Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firewalls Definition: Device that interconnects two or more networks and manages the network traffic between those interfaces. Maybe used to: Protect a.

Published byAmanda O’Brien’ Modified over 8 years ago

Similar presentations

Presentation on theme: "Firewalls Definition: Device that interconnects two or more networks and manages the network traffic between those interfaces. Maybe used to: Protect a."— Presentation transcript:

1 Firewalls Definition: Device that interconnects two or more networks and manages the network traffic between those interfaces. Maybe used to: Protect a private network from the Internet Separate areas within a private network

2 Methods of Protection Packet filtering firewalls ( most common) Circuit-level firewalls Application-gateway firewalls

3 Packet – filtering Examines every packet Makes a decision Operates @ data link and network layers

4 How It Works IP address – allow/deny based on source/destination address

5 Port Number Port 80 – open Port 21 – closed (FTP) 23 – closed (Telnet) Port 25 – open (SMTP) 110 – open (POP3) Protocol id – each IP packet has a protocol ID

6 Circuit-level firewalls Operate @ transport layer Sends all requests from the firewall’s IP address (NAT) hides the internal network

7 Application Gateway Firewalls Most functional Set rules Authentication Which systems are accessible

8 DMZs – demilitarized zones Separate network of servers only accessible through the firewall – to inside and outside traffic.

9 Proxy Servers Proxy server – intermediary between user on internal network and service on external network (Internet). Takes request from user Performs the request Provides NAT function Hides internal addresses Controls Internet access Filter requests Allow Disallow Check retrieved material Acceptable Unacceptable HTTP80 POP3110 SMTP25 HTTPS443

10 Caching Storing files on the server’s hard drive Provides access more quickly Reduces traffic on Internet connection

11 Caching Considerations Hard drive capacity Old versions of pages Aging (remove page after certain period) Check for newer version

12 ICP – Internet Cache Protocol Lightweight message format used for communicating among web caches. Used to exchange “hints” about the existence of URLs in neighbor caches.

13 CARP – Caching Array Protocol Proxy server proxy server client Multiple proxy servers in one network Clients must be configured through browser settings for a proxy server. Firewalling proxy servers – combine functions of both.

14 Blocking Port Numbers Associated with firewalls and proxy servers. Blocked port – no through traffic. Could be from either direction Outgoing traffic blocked Incoming traffic blocked

15 Packet Sniffing Taking data from the network and reading it. Avoidance procedure: Encryption – encoding data so it can’t be read with out unlocking code.

16 IPSec – Internet Protocol Security Network layer All apps that use IP can use IPSec Those apps that operate @ layers above layer 3, cannot use IPSec – such as SSL(layer 7)

17 DES –Data Encryption Std. Encrypts/decrypts 64 bits chunks using 64/56 bit key 1 parity bit _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Going away – less expensive and faster system XXX XXX XX

18 3 DES Improved DES Repeats 3x 56 x 3 = 168 64 x 3 = 192

19 Auditing Tracking events that occur.

Download ppt "Firewalls Definition: Device that interconnects two or more networks and manages the network traffic between those interfaces. Maybe used to: Protect a."

Similar presentations

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Firewall Ercan Sancar & Caner Sahin. Index History of Firewall Why Do You Need A Firewall Working Principle Of Firewalls Can a Firewall Really Protect.

Firewall Ercan Sancar & Caner Sahin. Index History of Firewall Why Do You Need A Firewall Working Principle Of Firewalls Can a Firewall Really Protect.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.

Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
Security (Part 2) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 13, Thursday 4/5/2007)

Security (Part 2) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 13, Thursday 4/5/2007)
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
TCP/IP Addressing Design. Objectives Choose an appropriate IP addressing scheme based on business and technical requirements Identify IP addressing problems.

TCP/IP Addressing Design. Objectives Choose an appropriate IP addressing scheme based on business and technical requirements Identify IP addressing problems.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.

Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
FIREWALL Mạng máy tính nâng cao-V1.

FIREWALL Mạng máy tính nâng cao-V1.
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.

January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
Chapter 6: Packet Filtering

Chapter 6: Packet Filtering

Similar presentations

Ads by Google