SlideShare une entreprise Scribd logo

[9] Firewall.pdf

L
lamtran367679

Introduce about firewall

Formation
1  sur  26
Télécharger pour lire hors ligne
FIREWALL
2 What is a firewall?  Two goals:  To provide the people in your organization with access to the WWW without allowing the entire world to peak in;  To erect a barrier between an untrusted piece of software, your organization’s public Web server, and the sensitive information that resides on your private network.  Basic idea:  Impose a specifically configured gateway machine between the outside world and the site’s inner network.  All traffic must first go to the gateway, where software decide whether to allow or reject.
3 What is a firewall  A firewall is a system of hardware and software components designed to restrict access between or among networks, most often between the Internet and a private Internet.  The firewall is part of an overall security policy that creates a perimeter defense designed to protect the information resources of the organization.
4 Firewalls DO  Implement security policies at a single point  Monitor security-related events (audit, log)  Provide strong authentication  Allow virtual private networks  Have a specially hardened/secured operating system
5 Firewalls DON’T  Protect against attacks that bypass the firewall  Dial-out from internal host to an ISP  Protect against internal threats  disgruntled employee  Insider cooperates with and external attacker  Protect against the transfer of virus-infected programs or files
6 Types of Firewalls  Packet-Filtering Router  Application-Level Gateway  Circuit-Level Gateway  Hybrid Firewalls
7 Packet Filtering Routers • Forward or discard IP packet according a set of rules • Filtering rules are based on fields in the IP and transport header
8 What information is used for filtering decision?  Source IP address (IP header)  Destination IP address (IP header)  Protocol Type  Source port (TCP or UDP header)  Destination port (TCP or UDP header)  ACK. bit
9 Web Access Through a Packet Filter Firewall
10 Application Level Gateways (Proxy Server)
11 A Telnet Proxy
12 A sample telnet session
13 Application Level Gateways (Proxy Server)  Advantages:  complete control over each service (FTP/HTTP…)  complete control over which services are permitted  Strong user authentication (Smart Cards etc.)  Easy to log and audit at the application level  Filtering rules are easy to configure and test  Disadvantages:  A separate proxy must be installed for each application-level service  Not transparent to users
14 Circuit Level Gateways
15 Circuit Level Gateways (2)  Often used for outgoing connections where the system administrator trusts the internal users  The chief advantage is that a firewall can be configured as a hybrid gateway supporting application-level/proxy services for inbound connections and circuit-level functions for outbound connections
16 Hybrid Firewalls  In practice, many of today's commercial firewalls use a combination of these techniques.  Examples:  A product that originated as a packet-filtering firewall may since have been enhanced with smart filtering at the application level.  Application proxies in established areas such as FTP may augment an inspection-based filtering scheme.
17 Firewall Configurations  Bastion host  a system identified by firewall administrator as a critical strong point in the network’s security  typically serves as a platform for an application-level or circuit-level gateway  extra secure O/S, tougher to break into  Dual homed gateway  Two network interface cards: one to the outer network and the other to the inner  A proxy selectively forwards packets  Screened host firewall system  Uses a network router to forward all traffic from the outer and inner networks to the gateway machine  Screened-subnet firewall system
5/4/01 EMTM 553 18 Dual-homed gateway
19 Screened-host gateway
20 Screened Host Firewall
21 Screened Subnet Firewall
22 Screened subnet gateway
23 Selecting a firewall system  Operating system  Protocols handled  Filter types  Logging  Administration  Simplicity  Tunneling
24 Commercial Firewall Systems 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% C h e c k P o i n t C i s c o A x e n t N e t w o r k A s s o c i a t e s C y b e r G u a r d O t h e r s
25 Widely used commercial firewalls  AltaVista  BorderWare (Secure Computing Corporation)  CyberGurad Firewall (CyberGuard Corporation)  Eagle (Raptor Systems)  Firewall-1 (Checkpoint Software Technologies)  Gauntlet (Trusted Information Systems)  ON Guard (ON Technology Corporation)
[9] Firewall.pdf

Recommandé

Firewall & types of Firewall
Firewall & types of Firewall Firewall & types of Firewall
Firewall & types of Firewall BharathiKrishna6
 
Network Security Tools and applications
Network Security Tools and applicationsNetwork Security Tools and applications
Network Security Tools and applicationswebhostingguy
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
Network monitoring system
Network monitoring systemNetwork monitoring system
Network monitoring systemMyPresentations Services
 
Firewall
FirewallFirewall
Firewallnayakslideshare
 
Network Security-Module_1.pdf
Network Security-Module_1.pdfNetwork Security-Module_1.pdf
Network Security-Module_1.pdfDr. Shivashankar
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemMohit Belwal
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 

