Presentation is loading. Please wait.

Presentation is loading. Please wait.

Campus Firewalling Dearbhla O’Reilly Network Manager Dublin Institute of Technology.

Published byAsher Green Modified over 9 years ago

Similar presentations

Presentation on theme: "Campus Firewalling Dearbhla O’Reilly Network Manager Dublin Institute of Technology."— Presentation transcript:

1 Campus Firewalling Dearbhla O’Reilly Network Manager Dublin Institute of Technology

2 Overview n Context of Firewall for DIT n Firewall Experiences n Mobile Network with Firewall n Where we are now ? n Where we are now ?

3 Background to DIT Firewall n Presentation in 2000 to IT Group on Firewall role in - Security - Bandwidth - Content (web)

4 Issues n Security - Educational institutions are prime targets - CPU power, bandwidth, disk space. Attacks - web page, spam, port scans, logon attempts n Bandwidth - Competition for traffic prioritisation and network utilisation n Content - Viewing inappropriate web content, serving content from DIT

5 Firewall Solutions n Security - Assist in protecting users, information, operation and reputation n Bandwidth - Allow core services run efficiently n Content – Designated Web Servers

6 http://sysinfo.dit.ie/

7 Perimeter Firewall D.I.T.HEAnet

8

9 Implementation n Deny all and allow approved services n Standard set of services - desktop n Procedure - Internet Service Server Registration Form based on now Archived JISC Project – Use of Firewalls in Academic Environment. Archived

10 Firewall Use & Maintenance n Form - List of Ports to/from and Why ? n Server Administrator – Security, Patching, Responsibility. n Head of School/Section – Approves and complies with DIT & HEAnet Policies

11 Registration Conditions n n Any service may be blocked without notice if network & systems staff suspect a security breach n n All services are provided for the server specified and should not operate as a proxy n n All approvals are subject to review by ISSC n n Firewall rule-sets for servers/services will be audited on a regular basis

12 Experiences n Paper Forms - by User n Firewall Rules are – by Service n ~200 Firewall Rules n Requirement for Rule Management Software n Firewall Rule Maintenance

13 Maintenance Experience n Logs - mainly used for real-time support n Firewall Maintenance - Backup/Recovery, Log Rotation, Patches, Upgrades etc.

14 Mobile Network Requirements n Wired & Wireless Connectivity for Student Laptops n Separate Projects starting to address Identity for Staff & Students n Service needed to be provided

15 D.I.T.HEAnet Mobile Perimeter Firewall

16 Mobile Network & Firewall n Traffic from mobile network in all sites passes through Bluesocket authentication gateway n Traffic from DIT mobile network into DIT fixed network is filtered through the same ruleset as applies to all external traffic n Traffic from DIT mobile network for external destinations is filtered through the same ruleset as standard outgoing DIT traffic

17 Mobile Network Access with Timed Firewall Rule

18 MRTG - Mobile Network Access

19 Limitations/New Requirements n Gigabit Ethernet n IPv6 Support n Performance n Reporting/Logging

20 Procurement Process n Request for Quotes n Based on Requirements n Award Criteria – Quality and Functional Characteristics, Technology, Cost, Supplier – Support, Maintenance, Experience.

21 Requirements n Functionality & Use of existing system n Technology Updates - IDS - IPS - Deep-packet inspection n Service Availability Options

22 Thank You & Questions?

Download ppt "Campus Firewalling Dearbhla O’Reilly Network Manager Dublin Institute of Technology."

Similar presentations

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Winter 20021 CMPE 155 Week 7. Winter 20022 Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.

Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Lecture 14 Firewalls modified from slides of Lawrie Brown.

Lecture 14 Firewalls modified from slides of Lawrie Brown.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.

Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
Firewall Ercan Sancar & Caner Sahin. Index History of Firewall Why Do You Need A Firewall Working Principle Of Firewalls Can a Firewall Really Protect.

Firewall Ercan Sancar & Caner Sahin. Index History of Firewall Why Do You Need A Firewall Working Principle Of Firewalls Can a Firewall Really Protect.
1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &

1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
A Guide to major network components

A Guide to major network components
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Firewall Slides by John Rouda

Firewall Slides by John Rouda
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.

Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Similar presentations

Ads by Google