Presentation is loading. Please wait.

Presentation is loading. Please wait.

CONTENTS  INTRODUCTION.  KEYWORDS  WHAT IS FIREWALL ?  WHY WE NEED FIREWALL ?  WHY NOT OTHER SECURITY MECHANISM ?  HOW FIREWALL WORKS ?  WHAT IT.

Published byJocelin Stevenson Modified over 8 years ago

Similar presentations

Presentation on theme: "CONTENTS  INTRODUCTION.  KEYWORDS  WHAT IS FIREWALL ?  WHY WE NEED FIREWALL ?  WHY NOT OTHER SECURITY MECHANISM ?  HOW FIREWALL WORKS ?  WHAT IT."— Presentation transcript:

1 CONTENTS  INTRODUCTION.  KEYWORDS  WHAT IS FIREWALL ?  WHY WE NEED FIREWALL ?  WHY NOT OTHER SECURITY MECHANISM ?  HOW FIREWALL WORKS ?  WHAT IT DOES ?  TYPES OF FIREWALL  WHAT IT PROTECTS YOU FROM ?  LIMITATION  CONCLUSION

2 COMPUER NETWORKS ARE TYPICALLY A SHARED RESOURCES USED BY MANY APPLICATIONS FOR MANY DIFFERENT PURPOSES. SOMETIMES THE DATA TRANSMITTED BETWEEN APPLICATION PROCESS IS CONFIDENTIAL, AND THE APPLICATIONS WOULD PREFER THAT OTHERS NOT BE ABLE TO READ IT.BUT THE PROBLEM ARISES WHEN SOMEONE ELSE WANT TO MANIPULATE WITH YOUR DATA.TO BUILD A SYSTEM THAT MINIMIZES THE RISK OF SECURITY,IS A DIFFICULT TASK. HOWEVER THERE ARE SOME ALOGORITHMS AND PROTOCOLS AVAILABLE. ONE OF THEM IS “FIREWALL”. INTRODUCTION

3 KEY WORDS DSL # Digital Subscriber Line. A family of standards for transmitting data over twisted pair telephone lines at multi mega bit per second speeds. FTP # File Transfer Protocol. The standard protocol of the internet - architecture for transferring files between hosts. HTTP # Hyper Text Transfer Protocol. An application level protocol based on a request /reply paradigm and used in WWW. ISDN # Integrated Service Digital Network. A digital communication service offered by telephone carriers and standardized by ITU-T. PROXY # an agent sitting between a client and server that intercepts messages and provides some service. SMTP # Simple Mail Transfer Protocol. The electronic mail protocol of the internet. URL # Uniform Resource Locator. A text string used to identify the location of internet resources.

4 What is firewall ? A firewall is a specially programmed router that sits between a site and the rest of the network. It is used to enforce security policy. In simple words, firewall is a barrier to keep destructive forces away from your property.

5 2.why we need FIREWWALL ? This is useful if you don’t want eternal users to access a particular host or service within your site. The firewall might also filter packets based on source’s IP address.This is useful in securing data. This is useful if u want to protect hosts within the site from an unwanted flood of packets from an external host. It is called as Denial f service attack.

6 Why not other security mechanism ? O f course,there are many other mechanisms available like,cryptographic algorithm, authentication protocols,message integrity protocols, PGP,secure shell,IP security(IPSEC)and many more. When you tried to establish a connection to a node using,say,IPSEC,you would have to authenticate yourself as a valid peer. There are 2 reasons. Firstly, the other security measures described are not widely developed. Getting security algorithms and protocols right is very difficult task, and so FIREWALL have been devised as a stop gap measure while we wait for IPSEC. Secondly, it allows the system administrator to implement a security policy in one centralized place.

7 HOW FIREWALL WORK ?

8 WHAT IT DOES ? IF you know a good bit about how data moves in internet, and you can see easily how a firewall helps protect computers inside a large company. Let’s say that you work at a company with 500 employees. The company will therefore have hundreds of computers that all have network cards connecting them together. In addition, the company will have one or more connections to the internet through something like t1 or t3 lines. Without a firewall in place, all of those hundreds of computers are directly accessible to anyone on the internet. A person who knows what he or she is doing can probe those computers,try to make FTP connections to them, try to make TELNET connections to them and so on. If one employee makes a mistake and leaves a security hole, hackers can get to the machine and exploit the hole. With a firewall in place, the landscape is much different. A company will place a firewall at every connection to the internet. The firewall can implement security rules. A company can set rules like this for FTP servers,web servers, telnet servers and so on. In addition,the company can can control how employees connect to web sites,whether files are allowed to leave the company over the network and so on. A FIREWALL gives company tremendous control over how people use the network.

9 Types of firewalls ? Firewalls use one or more of three methods to control traffic flowing in and out of the network. 1 # FILTER BASED FIREWALL 2# PROXY BASED FIREWALL 3# STATEFUL INSPECTION Filter based firewalls are configured with a table of addresses that characterize the packets they will, and will not, forward. By addresses, we mean more than just the destination’s IP address,although this in one possibility. Ex : (*,*,128.7.6.5,80) Generally. Each entry in the table is a 4tuple : it gives the IP address and TCP port number for both source and destination. It sometimes called as LEVEL 4 SWITCHES. To understand proxy based firewalls works and why you would want one - consider a corporate web server,where the company wants to make some the servers page accessible to all external users,but it wants to restrict certain of the pages to corporate users at one or more remote sites. Continues……...

10 The solution is to put an HTTP proxy on the firewall. Remote users establish an HTTP/TCP connection to the proxy, which looks at the URL contained in the request message. If the requested page is allowed for source host,the proxy establishes a second HTTP/TCP connection to the server and forwards the request on to the server. The proxy then forwards the response in the reverse direction between the two TCP connection. A newer method that doesn’t examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.

11 What it protects you from ? Remote login Application backdoor Denial of service E-mail bombs Macros Viruses OS Bugs

12 We conclude this discussion by observing that while a traditional firewall protects internal users from external users, it does nothing to protect or isolate internal users from each other. LIMITATIONS

13 The level of security you establish will determine how many of these threats can be stopped by your firewall. The highest level of security would be simply block everything. Obviously that defeats the purpose of having an internet connection. But a common rule of thumb is to block everything,then begin to select what types of traffic you will allow. One of the best things about a firewall from a security standpoint is that it stops anyone on the outside from logging onto a computer in your private network. While this is a big deal for businesses. In general,it is impossible for existing firewalls to know who is accessing the work and, therefore,who has the ability to connect to other machines on the network. Ultimately, security mechanisms like IPSEC are probably required to support such a level of security. Still,putting a firewall in place provides some “ peace of mind “. conclusion

Download ppt "CONTENTS  INTRODUCTION.  KEYWORDS  WHAT IS FIREWALL ?  WHY WE NEED FIREWALL ?  WHY NOT OTHER SECURITY MECHANISM ?  HOW FIREWALL WORKS ?  WHAT IT."

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.

Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.
Firewall Lalitha Jammalamadaka. Agenda 1. Introduction 2.Types of firewalls 3.How a software firewall works 4.Methods to control traffic 5.Making the.

Firewall Lalitha Jammalamadaka. Agenda 1. Introduction 2.Types of firewalls 3.How a software firewall works 4.Methods to control traffic 5.Making the.
Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.

Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Definition : Computer Virus A computer program with the characteristic feature of being able to generate copies of itself, and thereby spread. Additionally.

Definition : Computer Virus A computer program with the characteristic feature of being able to generate copies of itself, and thereby spread. Additionally.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

Similar presentations

Ads by Google