Recommandé

Firewall & types of Firewall
Firewall & types of Firewall Firewall & types of Firewall
Firewall & types of Firewall BharathiKrishna6
 
Network Security Tools and applications
Network Security Tools and applicationsNetwork Security Tools and applications
Network Security Tools and applicationswebhostingguy
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
Network monitoring system
Network monitoring systemNetwork monitoring system
Network monitoring systemMyPresentations Services
 
Firewall
FirewallFirewall
Firewallnayakslideshare
 
Network Security-Module_1.pdf
Network Security-Module_1.pdfNetwork Security-Module_1.pdf
Network Security-Module_1.pdfDr. Shivashankar
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemMohit Belwal
 
Presentation, Firewalls
Presentation, FirewallsPresentation, Firewalls
Presentation, Firewallskkkseld
 
Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerabilityA. Shamel
 
Ceh v5 module 02 footprinting
Ceh v5 module 02 footprintingCeh v5 module 02 footprinting
Ceh v5 module 02 footprintingVi Tính Hoàng Nam
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and FirewallShafeeqaFarsana
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Cleverence Kombe
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityShahid Beheshti University
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemOECLIB Odisha Electronics Control Library
 
03 cia
03 cia03 cia
03 ciaJadavsejal
 
Network security - Basic concepts
Network security - Basic conceptsNetwork security - Basic concepts
Network security - Basic conceptsKhoa Nguyen
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
Fundamentals of IoT Security
Fundamentals of IoT SecurityFundamentals of IoT Security
Fundamentals of IoT SecuritySHAAMILIVARSAGV
 
Secure shell ppt
Secure shell pptSecure shell ppt
Secure shell pptsravya raju
 
Information security
Information securityInformation security
Information securityLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoorsShrey Vyas
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefitsAnthony Daniel
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPSSantosh Khadsare
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkEng. Mohammed Ahmed Siddiqui
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...Edureka!
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's TypesHem Pokhrel
 

Contenu connexe

Tendances

Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerabilityA. Shamel
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and FirewallShafeeqaFarsana
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Cleverence Kombe
 
Network security - Basic concepts
Network security - Basic conceptsNetwork security - Basic concepts
Network security - Basic conceptsKhoa Nguyen
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
Fundamentals of IoT Security
Fundamentals of IoT SecurityFundamentals of IoT Security
Fundamentals of IoT SecuritySHAAMILIVARSAGV
 
Secure shell ppt
Secure shell pptSecure shell ppt
Secure shell pptsravya raju
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoorsShrey Vyas
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefitsAnthony Daniel
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkEng. Mohammed Ahmed Siddiqui
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...Edureka!
 

Tendances (20)

Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerability
 
Ceh v5 module 02 footprinting
Ceh v5 module 02 footprintingCeh v5 module 02 footprinting
Ceh v5 module 02 footprinting
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purpose
 
Network Security and Firewall
Network Security and FirewallNetwork Security and Firewall
Network Security and Firewall
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
03 cia
03 cia03 cia
03 cia
 
Network security - Basic concepts
Network security - Basic conceptsNetwork security - Basic concepts
Network security - Basic concepts
 
Cia security model
Cia security modelCia security model
Cia security model
 
Fundamentals of IoT Security
Fundamentals of IoT SecurityFundamentals of IoT Security
Fundamentals of IoT Security
 
Secure shell ppt
Secure shell pptSecure shell ppt
Secure shell ppt
 
Information security
Information securityInformation security
Information security
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefits
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for network
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...
 

Similaire à [9] Firewall.pdf

Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's TypesHem Pokhrel
 
firrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptxfirrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptxfatimagull32
 
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...FahmiOlayah
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter newKarnav Rana
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfDr. Shivashankar
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)Jainam Shah
 
Chapter_Five[1].ppt
Chapter_Five[1].pptChapter_Five[1].ppt
Chapter_Five[1].pptBachaSirata
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdfImXaib
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewallsDivya Jyoti
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptRevanth71
 
firewalls.ppt
firewalls.pptfirewalls.ppt
firewalls.pptRaj Kumar
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxShreyaBanerjee52
 

Similaire à [9] Firewall.pdf (20)

Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Firewall and It's Types
Firewall and It's TypesFirewall and It's Types
Firewall and It's Types
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
 
firrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptxfirrewall and intrusion prevention system.pptx
firrewall and intrusion prevention system.pptx
 
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
 
Firewall and its Types
Firewall and its TypesFirewall and its Types
Firewall and its Types
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall & packet filter new
Firewall & packet filter newFirewall & packet filter new
Firewall & packet filter new
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdf
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
 
