Presentation is loading. Please wait.

Presentation is loading. Please wait.

The State of the Firewall Art ComNET DC 2002 David Strom 516 944 3407.

Published byNoel Sullivan Modified over 9 years ago

Similar presentations

Presentation on theme: "The State of the Firewall Art ComNET DC 2002 David Strom 516 944 3407."— Presentation transcript:

1 The State of the Firewall Art ComNET DC 2002 David Strom david@strom.com 516 944 3407

2 Four categories Perimeter high-availability firewalls to protect the enterprise Colo firewalls for ASP/MSP applications SOHO firewalls for remote offices and home nets Desktop/software firewalls for extra protection

3 Problems with high-availability firewalls Need to work in combination with load balancers, and deal with maintaining connection states in the case of a failover Gigabit throughputs for large networks can overwhelm them They still are vulnerable to attacks from within the corporate network (Nimda et al.)

4 Soho firewalls “Frhubs” or residential gateways that combine hubs and routers in a small and inexpensive package Leading vendors include SonicWall and Watchguard

5 Common Frhub features 4 to 8 Ethernet (switched, 10/100) ports Web browser to administer their boxes Supports Network Address Translation Supports upstream DHCP client, DHCP server Rudimentary port control and sometimes packet inspection too

6 Two types of desktop firewalls Centrally managed, such as Norton, Trend, and McAfee console products And not, such as Norton Internet Security, Zone Alarm, and BlackICE

7 Desktop advantages Block internally generated attacks All are better than nothing, but not as good as a hardware firewall, and should complement rather than replace them

8 Firewalls-on-a-card Merilus Omnicluster A good idea, if you have the expertise to configure them properly and don’t have the rack space to add separate firewall hardware.

9 Online updates Watchguard and others have the ability to receive upgrades and updates via the Net. A Good Idea. Win XP has something similar. A Bad Idea.

10 Ways around firewalls Uroam.com GoToMyPC.com Neoteris, other appliances Remote control software (PC Anywhere, Ccopy, etc.)

11 Remote control loopholes Do you even know if they are running? Do port scans for common ports that are used: –PC Anywhere: 5631-2 –Control IT: 799 –Carbon Copy: 1680 –VNC: 5900

12 Wireless LAN loopholes Do you even know if they are running? NetStumbler.com: good resource Read this article too.this article

13 Wireless VPN/firewall appliances BlueSocket ReefEdge Vernier Networks Mobility from Netmotion Wireless

14 State of VPNs Software included in Soho firewalls like Sonic and Netgear Still too hard for the average consumer, and the average business computer user But wider support is inevitable VPN.net: A new way of establishing VPNs

Download ppt "The State of the Firewall Art ComNET DC 2002 David Strom 516 944 3407."

Similar presentations

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Assignment 3 LTEC 4550 Cason Parker. Network Hub A Network Hub is a device that connects other devices together using Ethernet cables. Hubs are unintelligent.

Assignment 3 LTEC 4550 Cason Parker. Network Hub A Network Hub is a device that connects other devices together using Ethernet cables. Hubs are unintelligent.
WSUS Presented by: Nada Abdullah Ahmed.

WSUS Presented by: Nada Abdullah Ahmed.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
Configuring your Home Network Configuring your Home Network Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.

Configuring your Home Network Configuring your Home Network Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Firewall Configuration Strategies

Firewall Configuration Strategies
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Wi-Fi Structures.

Wi-Fi Structures.
M2M Gateway Features Jari Lahti, CTO www.violasystems.com.

M2M Gateway Features Jari Lahti, CTO
A Guide to major network components

A Guide to major network components
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
Computer Networking Devices Seven Different Networking Components.

Computer Networking Devices Seven Different Networking Components.
Networking Components

Networking Components
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.
Networking Components Chad Benedict – LTEC 4550 1.

Networking Components Chad Benedict – LTEC

Similar presentations

Ads by Google