際際滷

際際滷Share a Scribd company logo

Firewall ( Cyber Security)

Download as PPTX, PDF
Jainam Shah
Jainam Shah

This document provides information about firewalls, including definitions, design principles, characteristics, and types. It defines a firewall as software that monitors incoming and outgoing network traffic to protect networks. Firewalls are designed to establish a controlled link between networks and protect internal networks from external attacks. There are three main types of firewalls: packet-filtering routers, application-level gateways, and circuit-level gateways. Packet-filtering routers apply rules to IP packets to forward or discard them, while application-level gateways act as proxies for application traffic. Circuit-level gateways determine which network connections are allowed.

1 of 24
Downloaded 32 times
A.D.Patel Institute Of Technology Sub:- Cyber Security Topic:- Firewall Dept. :- Automobile Engineering Prepared by :- Shah Jainam (140010102051) Shah Parva (140010102053)
Outline: What Is Firewall? About Firewall Firewall Design Principles Firewall Characteristics Types Of Firewalls Firewall Configuration Firewall v/s Packet Filters 3rd Party Firewall
What is FIREWALL? Firewall software is commonly installed on computers in order to monitor incoming and outgoing packet requests and to block any that may be from an untrustworthy source. Firewalls and antivirus programs are the two most basic forms of computer protection.
About FIREWALL It sits between two networks; Used to protect one from the other Places a bottleneck between the networks All communications must pass through the bottleneck this gives us a single point of control
Henric Johnson Firewall Design Principles The firewall is inserted between the premises network and the Internet Aims: Establish a controlled link Protect the premises network from Internet-based attacks Provide a single choke point
Firewall Characteristics Design goals: All traffic from inside to outside must pass through the firewall (physically blocking all access to the local network except via the firewall) Only authorized traffic (defined by the local security police) will be allowed to pass
Firewall Characteristics Four general techniques: (1)Service control Determines the types of Internet services that can be accessed, inbound or outbound. (2)Direction control Determines the direction in which particular service requests are allowed to flow.
Firewall Characteristics (3)User control Controls access to a service according to which user is attempting to access it. (4)Behavior control Controls how particular services are used (e.g. filter e-mail).
Types of Firewalls Three common types of Firewalls: (1) Packet-filtering routers (2) Application-level gateways (3) Circuit-level gateways
Types of Firewalls (1) Packet-filtering Router
Types of Firewalls Packet-filtering Router Applies a set of rules to each incoming IP packet and then forwards or discards the packet Filter packets going in both directions The packet filter is typically set up as a list of rules based on matches to fields in the IP or TCP header Two default policies (discard or forward)
Types of Firewalls Advantages: Simplicity Transparency to users High speed Disadvantages: Difficulty of setting up packet filter rules Lack of Authentication
Types of Firewalls (2)Application-level Gateway
Types of Firewalls Application-level Gateway Also called proxy server Acts as a relay of application-level traffic
Types of Firewalls Advantages: Higher security than packet filters Only need to scrutinize a few allowable applications Easy to log and audit all incoming traffic Disadvantages: Additional processing overhead on each connection (gateway as splice point)
Types of Firewalls Circuit-level Gateway
Types of Firewalls Circuit-level Gateway The security function consists of determining which connections will be allowed Typically use is a situation in which the system administrator trusts the internal users An example is the SOCKS package
Firewall Configurations Bastion host a system identified by firewall administrator as a critical strong point in the networks security typically serves as a platform for an application-level or circuit-level gateway extra secure O/S, tougher to break into. Dual homed gateway Two network interface cards: one to the outer network and the other to the inner A proxy selectively forwards packets. Screened host firewall system Uses a network router to forward all traffic from the outer and inner networks to the gateway machine. Screened-subnet firewall system
Dual-homed gateway
Screened-host gateway
Firewalls V/S Packet Filters Firewalls A firewall is a computer connected to both a private (protected) network and a public (unprotected) network, which receives and resubmits specific kinds of network requests on behalf of network clients on either the private or public network. Firewalls involve proxies. A proxy acts as a middle-man in a network transaction. Rather than allowing a client to speak directly to a server, the proxy server receives the request from the client, and then resubmits the request, on behalf of the client, to the target server. Firewalls are not routers or address translators. Never does a firewall copy or forward a packet from the internal network to the external network, or vice versa. The internal network uses private address space.
Firewalls V/S Packet Filters Packet Filters A packet filter is a set of rules, applied to a stream of data packets, which is used to decide whether to permit or deny the forwarding of each packet. Using a packet filter, an administrator can decide what types of packets are allowed into or out of a network or computer. Some devices, such as the Cisco PIX, combine address translation with packet filtering. Like a firewall, this prevents the outside network from having knowledge of the address space on the protected network. This certainly improves security, but, strictly speaking, this is not a firewall. It is worth noting that any good firewall will also employ packet filtering. This is done to protect the firewall itself from intrusion and to isolate intruders from the internal network should an attacker gain control of the firewall.
When You Would Want a Third-Party Firewall By default, the Windows firewall only does whats really important: block incoming connections. It has some more advanced features, but theyre in a hidden, harder-to-use interface. For example, most third-party firewalls allow you to easily control which applications on your computer can connect to the Internet. Theyll pop up a box when an application first initiates an outgoing connection. This allows you to control which applications on your computer can access the Internet, blocking certain applications from connecting. This can be a little annoying, but it does give you more control if youre a power user. If you want a firewall with loads of features, GlassWire is a third party firewall that is really nice. Rather than just being a firewall, it also shows you beautiful graphs of network activity, lets you drill down into exactly which application is connecting to where, and how much bandwidth an individual application is using.
Thank You

