2. Content
Introduction to firewall 3
Firewalls Today 5
Types of firewall 6
• Personal Firewall 6
• Organization Firewall 6
• Enterprise Firewall 7
Generation of firewall: How firewall have evolved 8
• Packet Filters 9
• Circuit Level Gateways 10
• Proxy server/Application layer 11
• Stateful Filters 12
The Firewall Topology 13
• Dual homed gateway firewalls 14
• Screened host firewalls 15
• Screened subnet firewalls 16
Choices of firewall 17
• Software Firewalls 17
Some Known Software Firewalls
o Kaspersky Internet Security 18
o Norton 360 19
o Zorn Alarm Internet Security 20
• Hardware Firewalls 21
Some Known Hardware Firewalls 22
o D-Link: D-Link DIR-655 Xtreme N Gigabit Router
22
o Cisco: ASA 5550 Firewall
23
Future of firewall 24
Conclusion 25
Firewall Page 2 out of 26 Mohamed Afzal Amir
3. Introduction to firewall
The idea of firewall emerged from construction industry. It was
in the 19th century the building of flights, houses etc. The
structure of the metal sheets in these houses, flights were called
physical firewall. It was a pretty silly name at that time, but the
barrier of metal sheets protected from fire. Firewall the word
neither had any impact on the developing computer age at that
time.
In late 1980’s the usage of internet among people started
growing rapidly. Companies from small to huge corporations
started implementing network among their business. So there
were huge traffic and the allocation of different networks was a
head aching job for the network administrators.
The procedure of firewalls for network security was then
introduced to routers used in the late 1980s to separate networks
from one another. Although the view of internet at that time was
in the business area, small internet communities and individuals
were the major internet security threat to these businesses. And
firewall was the savior of networks threats such as data stealing,
unauthorized access etc.
These people made firewall an important element in network
security:
• Clifford Stoll a US astronomer and
computer expert, discovered that German
spies accessing his system.
After this incident US started to implement
firewall security in the government
networks.
Firewall Page 3 out of 26 Mohamed Afzal Amir
4. • Bill Cheswick the author of the famous
security book “Firewalls and Internet
Security” set up a simple electronic jail to
observe an attacker.
He devoted himself and brought a huge
impact on awareness of firewall and
internet and network security.
• Robert Tappan Morris created Morris Worm which was the
virus that awakened all the network
administrators and made them think of the
importance of firewall. The networks
administrators weren’t expecting anything
like this. The worm spread around networks
around the world. 10% of the internet was
infected.
Firewall Page 4 out of 26 Mohamed Afzal Amir
5. Firewalls Today
Today firewall is defined as a barrier to keep destructive forces
away. In computer world firewall is simply a program or a
hardware device that filters the information coming through the
internet or local networks. When an unauthorized data goes
through the filter, it recognizes the data and it blocks the data
going in or out of the network. The set of rules are set by the
network administrator and the transmitted data are inspected by
firewall and then unauthorized data is terminated.
Today the internet is considered to be a zone with no trust and
an internal network which is a zone of higher trust.
Firewall Page 5 out of 26 Mohamed Afzal Amir
6. Types of firewall
Firewall usually depends on three types. They are Personal
Firewall, Organization firewall and Enterprise firewall.
Normally the types of firewall are determined to check out the
amount of users of the firewall.
• Personal firewall: A
personal firewall is
mostly found on single
computers. It is most
likely to protect the
computer in means of
software. In rare cases
hardware is also used in this type of firewall. They
are also found in small networks and are known to have
limited reporting and management features.
• Organization firewall:
These firewalls are
designed to protect all
the computers in an
organization or an
office of a limited size.
Although it can handle
limited number of
computers it can screen network traffic and has reporting and
management capabilities far better than a personal firewall.
Firewall Page 6 out of 26 Mohamed Afzal Amir
7. • Enterprise firewall: Enterprise firewalls are appropriate for
larger organizations which includes organizations thousands
of users. The reporting capabilities include reports for
multiple firewalls. In addition the management tools enable
to configure multiple firewalls in a single click.
Firewall Page 7 out of 26 Mohamed Afzal Amir
8. Generation of firewall: How firewall have
evolved
Firewall has evolved into its different faces in past 4 decade.
Researches have been made and are been going now and then.
And these researches have been implemented in its every
generation. Each generation consists of different filter
mechanism and more and more secure versions of the firewall it
self.
Firewall Page 8 out of 26 Mohamed Afzal Amir
9. Packet filters
In 1988 engineers from Digital Equipment Corporation
developed a filter system known as packet filter firewalls. This
system was fairly known as the first generation of firewall. But
it evolved highly into important internet security feature.
