Download presentation
Presentation is loading. Please wait.
Published byStephany Phoebe Turner Modified over 9 years ago
1
Data Security in Local Networks using Distributed Firewalls
Anvesh Bethu 1
2
Firewall It controls the incoming and outgoing network traffic based
on applied rule set. It establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is assumed not to be secure and trusted. 2
3
Firewall Protects Against The Following Security Threats
Denial of Service (DOS) IP Spoofing or IP Masquerading Session Hijacking Illegal Security Break-Ins Physical Access to Servers in Data Centers 3
4
Architecture of standard firewall connection to the web server
4
5
Architecture of standard firewall, connection to the Internet
5
6
Distributed firewalls
Distributed firewall is a mechanism to enforce a network domain security policy through the use of policy language. Security policy is defined centrally. This enables the identification of any member of the network policy domain. Distributed Firewalls secure the network endpoints, exactly where the hackers try to penetrate. It filters traffic from both the internal and internet network. They overcome the single point of failure concept. 6
7
Architecture of Distributed Firewalls
7
8
Architecture of Distributed Firewalls
The management centre Policy actuator Remote endpoint connectors Log server 8
9
9
10
Distributed firewall example to webserver
10
11
Distributed Firewall example to Intranet
11
12
Application Interaction with keynote
Keynote provides a simple notation for specifying both local security policy and credentials that can be sent over an un-trusted network. Applications communicate with a “keynote evaluator”. monotonicity, means that gives a set of credentials associated with request, if there is any subset that would cause the request to be approved then the complete set will also cause the request to be approved. This simplifies both request resolution and credential management.
13
Verifier Keynote Requester Application Interaction with Keynote
Request, key, sign Gather information local policy (Remote Credentials) Pass information Give Response Evaluate Application Interaction with Keynote
14
Components of Distributed firewalls
Central Management system Policy distribution Host-End Implementation 14
15
Central Management System
It addresses the need to maximize network security resources by enabling policies to be centrally configured, deployed, monitored, and updated. From a single workstation, distributed firewalls can be scanned to understand the current operating policy and to determine if updating is required. 15
16
Host-End Implementation
Policy Distribution The policy distribution scheme should guarantee the integrity of the policy during transfer. Host-End Implementation It provide any administrative control for the network administrator to control the implementation of policies. The host allows traffic based on the security rules it has implemented. 16
17
Reference Firewalls 24 Seven, Strebe http://ids.nic.in/
18
Questions?? 18
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.