Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firewall – Survey Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic Characteristic of a firewall – All traffic must go through.

Published byShannon Hampton Modified over 8 years ago

Similar presentations

Presentation on theme: "Firewall – Survey Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic Characteristic of a firewall – All traffic must go through."— Presentation transcript:

1 Firewall – Survey Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic Characteristic of a firewall – All traffic must go through the firewall – Allow and blocking traffic – The Firewall itself should be immune of attacked

2 Firewall – possibilities 5(6) areas to control: – Services (web, ftp, mail …) i.e. Port# – Network (hosts) i.e. IP addresses – Direction i.e. control inside-out or reverse – User i.e. only authorized users allow – Behaviour (e.g. attachment to mail) – (Denial of Service Inspection)

3 Firewall – solutions Solutions: – HW – screening router – SW – Computer Based (build in the OS) – SW – dedicated Host Firewall

4 Firewall – limitations 3 limitations of Firewalls – Cannot protect against traffic not running trough the firewall ( obvious!! ) – Cannot protect against threats from inside ( e.g. as the school network ) – Cannot protect against viruses ( i.e. they come in by legal traffic )

5 Firewall – Types 3 types of Firewalls – Packet-filtering – Packet-filtering – with state-full inspection – Application- gateways

6 Firewall – Packet-filtering Level 3 – network (IP-packets) – Filtering on (the access control list): Source/Destination IP-addresses Source/Destination Port-numbers IP-protocol field (e.g. icmp, tcp, egp) TCP-direction (SYN-bit) IN / OUT on each interface

7 Firewall – Packet-filtering Configurations – Policies: 1:optimistic: default set to allow 2:pessimistic: default set to discard (normal) – Setting up rules

8 Firewall – Packet-filtering Weakness – Cannot ‘look’ into appl. Level information – Limited logging information – Do normally not support authentication – Can be attack by weakness in IP (e.g. IP-spoofing)

9 Firewall – Packet-filtering Stateful - inspection – Normal packet-filtering only look at one packet at a time. – Stateful packet-filtering can remember a sequence of packets. (can be used to detect spoofing)

10 Firewall – Application-level Level 5 Application gateway – Using Proxy Servers (e.g. a mail-client and a mail-server) Spilt connections into 2 (one for inbound and one for outbound)

11 Firewall – Application-level More secure – Stateful inspection even more developed – User authentication are used Weakness – slow-down performance – need to have proxies for all services

12 Firewall – Architecture One recommended solution : Screened subnet firewall MOST secure DMZ – demilitarized zone (2 packet-filter + bastion host on the net (DMZ) in between) Home Firewall like ZoneAlarm/XP-firewall

Download ppt "Firewall – Survey Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic Characteristic of a firewall – All traffic must go through."

Similar presentations

Network Security Essentials Chapter 11

Network Security Essentials Chapter 11
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Firewalls 2014.04.07 Uyanga Tserengombo

Firewalls Uyanga Tserengombo
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
FIREWALLS – Chapter 20 network-based threats access to outside world Functionality, Design Security – trusted system.

FIREWALLS – Chapter 20 network-based threats access to outside world Functionality, Design Security – trusted system.
Winter 20021 CMPE 155 Week 7. Winter 20022 Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.

Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.
Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.

Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.
Kittiphan Techakittiroj (21/05/58 10:00 น. 21/05/58 10:00 น. 21/05/58 10:00 น.) Firewall Kittiphan Techakittiroj

Kittiphan Techakittiroj (21/05/58 10:00 น. 21/05/58 10:00 น. 21/05/58 10:00 น.) Firewall Kittiphan Techakittiroj
Lecture 14 Firewalls modified from slides of Lawrie Brown.

Lecture 14 Firewalls modified from slides of Lawrie Brown.
Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
Firewalling Techniques Prabhaker Mateti. ACK Not linux specific Not linux specific Some figures are from 3com Some figures are from 3com.

Firewalling Techniques Prabhaker Mateti. ACK Not linux specific Not linux specific Some figures are from 3com Some figures are from 3com.
—On War, Carl Von Clausewitz

—On War, Carl Von Clausewitz
Chapter 11 Firewalls.

Chapter 11 Firewalls.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.

5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.
Chapter 10 Firewalls. Introduction seen evolution of information systems now everyone want to be on the Internet and to interconnect networks has persistent.

Chapter 10 Firewalls. Introduction seen evolution of information systems now everyone want to be on the Internet and to interconnect networks has persistent.

Similar presentations

Ads by Google