Network Security Technologies CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.

Slides:


Advertisements
Similar presentations
Network Security Essentials Chapter 11
Advertisements
Lecture slides for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 9 “Firewalls and Intrusion Prevention.
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Guide to Network Defense and Countermeasures Second Edition
Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Firewalls Uyanga Tserengombo
FIREWALLS Chapter 11.
5-Network Defenses Dr. John P. Abraham Professor UTPA.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Lecture 14 Firewalls modified from slides of Lawrie Brown.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Firewall Configuration Strategies
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Firewalls and Intrusion Detection Systems
Chapter 10 Firewalls. Introduction seen evolution of information systems now everyone want to be on the Internet and to interconnect networks has persistent.
Firewall Raghunathan Srinivasan October 30, 2007 CSE 466/598 Computer Systems Security.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Firewall Slides by John Rouda
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
NW Security and Firewalls Network Security
Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
FIREWALLS Prepared By: Hilal TORGAY Uğurcan SOYLU.
P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
1 Chapter 20: Firewalls Fourth Edition by William Stallings Lecture slides by Lawrie Brown(modified by Prof. M. Singhal, U of Kentucky)
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
CSCI 530 Lab Intrusion Detection Systems IDS. A collection of techniques and methodologies used to monitor suspicious activities both at the network and.
Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Firewall – Survey Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic Characteristic of a firewall – All traffic must go through.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Oluwatosin Oguntola Firewalls.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Module 11: Designing Security for Network Perimeters.
Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.
1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.
Security fundamentals Topic 10 Securing the network perimeter.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
CSCE 201 Network Security Firewalls Fall CSCE Farkas2 Traffic Control – Firewall Brick wall placed between apartments to prevent the spread.
Chapter 9 Networking & Distributed Security (Part C)
Firewall Technology and InterCell Communication Peter T. Dinsmore Trusted Information Systems Network Associates Inc 3060 Washington Rd (Rt. 97) Glenwood,
Computer Security Firewalls and Intrusion Prevention Systems.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
Security fundamentals
CompTIA Security+ Study Guide (SY0-401)
Click to edit Master subtitle style
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
CompTIA Security+ Study Guide (SY0-401)
Firewalls Purpose of a Firewall Characteristic of a firewall
IS4680 Security Auditing for Compliance
Firewalls Types of Firewalls Inspection Methods Firewall Architecture
Firewalls Jiang Long Spring 2002.
Firewall.
Firewalls.
Intrusion Detection system
Introduction to Network Security
Presentation transcript:

Network Security Technologies CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University

References Security in Computing, 3 rd Ed. Security in Computing, 3 rd Ed. Chapter 7 (pgs ) Chapter 7 (pgs )

Section Overview Firewall Components Firewall Components Firewall Architectures Firewall Architectures Network Intrusion Systems Network Intrusion Systems Honeypots Honeypots

Internet Firewalls DMZ Internet InternalNetwork

Firewall Benefits Host Service Protection Host Service Protection Host Access Control Host Access Control Centralized Point of Security Centralized Point of Security Enhanced Privacy Enhanced Privacy Increased Audit Logging Increased Audit Logging Policy Enforcement Policy Enforcement

Implementation Issues Service Restrictions Service Restrictions Allowed Service Vulnerabilities Allowed Service Vulnerabilities User Backdoors User Backdoors Insider Attacks Insider Attacks Viruses Viruses Network Throughput to/from Internet Network Throughput to/from Internet Single Point of Failure Single Point of Failure

Firewall Components Network Policy Network Policy Advanced Authentication Advanced Authentication Packet Filtering Packet Filtering Application Gateways Application Gateways

Network Policy Service Access Policy Service Access Policy Extension of Site Security Policy Extension of Site Security Policy Which services are allowed to/from which hosts Which services are allowed to/from which hosts Who is authorized to change policy Who is authorized to change policy Firewall Design Policy Firewall Design Policy How Service Access Policy is implemented How Service Access Policy is implemented Either… Either… Permit any service unless it is expressly denied Permit any service unless it is expressly denied Deny any service unless it is expressly permitted Deny any service unless it is expressly permitted

Advanced Authentication UnauthenticatedAuthenticated Using one-time password techniques to allow access via certain services Internet Internal Network

