secure version of its OS and is trusted It consists of services which are essential. Requires additional authentication before access is allowed

Firewall Configurations In addition to the use of simple configuration of a single system, more complex configurations are possible. Three common configurations are in popular use. Single-homed host. Dual-homed host Screened subnet.

Single-homed Host

Firewall consists of two system: A packet-filtering router A bastion host Configuration for the packet-filtering router: Only packets from and to the bastion host are allowed to pass through the router. The bastion host performs authentication and proxy functions.

Greater security than single configurations because of two reasons: Implements both packet-level and application-level filtering (allowing for flexibility in defining security policy). An intruder must generally penetrate two separate systems.

Dual-homed host

The packet-filtering router is not completely compromised. Traffic between the Internet and other hosts on the private network has to flow through the bastion host.

Screened Subnet

Most secure configuration of the three. Two packet-filtering routers are used. Creation of an isolated sub-network.

Advantages: Three levels of defense to thwart intruders. The outside router advertises only the existence of the screened subnet to the Internet. Internal network is invisible to the Internet. The inside router advertises only the existence of the screened subnet to the internal network. The systems one the inside network cannot construct direct routes to the Internet.

Intranet/Extranet Design Issues

For Intranet: Analysis of the organization flow. Identify various cress-sections of employees, and their access privileges. Enforce authentication mechanism. For Extranet: Security is the major concern. Combination of firewalls, authentication, VPN, etc. must be used.