introduction of firewall slides
TRANSCRIPT
![Page 1: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/1.jpg)
![Page 2: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/2.jpg)
Define what is firewall ?
Need of firewall
Types of firewall
› Hardware firewall
Advantage and disadvantage
› Software firewall
Advantage and disadvantage
![Page 3: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/3.jpg)
Types of firewall techniques
› Packet filter
Drawback of packet filtering
› Application gateway
advantage
› Circuit-level gateway
› Bastion host
What a personal firewall can do
What a personal firewall can not do
Manufacturing companies
![Page 4: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/4.jpg)
Firewall is device that provides secure
connectivity between
networks(internal/external).
![Page 5: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/5.jpg)
A firewall may be a hardware, software of a
combination of both that is used to prevent
unauthorized program or internet users from
accessing a private network or a single
computer.
All message entering or leaving the intranet
pass through the firewall, which examines
each message & blocks those that do not
meet the specified security criteria.
![Page 6: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/6.jpg)
To protect confidential
information from those
who do not explicitly need
to access it.
To protect our network &
its resources from
malicious users &
accidents that originate
outside of our network.
![Page 7: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/7.jpg)
Hardware firewall
Software firewall
![Page 8: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/8.jpg)
It is a physical device.
It can be installed between the modem and computer.
It can be incorporated into a broadband router being used to share the internet connection.
![Page 9: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/9.jpg)
Protect an entire network.
Usually more expensive, header to configure
E.g.- Cisco pix, netscreen, watchfuard etc.
![Page 10: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/10.jpg)
Uses very little system resources.
More secure
Enhanced security control
Dedicated hardware firewalls are typically more
reliable
Easy to disable or remove
Work independently of associated computer
system.
![Page 11: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/11.jpg)
Install process is more demanding both
physically and mentally.
Takes up physical work space
More expensive
Harder to upgrade and repair
![Page 12: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/12.jpg)
It is a software
application.
It is installed onto the
computer system that
you wish to protect .
![Page 13: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/13.jpg)
Protect a single computer
This is usually the computer with modem
attached to it.
Usually less expensive, easier to configure
E.g.- Norton internet security, MacAfee
internet security etc.
![Page 14: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/14.jpg)
Considerably cheaper or even free.
Simple to install and upgrade
Requires no physical changes to hardware
or network
Ideal for home/family use
Takes up no physical space.
![Page 15: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/15.jpg)
Software may crash or be incompatible with
system
Can be difficult to completely disable &
especially remove
Software bugs may compromise security
Can be resource hungry
Incompatibilities with OS.
![Page 16: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/16.jpg)
Packet filter
Application gateway/proxy server/proxy
application gateway
Circuit-level gateway
Bastion host
![Page 17: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/17.jpg)
It looks at each packet entering or leaving
the network accepts or rejects it based on
user-defined rules.
Applications
Presentations
Sessions
Transport
Data Link
Physical
Data Link
Physical
Router
Applications
Presentations
Sessions
Transport
Data Link
Physical
Network Network
![Page 18: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/18.jpg)
Packet filtering is fairly effective &
transparent to users, but it is difficult to
configure.
In addition, it is susceptible to IP spoofing.
![Page 19: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/19.jpg)
Drawback of packet filtering technique:-
i. Packet filtering rules can be complex.
ii. Logging facility is not provided by such
firewall.
iii. If TCP/IP packet filtering is not implemented
fully, it can lead to security hole.
iv. Cannot handle RPC (remote produce calls)
![Page 20: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/20.jpg)
In such type of firewall remote host or
network can interact only with proxy server,
proxy server is responsible for hiding the
details of the internal network i.e. intranet.
Users uses TCP/IP application, such as FTP
& Telnet servers.
![Page 21: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/21.jpg)
Applications
Presentations
Sessions
Transport
Data Link
Physical
Network
Data Link
Physical
Applications
Presentations
Sessions
Transport
Data Link
Physical
Application Gateway
Applications
Presentations
Sessions
Transport
Network Network
Telnet HTTPFTP
![Page 22: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/22.jpg)
This is very effective, but can impose a
performance degradation.
![Page 23: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/23.jpg)
Advantages of application gateway:-
i. Less complex filter rules
ii. Cost effectiveness
iii. Robust authentication & logging facility
iv. Proxy authenticates only those services for
v. Which it is configured/installed.
![Page 24: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/24.jpg)
It is a stand alone application.
It does not permit end-to-end TCP connection. it sets up 2 TCP connection:-• Between itself and a TCP user on an inner host.
• Between itself and a TCP user on an outer host.
![Page 25: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/25.jpg)
Bastion host is a special purpose computer
on a network specifically designed and
configured to withstand attacks.
![Page 26: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/26.jpg)
It generally hosts a single application,
provides platform for application gateway
and circuit-level gateway.
It supports limited/specific applications to
reduce the threat to the computer.
Include application-Telnet, SMTP, FTP
![Page 27: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/27.jpg)
Stop hackers from accessing your computer.
Protect your personal information.
Blocks “pop up” ads and certain cookies.
Determines which programs can access the internet.
Block invalid packets.
![Page 28: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/28.jpg)
Cannot prevent e-mail
viruses
-only an antivirus product
with update definitions
can prevent e-mail viruses.
After setting it initially,
you cannot forget about it
-The firewall will require
periodic updates to the rule sets and the software itself.
![Page 29: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/29.jpg)
Cisco system, Inc.
Nortel networks corporation
Juniper networks, Inc.
MacAfee, Inc.
3com corporation
Citrix systems, Inc
![Page 30: Introduction of firewall slides](https://reader034.vdocument.in/reader034/viewer/2022042715/559898c31a28ab3e4b8b481b/html5/thumbnails/30.jpg)