Firewall
FirewallFirewall
Firewall
 
Chapter_Five[1].ppt
Chapter_Five[1].pptChapter_Five[1].ppt
Chapter_Five[1].ppt
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
 
Firewall
FirewallFirewall
Firewall
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Divyanshu.pptx
Divyanshu.pptxDivyanshu.pptx
Divyanshu.pptx
 
firewalls.ppt
firewalls.pptfirewalls.ppt
firewalls.ppt
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptx
 

Dernier

Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxVishalSingh1417
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptxMaritesTamaniVerdade
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701bronxfugly43
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
Third Battle of Panipat detailed notes.pptx
Third Battle of Panipat detailed notes.pptxThird Battle of Panipat detailed notes.pptx
Third Battle of Panipat detailed notes.pptxAmita Gupta
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...ZurliaSoop
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxheathfieldcps1
 

Dernier (20)

Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Spatium Project Simulation student brief
Spatium Project Simulation student briefSpatium Project Simulation student brief
Spatium Project Simulation student brief
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Third Battle of Panipat detailed notes.pptx
Third Battle of Panipat detailed notes.pptxThird Battle of Panipat detailed notes.pptx
Third Battle of Panipat detailed notes.pptx
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 

[9] Firewall.pdf

  • 2. 2 What is a firewall?  Two goals:  To provide the people in your organization with access to the WWW without allowing the entire world to peak in;  To erect a barrier between an untrusted piece of software, your organization’s public Web server, and the sensitive information that resides on your private network.  Basic idea:  Impose a specifically configured gateway machine between the outside world and the site’s inner network.  All traffic must first go to the gateway, where software decide whether to allow or reject.
  • 3. 3 What is a firewall  A firewall is a system of hardware and software components designed to restrict access between or among networks, most often between the Internet and a private Internet.  The firewall is part of an overall security policy that creates a perimeter defense designed to protect the information resources of the organization.
  • 4. 4 Firewalls DO  Implement security policies at a single point  Monitor security-related events (audit, log)  Provide strong authentication  Allow virtual private networks  Have a specially hardened/secured operating system
  • 5. 5 Firewalls DON’T  Protect against attacks that bypass the firewall  Dial-out from internal host to an ISP  Protect against internal threats  disgruntled employee  Insider cooperates with and external attacker  Protect against the transfer of virus-infected programs or files
  • 6. 6 Types of Firewalls  Packet-Filtering Router  Application-Level Gateway  Circuit-Level Gateway  Hybrid Firewalls
  • 7. 7 Packet Filtering Routers • Forward or discard IP packet according a set of rules • Filtering rules are based on fields in the IP and transport header
  • 8. 8 What information is used for filtering decision?  Source IP address (IP header)  Destination IP address (IP header)  Protocol Type  Source port (TCP or UDP header)  Destination port (TCP or UDP header)  ACK. bit
  • 9. 9 Web Access Through a Packet Filter Firewall
  • 13. 13 Application Level Gateways (Proxy Server)  Advantages:  complete control over each service (FTP/HTTP…)  complete control over which services are permitted  Strong user authentication (Smart Cards etc.)  Easy to log and audit at the application level  Filtering rules are easy to configure and test  Disadvantages:  A separate proxy must be installed for each application-level service  Not transparent to users
  • 15. 15 Circuit Level Gateways (2)  Often used for outgoing connections where the system administrator trusts the internal users  The chief advantage is that a firewall can be configured as a hybrid gateway supporting application-level/proxy services for inbound connections and circuit-level functions for outbound connections
  • 16. 16 Hybrid Firewalls  In practice, many of today's commercial firewalls use a combination of these techniques.  Examples:  A product that originated as a packet-filtering firewall may since have been enhanced with smart filtering at the application level.  Application proxies in established areas such as FTP may augment an inspection-based filtering scheme.
  • 17. 17 Firewall Configurations  Bastion host  a system identified by firewall administrator as a critical strong point in the network’s security  typically serves as a platform for an application-level or circuit-level gateway  extra secure O/S, tougher to break into  Dual homed gateway  Two network interface cards: one to the outer network and the other to the inner  A proxy selectively forwards packets  Screened host firewall system  Uses a network router to forward all traffic from the outer and inner networks to the gateway machine  Screened-subnet firewall system
  • 23. 23 Selecting a firewall system  Operating system  Protocols handled  Filter types  Logging  Administration  Simplicity  Tunneling
  • 25. 25 Widely used commercial firewalls  AltaVista  BorderWare (Secure Computing Corporation)  CyberGurad Firewall (CyberGuard Corporation)  Eagle (Raptor Systems)  Firewall-1 (Checkpoint Software Technologies)  Gauntlet (Trusted Information Systems)  ON Guard (ON Technology Corporation)