Ce diaporama a bien été signalé.
FireWall is device that provides secure connectivity between
A firewall may be a hardware, software, or a combination of
both that is used to prevent unauthorized programs or Internet
users from accessing a private network and/or a single computer.
Hardware vs. Software Firewalls
Protect an entire network
Implemented on the router level
Usually more expensive, harder to configure
Protect a single computer
Usually less expensive, easier to configure
How does a software firewall work?
Inspects each individual “packet” of data as it arrives at either
side of the firewall
Determines whether it should be allowed to pass through or if it
should be blocked
Types of Firewalls
Common types of Firewalls:
1. Packet-filtering routers
2. Application-level gateways1
3. Circuit-level gateways1
◦ Packet-filtering Router
• Applies a set of rules to each incoming IP packet
and then forwards or discards the packet
◦ Filter packets going in both directions
◦ The packet filter is typically set up as a list of
rules based on matches to fields in the IP or TCP
◦ Two default policies (discard or forward)
Packet Filtering Firewall
Packet is Blocked or Discarded
Packet Filtering Firewall
A packet filtering firewall is often called a network layer firewall
because the filtering is primarily done at the network layer (layer
three) or the transport layer (layer four) of the OSI reference
Gateway sits between user on inside and server on outside. Instead of
talking directly, user and server talk through proxy.
Allows more fine grained and sophisticated control than packet
filtering. For example, ftp server may not allow files greater than a set
A mail server is an example of an application gateway
◦ Can’t deposit mail in recipient’s mail server without passing through
sender’s mail server
host ftp session
1. Stand-alone system
2. Specialized function performed by an Application-level Gateway
3. Sets up two TCP connections
4. The security function consists of determining which connections
will be allowed
5. Typically use is a situation in which the system administrator
trusts the internal users
Allow – traffic that flows automatically because it has been
Block – traffic that is blocked because it has been deemed
dangerous to your computer
Ask – asks the user whether or not the traffic is allowed to pass
Making The Firewall Fit
What It Protects You From
Simple Mail Transfer Protocol session hijacking
Operating system bugs
What a personal firewall can do ?
• Stop hackers from accessing your computer.
• Protects your personal information.
• Blocks “pop up” ads and certain cookies.
• Determines which programs can access the Internet.
• Block invalid packets.
• What a personal firewall cannot do ?
• Cannot prevent e-mail
– Only an antivirus product
with updated definitions can
prevent e-mail viruses.
• After setting it initially, you cannot forget about it
– The firewall will require periodic updates to the rulesets
and the software itself.