Firewalls Screen packets coming into the Privet Networks from external, Untrusted Networks (Internet) Ingress Packet Filtering Firewall examine incoming packet and either pass or drop (deny) the packet Egress Packet Filtering Firewall examine the packet when the packet is leaving the internal network
Border Firewall
Firewalls – Type of Protection Packet Inspection IP, TCP, UDP, ICMP Static packet filtering (Stateless filtering) Stateful filtering Application Inspection Application Layer messages Stop malicious executable attachment Network Address Translation (NAT) Spoofs the IP addresses of outgoing packets
Firewalls – Type of Protection Denial-of-Services Inspection SYN Flood Cisco PIX – TCP intercept Authentication Only allow the packets from authenticated user Not common Virtual Private Networking Usually work with authentication Provide confidentiality
Firewall Hardware and Software Screening Router Firewall High Cost Good place for Egress Filtering Computer-based Firewalls Lower Cost Ease of use Higher risk on Operating System part
Firewall Hardware and Software Firewall Appliances Like your toaster Provide rules update Host Firewalls Individual client or server host Defense in depth Hard to manage
Static Packet Filter Firewalls
Access Control Lists (ACLs) The way to organize the filtering rules Use If-then Format Sequential Rule Evaluation Deny All
Access Control Lists (ACLs) The way to organize the filtering rules Use If-then Format Sequential Rule Evaluation Deny All Sensitivity to Misordering
GUI Firewall Rule Maker