Furthermore Bill Cheswick and Steve Bellovin continued their
research in packet filtering and developed a working model for
their company AT&T Bell Labs. This model was based on the
first generations filter system. Packet filters inspects the packets
which represent the basic unit of data transfer between
computers and the internet. If the packet meets up with filtering
rules, it is then dropped or rejected and sends an error message.
In this model packet filters doesn’t pay any attention to whether
the packet belongs to local network, instead of that it filters the
packets based only on information it has.
In addition in this packet filtering system, it pays no attention to
whether the packets are part of the local network. Instead of that
it only filters the information in the packet it self.
Firewall Page 9 out of 26 Mohamed Afzal Amir
10. Circuit Level Gateways
Circuit level gateways works at the session layer of the OSI
reference model. They monitor TCP handshaking between
packets to determine whether a requested session is valid or not.
This is useful for hiding information about protected networks.
Circuit level gateways have the advantage of hiding information
about the private network. On the other hand they do not filter
individual packets. An example of circuit level gateways can be
web browsing. As it only depends on the packets between web
browser and the internet
As in the diagram the packets out from the internet gets into the
network. And the responding packets get out.
Firewall Page 10 out of 26 Mohamed Afzal Amir
11. Proxy server/Application layer
Proxy server firewalls are also known as application layer
firewall. The idea came from the researches in AT&T Bell
Laboratories. Compared to Circuit level gateway, proxy server
firewalls required separate network service configuration on the
firewall. The rules for the services must be specified by network
administrators.
For example a firewall that supports HTTP, FTP and SMTP will
not support Telnet, as telnet rules are not specified in the
firewall.
An authorized user can access to the corporate LAN and
Application Gateway because the firewall has given the network
service to the user. While a hacker is not authorized so they are
given an error.
Another would be normal user can gain access into the HTTP,
FTP & SMTP as they are given a separate network
configuration for them. While they cannot access the
administrator level network services such as telnet or remote
administrator tool application.
Firewall Page 11 out of 26 Mohamed Afzal Amir
12. Stateful filters
Stateful multilayer firewalls provide more protection than other
filters. This is because it has multilayer inspection firewall
which offers the functionality of packet filter system and proxy
server firewall. This type of firewall can help prevent attacks
which exploit existing connections, or certain Denial of service
attacks.
Firewall Page 12 out of 26 Mohamed Afzal Amir
13. The Firewall Topology
The firewall topology is the different ways a firewall can be set
up on a network. Depending on the needs firewalls can have a
very simple setup which is enough for protecting personal
computer or small network and there is more complicated setup
which will provide more protection and security.
Firewall topology comes in three types, they are
• Dual homed gateway firewalls.
• Screened host firewalls.
• Screened subnet firewalls.
Firewall Page 13 out of 26 Mohamed Afzal Amir
14. Dual Homed Gateway Firewalls
Dual homed gateway firewalls provides internal and external
protection for local networks. The name dual homed is given
because it uses two network interface and mostly are found in
small networks.
In this firewall it does not allow the forwarding of IP packets.
This makes sure that no data is allowed to pass directly to the
internal users in the network. The main reason to implement
dual homed firewalls is that it can filter multiple packets with a
packet filtering router for more additional protection. This
topology is mostly found in home networks.
Firewall Page 14 out of 26 Mohamed Afzal Amir
15. Screened Host Firewalls
Screened host firewalls are designed with bastion host and with
a screened router. Mainly the bastion host and screened router
act as the main security in screened host. The bastion software
scans and takes care of the applications while the router filters
the data packets.
The bastion host consists of two network cards, one for the
transmission of data within the intranet and another for
connecting to the intranet. Before the any information is
authorized to pass through the network the screening router
filters and checks the information contained in the packets. After
passing the filters another security check upon applications are
carried out by bastion host. It checks all the incoming and
outgoing information and packets that the network sends.
This topology usually considerably is used in business and
organizational areas.
Firewall Page 15 out of 26 Mohamed Afzal Amir
16. Screened Subnet Firewalls
This is the topology where a combination of two screening
routers is used. The first screening router separates internet from
public accessibility to the internal subnet. The second screening
router is an internal screening router. It separates the hosts that
are publicly accessible to the internal network.
The external screening routers duty is to block the packets
which are directly addressed to the internal hosts in the network.
It also blocks packets for unauthorized services. The only
packets that can pass through are those packets which has the
source or destination IP same as the firewalls IP.
The internal screening router has the job of blocking all packets
except the source or destination IP same as the firewalls IP. It
can also be extended according to the services defined by the
firewall.
