Presentation is loading. Please wait.

Presentation is loading. Please wait.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Similar presentations

Presentation on theme: "Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain."— Presentation transcript:

1 Building Your Own Firewall Chapter 10

2 Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain how enterprise firewalls work

3 Enterprise versus Desktop Firewalls Enterprise firewall Protects entire network or a network segment Can be a separate hardware appliance or software-only Desktop firewall Software-only firewall intended to be installed on one client computer on the network and provide protection only to that device Also known as a personal firewall

4 Enterprise Firewall

5 Desktop Firewalls Have generally replaced hardware firewalls for protection of a single device Intercept and inspect all data that enters or leaves the computer Traffic can generally be blocked by IP address, port address, or application Protects against rogue access points and worms

6 Desktop Firewalls

7 Rogue Access Point

8 Desktop Firewalls Help protect network by providing additional level of security at each network device Recent increase in popularity Popular desktop firewalls Tiny Personal Firewall Sygate Personal Firewall ZoneAlarm

9 Tiny Personal Firewall Unique for advanced security features Based on a technology certified by ICSA Made up of several different “engines” Includes an Intrusion Detection System (IDS) engine Uses sandbox technology to create a closed environment around an application and restrict access to resources

10 Firewall Engine Performs stateful packet inspection Filters network activity based on TCP/IP protocol Supports rules that link to specific applications (Application Filter) Ensures that an application program on the computer is the real program and not a Trojan horse Creates and checks MD5 signatures (checksums) of application programs

11 Tiny Personal Firewall Engine

12 Checksums

13 IDS Engine Report

14 Sandbox Technology Protects resources Device drivers Registry database that contains all configurations of the computer File system Shields and constantly monitors application programs to protect privacy and integrity of the computer system continued

15 Sandbox Technology Protects against active content programs being used to perform: Theft of information and data Remote access via Internet Manipulation of communication Deletion of files Denial of service

16 Tiny Personal Firewall Sandbox

17 Sandbox Objects

18 Sygate Firewalls Protect corporate networks and desktop systems from intrusion Prevent malicious attackers from gaining control of corporate information network Range in design from enterprise-based security systems to personal firewall systems Secure Enterprise Personal Firewall Pro

19 Sygate Secure Enterprise Top-of-the-line product that combines protection with centralized management Made up of Sygate Management Server (SMS) and Sygate Security Server SMS enables security managers to create a global security policy that applies to all users and groups Subgroups can be created within the global group Can produce detailed reports of firewall’s actions

20 Sygate Management Server

21 Sygate Personal Firewall Pro Designed for business users but lacks centralized management features Provides in-depth low-level tools for protecting computers from a variety of attacks

22 Sygate Personal Firewall Pro

23 Blocks or allows specific services and applications instead of restricting specific TCP network ports Fingerprinting system ensures that an application program is the real program and not a Trojan horse

24 Sygate Personal Firewall Pro

25 Provides flexibility over rules that govern the firewall Contains other features not commonly found on most desktop firewall products (eg, testing and connection) Protects against MAC and IP spoofing

26 Sygate Personal Firewall Pro

27 ZoneAlarm Firewalls Bi-directional; provide protection from incoming and outgoing traffic Pop-up windows alert users to intrusion attempts Four interlocking security services Firewall Application Control Internet Lock Zones

28 ZoneAlarm Firewall


30 Uses fingerprints to identify components of a program as well as the program itself Prevents malicious code from gaining control of computer Stops potentially malicious active content

31 ZoneAlarm Firewall Application Control Allows users to decide which applications can or cannot use the Internet Internet Lock Blocks all Internet traffic while computer is unattended or while Internet is not being used Zones Monitors all activities on the computer; sends an alert when a new application tries to access the Internet

32 Internet Lock Settings

33 Zone Security

34 ZoneAlarm Logging Options

35 Enterprise Firewalls Still perform bulk of the work in protecting a network First line of defense in a security management plan Provide “perimeter security” Allow security managers to log attacks that strike the network

36 Popular Enterprise Firewall Products Linksys firewall/router Microsoft Internet Security and Acceleration (ISA) server

37 Linksys Offers a wide variety of routers, hubs, wireless access points, firewalls, and other networking hardware Produces solid products that provide strong security and are easy to set up and use

38 Linksys Firewall/Router Comes in a variety of configurations Good solutions for connecting a group of computers to a high-speed broadband Internet connection or to a 10/100 Ethernet backbone and also support VPN

39 Linksys Firewall/Router Features an advanced stateful packet inspection firewall Does not block transmissions based on the application Supports system traffic logging and event logging

40 Linksys Firewall/Router Features Web filter Block WAN request Multicast pass through IPSec pass through PPTP pass through Remote management

41 Microsoft ISA Server 2000 Enterprise firewall that integrates with Microsoft Windows 2000 operating system for policy-based security and management Provides control over security, directory, virtual private networking (VPN), and bandwidth Available in two product versions ISA Server Standard Edition ISA Server Enterprise Edition

42 Microsoft ISA Server 2000 Provides two tightly integrated modes Multilayer firewall Web cache server Software uses a multihomed server Firewall protection is based on rules which are processed in a certain order

43 Multihomed Server

44 Order of Processing ISA Server Rules Incoming requests 1.Packet filters 2.Web publishing rules 3.Routing rules 4.Bandwidth rules Outgoing requests 1.Bandwidth rules 2.Protocol rules 3.Site and content rules 4.Routing rules 5.Packet filters

45 Microsoft ISA Server Policy Elements Schedules Bandwidth priorities Destination sets Client Address sets Content groups

46 Chapter Summary Types of firewalls currently available for enterprise, small office home office (SOHO), and single computer protection Features of these firewalls that provide the necessary protection to help keep a network or computer secure

Download ppt "Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain."

Similar presentations

Ads by Google