Download presentation
Presentation is loading. Please wait.
Published byOctavia Stokes Modified over 9 years ago
1
FORESEC Academy FORESEC Academy Security Essentials (III)
2
FORESEC Academy Why a Firewall? Reduces risks by protecting systems from attempts to exploit vulnerabilities Increases privacy - makes it harder to gather intelligence about a site Enforces an organization's security policies
3
FORESEC Academy How Does a Firewall fit in the Big Picture? A Firewall is the primary opportunity for attack negation
4
FORESEC Academy Benefits of Firewalls Firewalls can provide a number of benefits: - Protect internal/external systems from attack - Filter communications based on content - Perform NAT (Network Address Translation) - Encrypt communications for VPN (IPSec) - Logging to aid in intrusion detection and forensics Can be layered to provide defense-in-depth
5
FORESEC Academy Shortcomings of Firewalls Firewalls can have shortcomings: - Attacks at the application layer may sneak through - Dial-up, VPN, extranet connections may bypass firewalls - Organizations may let down their guard in other security areas (passwords, patches, encryption)
6
FORESEC Academy Explicit Policy Management A Door - Can be opened or closed to certain addresses or types of traffic A policy engine - That which is not explicitly denied is permitted or vice versa
7
FORESEC Academy The Default Rule Firewalls have a default rule that controls what happens when a packet doesn't match an existing rule: - Default deny - more restrictive - Default allow - more permissive The “default deny” stance helps protect against previously unknown attacks and vulnerabilities. Consider the effect that the default rule will have on your security posture.
8
FORESEC Academy Filtering
9
FORESEC Academy Filtering on Destination Port
10
FORESEC Academy Port Number Review
11
FORESEC Academy Managed Access to Screened Network
12
FORESEC Academy Packet Filter Packet filters are “low end” firewalls - Can enhance security - Very fast Reliant on DESTPORT - that if the packet says TCP 25, it is assumed it is Simple Mail Transfer Protocol (SMTP). Data content passes through unchecked.
13
FORESEC Academy Network Address Translation (And private addresses) Address space is scarce Advisable to hide internal address structure Private Network Allocations (RFC 1918 ) - 10.*.*.* - 172.16.*.* - 172.31.255.255 - 192.168.*.*
14
FORESEC Academy Source NAT NAT provide a single address outside our protected network
15
FORESEC Academy
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.