firewall
TRANSCRIPT
Contents
• What is FireWall ? - Software vs. Hardware Firewall
• How does FireWall works ?
• Types of FireWall Techniques – > Packet filter > Application gateway
> Circuit level gateway > Bastion host
• Conclusion: - What FireWalls can do ?
- What FireWalls cannot do ?
What is FireWall ?• FireWall is device that
provides secure connectivity between networks (internal/external).
• A firewall may be a hardware, software, or a combination of both that is used to prevent unauthorized programs or Internet users from accessing a private network and/or a single computer.
Software Firewall Hardware Firewall
-Protect a single computer
-Usually less expensive, easier to configure
-Protect an entire network.
-Usually more expensive, harder to configure
Norton Internet SecurityNorton Internet Security Cisco PIXCisco PIX
Mcafee Internet SecurityMcafee Internet Security NetScreenNetScreen
OutpostOutpost WatchGuardWatchGuard
Ms. ISA ServerMs. ISA Server Check PointCheck Point
Software vs. Hardware Firewalls
How does a Firewall work?
• Inbound to or outbound from your computer.
• Inspects each “packet” of data that arrives at either side of the firewall.
• Determines whether it should be allowed to pass through or if it should be blocked. sent
sentreceived
received
packets packets
How a firewall works ?Sniffing Mode
1) An attacker tries to compromise a service on the protected network.
2) The Firewall identifies the attempt.
The FIREWALL can now:
• Alert the admin
• Harden the firewall
• Or reset a TCP/IP connection
LOG
Alert
Reset
Fire Wall
Types of FireWall Techniques
1. Packet filter
2. Application gateway (a.k.a. Proxy server)
3. Circuit-level gateway
4. Bastion Host
ApplicationsApplications
PresentationsPresentations
SessionsSessions
TransportTransport
DataLinkDataLink
PhysicalPhysical
DataLinkDataLink
PhysicalPhysical
RouterRouter
ApplicationsApplications
PresentationsPresentations
SessionsSessions
TransportTransport
DataLinkDataLink
PhysicalPhysical
NetworkNetwork NetworkNetwork
Packet filter - It looks at each packet entering or
leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
Packet Filterin
g
Application gateway
ApplicationsApplications
PresentationsPresentations
SessionsSessions
TransportTransport
DataLinkDataLink
PhysicalPhysical
NetworkNetwork
DataLinkDataLink
PhysicalPhysical
ApplicationsApplications
PresentationsPresentations
SessionsSessions
TransportTransport
DataLinkDataLink
PhysicalPhysical
Application GatewayApplication Gateway
ApplicationsApplications
PresentationsPresentations
SessionsSessions
TransportTransport
NetworkNetwork NetworkNetwork
TelnetTelnetTelnetTelnet HTTPHTTPHTTPHTTPFTPFTPFTPFTP
Application gateway (Proxy Server)- User uses TCP/IP applications, such as
FTP and Telnet servers. This is very effective, but can impose a performance degradation.
Circuit-level gateway
Circuit-level gateway- It is a stand alone application.
It does not permit end-to-end TCP connection. It sets up 2 TCP connections:
> B/w itself and a TCP user on an inner host. > B/w itself and a TCP user on an outer host.
Bastion host
> Bastion host is a special purpose computer on a network specifically designed and configured to withstand attacks.
> It generally hosts a single application, provides platform for Application gateway and Circuit-level gateway. It supports limited/specific applications to reduce the threat to the computer. Include applications- Telnet,SMTP,FTP.
Conclusion
• What a firewall can do ?
• What a firewall cannot do ?
What a personal firewall can do ?
• Stop hackers from accessing your computer.
• Protects your personal information.
• Blocks “pop up” ads and certain cookies.
• Determines which programs can access the Internet.
• Block invalid packets.
What a personal firewall cannot do ?
• Cannot prevent e-mail viruses
– Only an antivirus product with updated definitions can prevent e-mail viruses.
• After setting it initially, you cannot forget about it– The firewall will require periodic updates
to the rulesets and the software itself.
Virus can jump Firewall !!
F I R EW A L L
Deadly Virus
SECURED
Firewall
Thank You……
Source –
>CNS Text Book
(William Stallings)
> Wikipedia