Presentation is loading. Please wait.

Presentation is loading. Please wait.

Transport Layer Systems Firewalls and NAT

Published byAbner Lewis Modified over 5 years ago

Similar presentations

Presentation on theme: "Transport Layer Systems Firewalls and NAT"— Presentation transcript:

1 Transport Layer Systems Firewalls and NAT
ECE 671 – Lecture 14 Transport Layer Systems Firewalls and NAT

2 Transport layer systems
Traffic handling at level of connections or flows Firewall Network Address Translator ECE 671

3 Firewall Firewall distinguishes between traffic sources
“Inside” traffic is let through “Outside” traffic is blocked How to achieve duplex communication? ECE 671

4 Firewall Firewall keeps record of connections from inside
Traffic with reverse 5-tuple is let through from outside Additional feature Rules to allow or block traffic How can a firewall be circumvented? ECE 671

5 Network Address Translation
Limited IP address space Use reserved space for home/corporate networks: /16 or 10/8 Use only one IP address toward Internet NAT translates between outside and inside addresses How can multiplexing/demultiplexing be achieved? ECE 671

6 Network Address Translation
ECE 671

7 Network Address Translation
NAT box tracks connections Port number identifies connection NAT box overwrites layer 3/4 headers ECE 671

8 Transport layer systems
Firewall and NAT keep track of similar information Functionality often combined in same system Home gateways typically implement firewalls, NAT, DHCP More sophisticated firewalls also use content filter Requires application layer system ECE 671

Download ppt "Transport Layer Systems Firewalls and NAT"

Similar presentations

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
IP Masquerading Homes and Businesses: When you only have one IP but you have LOTS of machines.

IP Masquerading Homes and Businesses: When you only have one IP but you have LOTS of machines.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &

1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &
Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.

Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.
Sybex CCNA 640-802 Chapter 11: Network Address Translation Instructor & Todd Lammle.

Sybex CCNA Chapter 11: Network Address Translation Instructor & Todd Lammle.
Hardware Firewall Feature © N. Ganesan, Ph.D.. Chapter Objectives Show the configuration of a hardware firewall such as Dlink DI 604 Illustrate the sharing.

Hardware Firewall Feature © N. Ganesan, Ph.D.. Chapter Objectives Show the configuration of a hardware firewall such as Dlink DI 604 Illustrate the sharing.
NAT Network Address Translation. NAT Links cisco.shtmlhttp://www.cisco.com/warp/public/556/nat- cisco.shtml.

NAT Network Address Translation. NAT Links cisco.shtmlhttp:// cisco.shtml.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.

Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
Chapter 8 PIX Firewall. Adaptive Security Algorithm (ASA)  Used by Cisco PIX Firewall  Keeps track of connections originating from the protected inside.

Chapter 8 PIX Firewall. Adaptive Security Algorithm (ASA)  Used by Cisco PIX Firewall  Keeps track of connections originating from the protected inside.
A Brief Taxonomy of Firewalls

A Brief Taxonomy of Firewalls
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
9/11/2015Home Networking1 Bob.test Have Road Runner Unhappy about reports of constant probes of machines Policy decision –I want to prevent unauthorized.

9/11/2015Home Networking1 Bob.test Have Road Runner Unhappy about reports of constant probes of machines Policy decision –I want to prevent unauthorized.
Chapter 6: Packet Filtering

Chapter 6: Packet Filtering
Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.

Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.

Similar presentations

Ads by Google