NET 536 Network Security Firewalls and VPN Networks and Communication Department Firewalls and VPN

Firewall Provides a barrier and/or filter between networks Can be configured to block packets Sometimes called a level 4 switch Blocks access to network from certain applications and/or addresses by examining packets going throw it and deciding whether to forward them. Examines IP, TCP and UDP headers to determine specific IP addresses and/or specific applications (i.e. ports) to allow or block. Level 4 switch because it looks at port numbers in the Transport Layer (Level 4 of the OCI).

VPN VPN (Virtual Private Network) Uses IP Tunneling. Acts as a private network connection (inside a company for example) while running over a more public internet. Uses IP Tunneling.

Advantages: Firewall and VPN Firewalls Provides protection to network resources by restricting access based upon information contained in packets Common Use: Allows the separation of Intra-nets from the Internet VPN Allows access through firewalls by creating virtual circuits using tunneling. Common Use: Provides secure remote access to an institution's protected resources

Tunneling Wraps an IP frame inside another frame of the same layer. An IP frame inside another IP frame. The inner packet can be encrypted, which allows for privacy of the connection. You may remember IP6 was tested by tunneling inside IP4 packets. Because of this, can be used to bypass the firewall, because the packet you are sending is no longer of the type being blocked.

Disadvantages: VPNs Tunneling increases the length of IP packets May result in inefficient use of bandwidth, especially for short packets Potential performance impact at end routers as they need to do more work Remove headers, decrypt packet body‏ Administrative overhead and cost associated with managing the VPN server

Scenario 1- No Firewall

Scenario 1 - Described Simulates two sales people working offsite Characterized by light Web Browsing and light Database access Connect to a server via the Internet.

Scenario 2- Firewall

Scenario 2- Described Replaces the simple router previously used to connect to the server with a firewall Configured to block Database access. The Sales people can still engage in Web Browsing

Scenario 3- Firewall with VPN

Scenario 3- Described Scenario 3 configures a VPN for Sales A Sales A now tunnels through the firewall and can access the database Still allowing web browsing Sales B is restricted to web browsing with no database access.

Results Average Client DB and Client HTTP Traffic for the three scenarios. Show live.

Exercise1 From the obtained graphs, explain the effect of the firewall, as well as the configured VPN, on the database traffic requested by Sales A and Sales B.

Answer 1 - Observations From the captured graphs, it can be observed that without the firewall both Sales A and Sales B clients were able to access the database, while adding the firewall prevented both Sales clients from accessing it. Configuring the VPN access for Sales A allowed it to access the database through the firewall.

Exercise 2 2)Compare the graphs that show the received HTTP traffic with those that show the received database traffic.

Answer 2 - Observations Comparing the graphs of received HTTP and database traffic for both Sales A and B clients confirms that both clients receive HTTP traffic in all scenarios (i.e., the firewall permits HTTP traffic from both Sales clients). Once the firewall is in place however, database traffic is only permitted through the firewall using a VPN.

Exercise 3 3) Generate and analyze the graph(s) that show the effect of the firewall, as well as the configured VPN, on the response time (delay) of the HTTP pages and database queries.

Answer 3- DB Queries Obviously there is no DB Query response times for the Firewall without VPN Firewall with VPN response time is slower due to overhead from the VPN and additional router.