Packet Filtering Routers Allowing/Restricting access based on: IP Addresses (source/destination) IP Addresses (source/destination) Protocol (TCP/UDP/ICMP) Protocol (TCP/UDP/ICMP) TCP/UDP Ports (source/destination) TCP/UDP Ports (source/destination) ICMP Message Type ICMP Message Type Packet Size Packet Size Router Interface/Direction Router Interface/Direction Single and multiple addresses/ports per entry Single and multiple addresses/ports per entry Screening Routers Screening Routers

Packet Filtering Options Send the packet Send the packet Reject the packet Reject the packet Drop the packet Drop the packet Log information about the packet Log information about the packet Notify administrator (set off an alarm) Notify administrator (set off an alarm)

Packet Filtering Weaknesses Hard to configure Hard to configure Hard to test Hard to test More complex the rules, more performance might be impacted More complex the rules, more performance might be impacted No Advanced Authentication support No Advanced Authentication support

Application Gateways Service components allowed/denied based on rule set Service components allowed/denied based on rule set Each packet repackaged after examination Each packet repackaged after examination Information hiding Information hiding Robust authentication and logging Robust authentication and logging

Application GW Weaknesses Scalability Scalability Each service requires it’s own proxy Each service requires it’s own proxy Difficult to manage Connectionless Protocols Difficult to manage Connectionless Protocols Performance Performance Each packet gets repackaged Each packet gets repackaged OS/Service Bugs OS/Service Bugs

Circuit Gateways Similar to Application Gateway Similar to Application Gateway No packet processing done at the gateway No packet processing done at the gateway

Stateful Multi-Layer Inspection Inspects raw packets Inspects raw packets Inspection engine intercepts packet at the OSI Network Layer Inspection engine intercepts packet at the OSI Network Layer Context Aware Context Aware Creates a virtual state for connectionless protocols Creates a virtual state for connectionless protocols Source: Checkpoint Software Checkpoint SoftwareCheckpoint Software Technologies Ltd. Technologies Ltd.

Firewall Architectures Single Device Single Device Screening Router Screening Router Dual-Homed Host Dual-Homed Host Multi-Device Multi-Device Screened Host Screened Host Screened Subnet Screened Subnet Split-Screened Subnet Split-Screened Subnet

Screening Router Internet InternalNetwork ScreeningRouter

Dual-Homed Gateway Internet InternalNetwork ProxyServer InfoServer

Network Address Translation Not specifically for security (RFC 1918) Not specifically for security (RFC 1918)RFC 1918RFC 1918 Hides internal network configuration Hides internal network configuration 1 to 1 allocation 1 to 1 allocation Static Static Dynamic Dynamic IP Masquerading IP Masquerading Many internal addresses using 1 external address Many internal addresses using 1 external address Only internal hosts can initiate a connection Only internal hosts can initiate a connection

Screened Host Internet InternalNetwork BastionHost InternetServer ScreeningRouter

Screened Subnet Internet InternalNetwork BastionHost InternetServer ScreeningRouter ScreeningRouter

Split Screened Subnet Internet InternalNetwork Dual-HomedProxy InternetServer ScreeningRouter ScreeningRouter IntranetServer

Network Intrusion Detection Internet InternalNetwork Dual-HomedProxy ScreeningRouter ScreeningRouter AnalysisStation Sensors

IDS Analysis Knowledge based (attack signatures) Knowledge based (attack signatures) Port Scans Port Scans Denial of Service Denial of Service Known Service Attacks Known Service Attacks Spoofing Spoofing Content Content Behavioral based Behavioral based

IDS Weaknesses Very young technology Very young technology False Positives False Positives False Negatives False Negatives Scalability Scalability

Honeypots Sacrificial host used to lure attackers Sacrificial host used to lure attackers Simulates a vulnerable system Simulates a vulnerable system Used to study attacker techniques Used to study attacker techniques Firewall/IDS traffic logs Firewall/IDS traffic logs System logs System logs File Integrity Checker logs File Integrity Checker logs Keystroke capturing Keystroke capturing Early Case – “Berferd” Early Case – “Berferd”Berferd

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com Inc. All rights reserved.