Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firewalls.

Published byFelicia Norman Modified over 6 years ago

Similar presentations

Presentation on theme: "Firewalls."— Presentation transcript:

1 Firewalls

2 Introduction The revolution of modern networking necessitates the use of many new security methods to protect communications from intruders. A firewall is a security device. It is typically located at the point where the network connects to the Internet.

3 Introduction This location permits the firewall to provide authentication and other security services and prevents unauthorized users from accessing into the network. If ports are not monitored the system is at an extreme risk and hackers may use these open ports to cause damage to the system. A firewall can help one to prevent such damages by automatically blocking suspicious traffic.

4 Firewalls A firewall traps inbound or outbound packets, analyzes them by comparing known components of a packet with a security rule set, and then either permits access or discards them. Firewall technology first began to emerge in late 1980s. IETF is working to manage firewalls.

5 Need for Firewalls A Firewall makes it easier to secure internal networks by providing the following services that facilitates one to stop intruders from accessing their system. Protects System from Vulnerable Services : For example, firewalls could be configured to block services like NFS from entering or leaving the subnet. Controlled Access to Systems : For example, seal off access to some information servers (like database servers) while allowing the others (like mailing servers)

6 Need for Firewalls Privacy : Firewalls can block useful information from reaching the hands of attackers. Security: Firewalls offers a high degree of security because they provide a single point at which security needs to be maintained. Provides Log Facility Supports Policy Enforcement : Firewalls provides means for implementing a security policy.

7 Limitations of Firewalls
Firewalls do not analyze the data contents of the packet. They do not protect against threats that exploit flaws within the network or application themselves. They do not protect against malicious but authorized internal users. Not all firewalls offer protection against computer viruses.

8 Limitations of Firewalls
Firewalls cannot protect against attacks that do not go through the firewall. Firewalls reflect the overall level of security in the network; a single point of failure may open the organizations to intruders.

9 Types of Firewalls Firewalls are placed between the part of the network that is to be protected and rest of the network. A Firewall generally acts as a filter at network layer dropping/passing packets based on source/destination IP and port. In general firewalls are classified as hardware and software firewalls.

10 Hardware Firewalls Hardware firewalls can be purchased as stand-alone products now integrated in broadband routers and gateway servers. Most hardware firewalls come with a minimum of four network ports. They provide a strong degree of protection from most forms of attacks coming from outside world and have ability of notifying users before filtering out outgoing traffic.

11 Hardware Firewalls There are third-party test software packages (Cisco PIX, Nokia, Netscreen) available that can be used to check the efficiency of the hardware firewall.

12 Software Firewalls Software firewalls allow one to assign a port to particular software. Any attempt by another application to use the same port is either ignored or blocked. Many software firewalls have controls for setting up safe resource sharing on a system. A software firewall can be configured to provide different settings for different Windows users.

13 Software Firewalls Software firewall is a better solution for protection against trojan programs or worms. A software firewall once installed , runs in the system background at all times, consuming system resources. It has ability to automatically to update itself when Internet connection is established. Examples : Microsoft ISA Server.

14 Comparison The hardware firewall does not run on the system itself, and hence the system performance is not affected whereas software firewalls are installed on the system itself and use system resources thereby affecting the system performance. HW firewall protects an entire network whereas software firewall protects only a single computer.

15 Comparison SW firewalls are economic and even free for home users, whereas HW firewalls are comparatively more expensive.

16 Types of Firewalls Firewalls Packet Filters Proxy Servers
Stateful packet filters Hybrid Application Gateways Circuit Level Gateways Internet Connection

17 Packet Filtering Firewall
This firewall will examine the information contained in the header of packet, which is attempting to pass through the firewall. Information checked includes the source address, the destination and the application it is being sent to. A packet filter firewall works on network level of OSI protocol stack.

18 Packet Filtering Firewall
Here each packet is examined individually without regard to other packets that are part of same connection. The drawback of this firewall is that it doesn’t perform user authentication. Defining the rules and filters is a tedious task.

19 Circuit Gateways Circuit Gateways are used for TCP connections.
This firewall does not examine each packet but monitors each connection first. The one great benefit to this type of firewall is that they make the LAN behind the firewall invisible; everything coming from within the firewall appears to have originated from the firewall itself.

20 Circuit Gateways They are generally combined with other types for greater protection. It log TCP connections and are capable of analyzing them.

21 Application-Level Proxy
This type of firewall works on application level of protocol stack. It has more intelligence than packet filtering or circuit gateway firewall. It determines if a connection to a requested specific application is permitted. Application-level proxies are also known as proxy servers.

22 Application-Level Proxy
They provide protection from outside sources by hiding machines on the internal network from external view. This method, in most cases exceeds the use of the average home computer user and hence it is more suitable for small business and enterprise solutions.

23 Stateful Packet Inspection
Stateful firewalls are called ‘stateful’ because they examine the content of the packet to determine the state of the communication. They ensure that the destination computer has previously acknowledged the connection from the source computer. Communications are initiated by the destination computer and are taking place only with the sources that are known or trusted from previous communication connections.

24 Stateful Packet Inspection
They are more rigorous in their packet inspection and close ports until an authorized connection is requested and acknowledged by the receiving computer.

25 Internet Connection Firewall
ICF make use of active packet filtering, which means that the ports on the firewall are opened for as long as needed to enable one to access the services they are interested in. This type of technology prevents hackers from scanning the computer’s ports and resources. Windows XP provides internet security in the form of the new ICF.

26 Hybrid Firewall A Hybrid Firewall is a combination of two or more of the above mentioned types of firewalls. The first commercial firewall, the DEC Seal, was hybrid developed using an application gateway and a filtering packet firewall. This type of firewall is generally implemented by adding packet filtering to a application gateway to enable a new service access to and from the private LAN.

Download ppt "Firewalls."

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
Personal Info 1 Prepared by: Mr. NHEAN Sophan  Presenter: Mr. NHEAN Sophan  Position: Desktop Support  Company: Khalibre Co,. Ltd 

Personal Info 1 Prepared by: Mr. NHEAN Sophan  Presenter: Mr. NHEAN Sophan  Position: Desktop Support  Company: Khalibre Co,. Ltd 
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Chapter 11 Firewalls.

Chapter 11 Firewalls.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey

Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Firewall Slides by John Rouda

Firewall Slides by John Rouda
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
By: Colby Shifflett Dr. Grossman Computer Science 420 12/01/2009.

By: Colby Shifflett Dr. Grossman Computer Science /01/2009.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Similar presentations

Ads by Google