Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firewalls Jiang Long Spring 2002.

Published byKrister Gulbrandsen Modified over 5 years ago

Similar presentations

Presentation on theme: "Firewalls Jiang Long Spring 2002."— Presentation transcript:

1 Firewalls Jiang Long Spring 2002

2 Outline What’s a network firewall Why need a firewall
Introduction What’s a network firewall Why need a firewall Weakness of firewalls Several types of firewall techniques Policy considerations Making firewalls fit Firewall configurations Conclusion & References

3 Internet Growth Thousands of users Source:Bank IT’98

4 What’s a network firewall
Internet Home Internet Firewall A network firewall is a system or group of systems that enforces an access control policy between two networks Implemented in both hardware and software, or a combination of both

5 Why need a firewall against unauthenticated
interactive logins from the “outside” world provide a single ``choke point'' where security and audit can be imposed act as your corporate “ambassador” to the Internet

6 Weakness of Firewalls difficult to let data in through
make the network more complex can't protect very well against things like viruses provide no or little protection on incoming traffic

7 Several types of firewall techniques
Packet Filtering Application-level Gateway Circuit-level Gateway Proxy Server

8 Packet Filtering Firewall
looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. fairly effective and transparent to users difficult to configure

9 Application-level Gateway
applies security mechanisms to specific applications generally regarded as the most secure type of firewall, very effective , but can impose a performance degradation set up may be complex such as FTP and Telnet servers

10 Circuit-level Gateway
also called as “Circuit Relay” or “Stateful Inspection Firewall” applies security mechanisms when a TCP or UDP connection is established packets can flow between the hosts without further checking.

11 Proxy Server a program possibly running on a separate proxy server computer accepts information transfer requests and sends appropriate responses back such as caching proxy for web browsers (used by ISP) used to block access to undesirable sites, or remove undesirable information contained on a web page effectively hides the true network addresses

12 Policy Considerations
the risks you intend to manage the services you intend to offer from networks the services you intend to request from networks the objective that all incoming and outgoing network traffic must go through the firewall be safe and in your interests minimize the exposure of information

13 Making Firewalls Fit IP address Domain names Protocols
(IP, TCP, HTTP,FTP,UDP etc.) Ports Specific words and phases

14 Firewall Configurations (1)
Bastion Host No traffic directly between networks Figure A typical Dual Homed Gateway

15 Firewall Configurations (2)
Traffic Blocked Private Network Internet Screening Router Other Hosts Traffic Permitted Bastion Host Figure 8.2 A typical Screened Host Gateway

16 Firewall Configurations (3)
Traffic Blocked Internet Private Network Screening Router Screened Subnet Other Hosts Traffic Permitted Bastion Host Figure 3: A typical Screened Subnet

17 Conclusion Firewalls are a very effective way to protect your system from most Internet security threats and are a critical component of today's computer networks. Firewalls in networks keep damage on one part of the network (e.g., eavesdropping, a worm program, file damage) from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down.

18 References http://searchsecurity.techtarget.com/sDefinition

19 Thank you

Download ppt "Firewalls Jiang Long Spring 2002."

Similar presentations

Network Security Essentials Chapter 11

Network Security Essentials Chapter 11
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
HIPAA Security Standards What’s happening in your office?

HIPAA Security Standards What’s happening in your office?
Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
Chapter 11 Firewalls.

Chapter 11 Firewalls.
5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.

5/4/01EMTM 5531 EMTM 553: E-commerce Systems Lecture 7b: Firewalls Insup Lee Department of Computer and Information Science University of Pennsylvania.
1 Pertemuan 05 Firewall Matakuliah: H0451/Praktikum Jaringan Komputer Tahun: 2006 Versi: 1/0.

1 Pertemuan 05 Firewall Matakuliah: H0451/Praktikum Jaringan Komputer Tahun: 2006 Versi: 1/0.
Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.

Electronic Commerce 2. Definition Ecommerce is the process of buying and selling products and services via distributed electronic media, usually the World.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey

Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.

Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Network Security (Firewall) Instructor: Professor Morteza Anvari Student: Xiuxian Chen ID: 93036 Term: Spring 2001.

Network Security (Firewall) Instructor: Professor Morteza Anvari Student: Xiuxian Chen ID: Term: Spring 2001.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.

Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Similar presentations

Ads by Google