More Related Content

Firewall ( Cyber Security)

  • 1. A.D.Patel Institute Of Technology Sub:- Cyber Security Topic:- Firewall Dept. :- Automobile Engineering Prepared by :- Shah Jainam (140010102051) Shah Parva (140010102053)
  • 2. Outline: What Is Firewall? About Firewall Firewall Design Principles Firewall Characteristics Types Of Firewalls Firewall Configuration Firewall v/s Packet Filters 3rd Party Firewall
  • 3. What is FIREWALL? Firewall software is commonly installed on computers in order to monitor incoming and outgoing packet requests and to block any that may be from an untrustworthy source. Firewalls and antivirus programs are the two most basic forms of computer protection.
  • 4. About FIREWALL It sits between two networks; Used to protect one from the other Places a bottleneck between the networks All communications must pass through the bottleneck this gives us a single point of control
  • 5. Henric Johnson Firewall Design Principles The firewall is inserted between the premises network and the Internet Aims: Establish a controlled link Protect the premises network from Internet-based attacks Provide a single choke point
  • 6. Firewall Characteristics Design goals: All traffic from inside to outside must pass through the firewall (physically blocking all access to the local network except via the firewall) Only authorized traffic (defined by the local security police) will be allowed to pass
  • 7. Firewall Characteristics Four general techniques: (1)Service control Determines the types of Internet services that can be accessed, inbound or outbound. (2)Direction control Determines the direction in which particular service requests are allowed to flow.
  • 8. Firewall Characteristics (3)User control Controls access to a service according to which user is attempting to access it. (4)Behavior control Controls how particular services are used (e.g. filter e-mail).
  • 9. Types of Firewalls Three common types of Firewalls: (1) Packet-filtering routers (2) Application-level gateways (3) Circuit-level gateways
  • 10. Types of Firewalls (1) Packet-filtering Router
  • 11. Types of Firewalls Packet-filtering Router Applies a set of rules to each incoming IP packet and then forwards or discards the packet Filter packets going in both directions The packet filter is typically set up as a list of rules based on matches to fields in the IP or TCP header Two default policies (discard or forward)
  • 12. Types of Firewalls Advantages: Simplicity Transparency to users High speed Disadvantages: Difficulty of setting up packet filter rules Lack of Authentication
  • 14. Types of Firewalls Application-level Gateway Also called proxy server Acts as a relay of application-level traffic
  • 15. Types of Firewalls Advantages: Higher security than packet filters Only need to scrutinize a few allowable applications Easy to log and audit all incoming traffic Disadvantages: Additional processing overhead on each connection (gateway as splice point)
  • 16. Types of Firewalls Circuit-level Gateway
  • 17. Types of Firewalls Circuit-level Gateway The security function consists of determining which connections will be allowed Typically use is a situation in which the system administrator trusts the internal users An example is the SOCKS package
  • 18. Firewall Configurations Bastion host a system identified by firewall administrator as a critical strong point in the networks security typically serves as a platform for an application-level or circuit-level gateway extra secure O/S, tougher to break into. Dual homed gateway Two network interface cards: one to the outer network and the other to the inner A proxy selectively forwards packets. Screened host firewall system Uses a network router to forward all traffic from the outer and inner networks to the gateway machine. Screened-subnet firewall system
  • 21. Firewalls V/S Packet Filters Firewalls A firewall is a computer connected to both a private (protected) network and a public (unprotected) network, which receives and resubmits specific kinds of network requests on behalf of network clients on either the private or public network. Firewalls involve proxies. A proxy acts as a middle-man in a network transaction. Rather than allowing a client to speak directly to a server, the proxy server receives the request from the client, and then resubmits the request, on behalf of the client, to the target server. Firewalls are not routers or address translators. Never does a firewall copy or forward a packet from the internal network to the external network, or vice versa. The internal network uses private address space.
  • 22. Firewalls V/S Packet Filters Packet Filters A packet filter is a set of rules, applied to a stream of data packets, which is used to decide whether to permit or deny the forwarding of each packet. Using a packet filter, an administrator can decide what types of packets are allowed into or out of a network or computer. Some devices, such as the Cisco PIX, combine address translation with packet filtering. Like a firewall, this prevents the outside network from having knowledge of the address space on the protected network. This certainly improves security, but, strictly speaking, this is not a firewall. It is worth noting that any good firewall will also employ packet filtering. This is done to protect the firewall itself from intrusion and to isolate intruders from the internal network should an attacker gain control of the firewall.
  • 23. When You Would Want a Third-Party Firewall By default, the Windows firewall only does whats really important: block incoming connections. It has some more advanced features, but theyre in a hidden, harder-to-use interface. For example, most third-party firewalls allow you to easily control which applications on your computer can connect to the Internet. Theyll pop up a box when an application first initiates an outgoing connection. This allows you to control which applications on your computer can access the Internet, blocking certain applications from connecting. This can be a little annoying, but it does give you more control if youre a power user. If you want a firewall with loads of features, GlassWire is a third party firewall that is really nice. Rather than just being a firewall, it also shows you beautiful graphs of network activity, lets you drill down into exactly which application is connecting to where, and how much bandwidth an individual application is using.