Firewall Page 16 out of 26 Mohamed Afzal Amir
17. Choices of firewall
Software Firewalls
For individuals the most popular firewall choice is a software
firewall. Software firewalls are installed in the individual
computers and are also customizable. Furthermore software
firewall allows controlling some of its function and protection
features. A software firewall will protect computer from outside
attempts such as common trojan programs, viruses and email
worms etc. Many software firewalls have user defined controls
for setting up safe file and printer sharing and also blocks unsafe
applications from running on the system. Further more software
firewalls may also include privacy controls, web filtering etc.
The disadvantage of software firewalls is that they will only
protect the computer they are installed on. The rest of the
network needs each and every computer to have a software
firewall separately.
Firewall Page 17 out of 26 Mohamed Afzal Amir
18. Some known software firewalls
Kaspersky Internet Security: It provides
a comprehensive security tool kit with a
nicely organized interface. Protects from
malware, viruses etc. Has a powerful
firewall.
Kaspersky Internet Security interface
Firewall Page 18 out of 26 Mohamed Afzal Amir
19. Norton 360: Has the best value for easy use of
tools offered, and overall system performance.
Use multiple tools to control the firewall.
Firewall Page 19 out of 26 Mohamed Afzal Amir
21. Zone Alarm Internet Security Suite:
Compared to other softwares, one of the best
firewall tool. Has light weight software which
performs best in home use.
Zone Alarm: Firewall Protection Setting interface
Firewall Page 21 out of 26 Mohamed Afzal Amir
22. Hardware Firewalls
Hardware firewalls are stand alone hardware component but
most recently hardware firewalls are mostly found in broadband
routers. Furthermore it is considered to be an important part of
network set up and its security. Hardware firewalls can be
effective with little or no configuration, and they can protect
every machine on a local network. Most hardware firewalls will
have a minimum of four network ports to connect other
computers, but for larger networks switches and hubs are also
used.
A hardware firewall uses packet filtering to examine the header
of the packet and determines its source and destination. This
information is compared to a set of predefined or user created
rules that determine whether the packet is to be forwarded or
dropped.
Firewall Page 22 out of 26 Mohamed Afzal Amir
23. Some known hardware firewalls
D-Link: D-Link DIR-655 Xtreme N Gigabit Router is a
router which has fast performance. It
has a combination of latest in built
wireless security and includes
intergraded wireless security wizard.
This router can be controlled very easily
through the high Graphical User
Interface it provides.
DIR 655 Xtreme N: Configuration Page
Firewall Page 23 out of 26 Mohamed Afzal Amir
24. Cisco: ASA 5550 Firewall delivers
advanced threat defense service. This
means network and application traffic
will be protected. It is also defensive from worms, virus and
network attacks such as denial of services or ddos. Spyware and
adware protection is also available in this firewall.
Cisco ASA Software for ASA 5500
Firewall Page 24 out of 26 Mohamed Afzal Amir
25. Future of firewall
Todays firewalls dont just filter packets but also do more
advance things like checking whether incoming packets contain
dangerous code or decoding email messages and passing their
attachments to an anti virus program. The only problem with
todays firewall is that none of the products on the market are
focused to the best. Because of the vast use of internet and
networks, the firewall has been an essential hardware and
software for the security of these things. So in business means
firewalls will never be the best, but the new firewall which
comes after the old one to the market will always be better.
It is believed that this market idea shall remain in firewall
business in the near future decades. Still we will get newer and
better firewalls in the future. Software is believed to be evolved
with hardware and both hardware and software will one day
work together meaning every function of the hardware shall be
controlled in the future firewalls.
Firewall hardware components may be included in the future
personal computers as personal firewalls. Supercomputers,
Mainframe computers and mini computers may come up with,
its own firewall technology in the near future. Furthermore the
researches done today shall be implemented in the future
firewalls. More over it is also believed that future network
attacks can be blocked before it reaches to the network. As seen
before Morris worm was one of the influential things which
brought up firewall. In the end the future firewalls would be
depended upon a combination of security tools and hardware.
Firewall Page 25 out of 26 Mohamed Afzal Amir
26. Conclusion
Firewall technology has
evolved significantly since the
days of basic packet filters and
network address translation. A
research today makes
technology of tomorrows
firewall. Firewall comes in
different types and topologies.
These types and topologies
helps to ensure that networks
and networks of networks the
internet have a secure
connection between each
other. Furthermore local
networks are also protected
under firewalls which suites
for the size of the network.
The future of firewall depends
on the hands of todays
influences such as network
security threats and viruses.
Firewall Page 26 out of 26 Mohamed Afzal Amir