Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firewalls  Firewall sits between the corporate network and the Internet Prevents unauthorized access from the InternetPrevents unauthorized access from.

Published byJoleen Perry Modified over 9 years ago

Similar presentations

Presentation on theme: "Firewalls  Firewall sits between the corporate network and the Internet Prevents unauthorized access from the InternetPrevents unauthorized access from."— Presentation transcript:

1

2 Firewalls  Firewall sits between the corporate network and the Internet Prevents unauthorized access from the InternetPrevents unauthorized access from the Internet Facilitates internal users’ access to the InternetFacilitates internal users’ access to the Internet OK No Firewall Access only if Authenticated

3 Firewalls  Packet Filter Firewalls Examine each incoming IP packetExamine each incoming IP packet Examine IP and TCP header fieldsExamine IP and TCP header fields If bad behavior is detected, reject the packetIf bad behavior is detected, reject the packet No sense of previous communication: analyzes each packet in isolationNo sense of previous communication: analyzes each packet in isolation IP Firewall IP Packet

4 Firewalls  Application (Proxy) Firewalls Filter based on application behaviorFilter based on application behavior Do not examine packets in isolation: use historyDo not examine packets in isolation: use history  In HTTP, for example, do not accept a response unless an HTTP request has just gone out to that site Application

5 Firewalls  Application (Proxy) Firewalls Hide internal internet addressesHide internal internet addresses Internal user sends an HTTP requestInternal user sends an HTTP request HTTP proxy program replaces user internet address with proxy server’s IP address, sends to the webserverHTTP proxy program replaces user internet address with proxy server’s IP address, sends to the webserver HTTP Request Request with Proxy Server’s IP Address

6 Firewalls  Application (Proxy) Firewalls Webserver sends response to proxy server, to proxy server IP addressWebserver sends response to proxy server, to proxy server IP address HTTP proxy server sends the IP packet to the originating hostHTTP proxy server sends the IP packet to the originating host Overall, proxy program acts on behalf of the internal userOverall, proxy program acts on behalf of the internal user Response to Proxy Server’s IP Address HTTP Response

7 Firewalls  Why Hide Internal IP Addresses? The first step in an attack usually is to find potential victim hostsThe first step in an attack usually is to find potential victim hosts Sniffer programs read IP packet streams for IP addresses of potential target hostsSniffer programs read IP packet streams for IP addresses of potential target hosts With proxy server, sniffers will not learn IP addresses of internal hostsWith proxy server, sniffers will not learn IP addresses of internal hosts False IP Address Host IP Address Sniffer

8 Firewalls  Application Firewalls Need a separate program (proxy) for each applicationNeed a separate program (proxy) for each application Not all applications have rules that allow filteringNot all applications have rules that allow filtering

9 Intrusion Detection  Intrusion detection software to detect and report intrusions as they are occurring Lets organization stop intruders so that intruders do not have unlimited time to probe for weaknessesLets organization stop intruders so that intruders do not have unlimited time to probe for weaknesses Helps organization assess security threatsHelps organization assess security threats Audit logs list where intruder has been: vital in legal prosecutionAudit logs list where intruder has been: vital in legal prosecution

10 Intrusion Detection  Signature-based IDS – performs simple pattern-matching and report situtations that match a pattern corresponding to a known attack type  Heuristic IDS (anomaly based) – build model of acceptable behavior and flag exceptions to that model

11 Intrusion Detection  Network-based IDS – stand-alone device attached to the network to monitor traffic throughout network  Host-based IDS – runs on a single workstation or client or host, to protect that one host

12 Default-Deny Posture  Perimeter Settings: block all protocols except those expressly permitted [i.e. SMTP(25), DNS(53), HTTP(80), SSL(443),…]  Internal Settings: block all unnecessary traffic between internal network segments, remote & VPN connections  Security Configurations: harden servers & workstations to run only necessary services and applications  Segment Networks  Patch Management

Download ppt "Firewalls  Firewall sits between the corporate network and the Internet Prevents unauthorized access from the InternetPrevents unauthorized access from."

Similar presentations

Network Security Essentials Chapter 11

Network Security Essentials Chapter 11
Lecture slides for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 9 “Firewalls and Intrusion Prevention.

Lecture slides for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 9 “Firewalls and Intrusion Prevention.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.

Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 9 – Firewalls and.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 9 – Firewalls and.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Lecture 14 Firewalls modified from slides of Lawrie Brown.

Lecture 14 Firewalls modified from slides of Lawrie Brown.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Intrusion Detection Systems and Practices

Intrusion Detection Systems and Practices
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
EECS 598-2 Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.

EECS Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey

Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Guide to Computer Network Security

Guide to Computer Network Security

Similar presentations

Ads by Google