Firewall Basics Technology and Business Applications.

Slides:



Advertisements
Similar presentations
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Advertisements

Guide to Network Defense and Countermeasures Second Edition
IUT– Network Security Course 1 Network Security Firewalls.
Final Presentation Topics 1) Firewalls 1) Firewalls 2) Virtual Private Networks 2) Virtual Private Networks 3) Secure Socket Layer 3) Secure Socket Layer.
5-Network Defenses Dr. John P. Abraham Professor UTPA.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Firewalls and Intrusion Detection Systems
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Chapter Extension 7 How the Internet Works © 2008 Prentice Hall, Experiencing MIS, David Kroenke.
1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &
Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.
1 Computer System Evolution Central Data Processing System: - with directly attached peripherals (card reader, magnetic tapes, line printer). Local Area.
Circuit & Application Level Gateways CS-431 Dick Steflik.
Firewalls CS591 Topics in Internet Security November Steve Miskovitz, Steve Peckham, Kan Hayashi.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
The OSI Reference Model Key concepts: Layers Communications between two adjacent layers Encapsulation Multiplexing and demultiplexing Tunneling.
A Brief Taxonomy of Firewalls
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.
1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
Chapter 6: Packet Filtering
Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.
FIREWALLS Prepared By: Hilal TORGAY Uğurcan SOYLU.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
CSCI 530 Lab Intrusion Detection Systems IDS. A collection of techniques and methodologies used to monitor suspicious activities both at the network and.
Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Access Control List (ACL)
1 Firewalls G53ACC Chris Greenhalgh. 2 Contents l Attacks l Principles l Simple filters l Full firewall l Books: Comer ch
TCP/IP Protocols Contains Five Layers
Information Flow Across the Internet. What is the Internet? A large group of computers that link together to form the Worldwide Area Network (WAN)
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
1 Firewalls Types of Firewalls Inspection Methods  Static Packet Inspection  Stateful Packet Inspection  NAT  Application Firewalls Firewall Architecture.
Security fundamentals Topic 10 Securing the network perimeter.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
Firewall Matthew Prestifilippo, Bill Kazmierski, Pat Sparrow.
1 12-Jan-16 OSI network layer CCNA Exploration Semester 1 Chapter 5.
Transmission Control Protocol (TCP) Internet Protocol (IP)
Network Router Security Packeting Filtering. OSI Model 1.It is the most commonly refrenced protocol model. It provides common ground when describing any.
Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.
Firewall Technology and InterCell Communication Peter T. Dinsmore Trusted Information Systems Network Associates Inc 3060 Washington Rd (Rt. 97) Glenwood,
Access Control List (ACL) W.lilakiatsakun. Transport Layer Review (1) TCP (Transmission Control Protocol) – HTTP (Web) – SMTP (Mail) UDP (User Datagram.
ITP 457 Network Security Networking Technologies III IP, Subnets & NAT.
Networking Components Quick Guide. Hubs Device that splits a network connection into multiple computers Data is transmitted to all devices attached Computers.
SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
FIREWALLS Created and Presented by: Dawn Blitch & Fredda Hutchinson.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.
FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.
Security fundamentals
Firewall Techniques Matt Cupp.
Computer Data Security & Privacy
Prepared By : Pina Chhatrala
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
How a Stateful Firewall Works
Encapsulation/Decapsulation
Lecture # 7 Firewalls الجدر النارية. Lecture # 7 Firewalls الجدر النارية.
Network Security: IP Spoofing and Firewall
* Essential Network Security Book Slides.
Firewalls Purpose of a Firewall Characteristic of a firewall
POOJA Programmer, CSE Department
دیواره ی آتش.
Presentation transcript:

Firewall Basics Technology and Business Applications

Purpose Goals –IP basics –Firewall Placement –Firewall Types/Functions –Customer Needs –Business Case

IP communication Each machine must have a unique address Understanding the Tech

Each machine must also transmit and/or receive on a unique TCP or UDP port Port 1 Port 65,535 Port 1 Port 65,535 Understanding the Tech

Port 1 Port 65,535 Port 1 Port 65,535 In the Beginning, There were Routers with Access Control Lists (ACL) If you come from address , You may pass. Understanding the Tech

But ACLs did not do the job Spoofing- a packet crafted to appear to be from a trusted source Fragmentation- an IP packet is split into many pieces requiring reassembly at the destination –Offset overwrites Header replacement Payload replacement –Giant Packets –Scrambled Sequences –Fragment retransmission Understanding the Tech

Later on, Port source and destination filters were also added to ACLs Destination Port 21 Source Port 21 If you come from address , AND you have a source port of 21, AND you have a destination port of 21, You may pass. Understanding the Tech

Still not good enough... Simple Spoofing defeated, but... –Fragmentation techniques still effective Protocol impersonation “Mangled” packets Bounce attacks Hijacking Complexity exceeded benefit Understanding the Tech

Stateful Inspection added additional security by tracking the “state” of TCP traffic. Source Port 21 Destination Port 21 Understanding the Tech

Still not good enough Man in the Middle Sequence Healing Direct Connection exists Payload still not checked for protocol or syntax

Enter the Application Gateway (Proxy) Architecture

Traffic originates from The first connection is to the Proxy’s NIC A second, unique connection is made by the Proxy device to Proxy Firewall ALL traffic is stripped of its layer headers. Payload is analyzed at the application layer. Brand new headers are created by the Proxy and pre-pended to application traffic

Advantages to Proxy Spoof-proof Frag-proof Syntax checking No protocol masquerading Detailed logging

3 Major Disadvantages to Proxy and 1 minor Speed –“It’s too hard!”

Trump Card- Adaptive Proxy Initial connection sequence is full proxy “One time” packet screening rule created to pass following traffic Connection teardown removes the One time rule –Result: “The security of Proxy with the Speed of the Packet Filter.”

Firewall Placement Traditional –Perimeter Internal Segmentation Gateway –Exclusive –Non-exclusive Tiered

Things that make Firewalls Difficult Domain Name Service (DNS) –Canonical to IP and reverse Simple Mail Transport Protocol (SMTP) Network Address Translation (NAT) –Legal –Illegal

Things That Make Firewalls Difficult- cont. Virtual Private Networks –Older methods intolerant of NAT –Certificates involve PKI overhead –Historically complex integration with so-called compliant products –Sparse technical competence –Multiple types Trusted Private Pass through

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.