2. INTRODUCTION
• The Internet has made large amount of information available to the average computer user at
home, in business and education.
• Therefore, security of network is the main criteria here and firewalls provide this security.
• An Internet firewall is most often installed at the point where your protected internal network
connects to the Internet.
• All traffic coming from the Internet or going out from your internal network passes through
the firewall. Because the traffic passes through it, the firewall has the opportunity to make
sure that this traffic is acceptable.
7/24/2019INTERNET FIREWALL @RT 2
3. WHAT IS FIREWALL ?
• A secure Internet gateway that is used to interconnect a private network to the Internet
• A firewall is a piece of software or hardware that filters all network traffic between your computer, home
network, or company network and the Internet.
• The word firewall explain a lot what it works it described a wall that was designed to contain a fire.
• A brick and mortar firewall is designed to contain a fire in one part of a building and thus prevent it from
spreading to another part of the building.
• A firewall in a computer network performs a role that is very similar to that of a firewall in a building
7/24/2019INTERNET FIREWALL @RT 3
4. CON…
• used to prevent unauthorized programs or Internet users from accessing a private network
and/or single computer.
7/24/2019INTERNET FIREWALL @RT 4
5. WHAT IS THE DIFFERENCE BETWEEN A
HOST-BASED FIREWALLAND A NETWORK-
BASED FIREWALL?
• Host-based firewall : software that is installed on computer most of time protects only one
computer. It founds on windows operating systems and most anti-virus has its futures.
• Network-based firewall: combination of hardware and software it is placed between private
network and the internet and it operates on network layer
• is implemented at a specified point in the network path and protects all computers on the
“internal” side of the firewall from all computers on the “external” side of the firewall.
• Protects an entire network
• They can be stand alone product or routers home , a built in firewall etc.
7/24/2019INTERNET FIREWALL @RT 5
6. DESIGN GOALS FOR A FIREWALLS
• The first design goal for a firewall is that collectively the sum of all the network traffic from
internal to external must go through the firewall physically cutting off all access to the local
network except via the firewall.
• The second design goal would be only authorized traffic which is delineated by the local
security policy will be allowed to proceed.
• Finally the last design goal is that the firewall itself is resistant to penetration inclusive is a
solid trustworthy system with a protected operating system
7/24/2019INTERNET FIREWALL @RT 6
7. APPLIANCE, SOFTWARE-ONLY FIREWALLS,
ALL-IN-ONE TOOLS
• Some firewalls consist of a piece of hardware with integrated software that provides a
number of firewall functions. Such a device is often referred to as a firewall appliance
• Software-only firewalls run on a computer that can also perform other functions. Most
personal firewalls that protect a single computer fall into this category.
• All-in-one offers a small box that promises to act as a cable modem, router, network hub,
wireless networking base station, and firewall.
7/24/2019INTERNET FIREWALL @RT 7
8. FIREWALL RULES
• Firewall rules or access control list this rules are customizable and determine by network administrator
• This rules either allows or deny based on access control list (firewall rules)
Firewall rules can be based on :
IP addresses,
domain names,
protocols ,
programs,
ports, keywords.
7/24/2019INTERNET FIREWALL @RT 8
9. TYPES OF FIREWALL
Packet filtering firewall it only checks header sender receiver and port number
• Inspects the packets as they arrive
• Headers from the different layers are inspected
• Information from the headers are fed into a dynamic state table
• Table is used to examine subsequent packets and connections.
Uses access control list
control list is table that rules are set by admin
7/24/2019INTERNET FIREWALL @RT 9
10. CON..
It’s is already present in routers
It’s limitation is that it’s not checks payload and the hacker can send
malicious data in this section
That is way it provides low security
• Application /proxy firewall proxy firewall the don’t let know which computer sends the request.
• it hides from attacker .
• it also checks payload part of the packet of responded data..
7/24/2019INTERNET FIREWALL @RT 10
11. CON..
• It is Mach slower than packet filtering firewall.
• And more secure than packet filtering firewall because it checks the content
of the data
• Hybrid firewall combine both packet filtering firewall and application
firewall in series form.
• Provides best security
• We use for big company and very sensitive data.
7/24/2019INTERNET FIREWALL @RT 11