Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Firewall Fundamentals

    Hochgeladen von

    Willy Van Steendam
    167 Ansichten14 Seiten
    This document provides an overview of firewall fundamentals, including definitions of firewalls, how they work, different types of firewall architectures and technologies, planning and implementation of firewalls, and their limitations. It discusses firewall taxonomy including software and appliance firewall products, host-based versus network firewalls, and technologies like packet filtering, stateful inspection, proxies. It also covers firewall architectures like DMZ designs, and the planning process including defining requirements, managing, configuring, deploying, and testing firewalls. Lastly, it notes limitations of firewalls in protecting from viruses, insider threats, unmonitored connections, and attacks on allowed services.

    Originalbeschreibung:

    fundamentals of firewalling

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PPTX, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    This document provides an overview of firewall fundamentals, including definitions of firewalls, how they work, different types of firewall architectures and technologies, planning and implementation of firewalls, and their limitations. It discusses firewall taxonomy including software and appliance firewall products, host-based versus network firewalls, and technologies like packet filtering, stateful inspection, proxies. It also covers firewall architectures like DMZ designs, and the planning process including defining requirements, managing, configuring, deploying, and testing firewalls. Lastly, it notes limitations of firewalls in protecting from viruses, insider threats, unmonitored connections, and attacks on allowed services.

    Copyright:

    © All Rights Reserved
    Als PPTX, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    167 Ansichten14 Seiten

    Firewall Fundamentals

    Hochgeladen von

    Willy Van Steendam
    This document provides an overview of firewall fundamentals, including definitions of firewalls, how they work, different types of firewall architectures and technologies, planning and implementation of firewalls, and their limitations. It discusses firewall taxonomy including software and appliance firewall products, host-based versus network firewalls, and technologies like packet filtering, stateful inspection, proxies. It also covers firewall architectures like DMZ designs, and the planning process including defining requirements, managing, configuring, deploying, and testing firewalls. Lastly, it notes limitations of firewalls in protecting from viruses, insider threats, unmonitored connections, and attacks on allowed services.

    Copyright:

    © All Rights Reserved
    Als PPTX, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 14

    Firewall Fundamentals

    Overzicht

    Introduction to Firewall

    Firewall Taxonomy

    Firewall Architectures

    Firewall Planning & Implementation

    Firewall Limitations

    2
    Introduction

    Firewalls are devices or programs that control the flow of network


    traffic between networks or hosts that employ differing security
    postures.

    3
    Introduction

    What can firewalls do?


    Manage and control network traffic
    Authenticate access
    Act as an intermediary
    Protect resources
    Record and report on events (IDS, NIDS, IPS)

    Firewalls operate at Layers 2, 3, 4, and 7 of the OSI model

    4
    Introduction

    How does a firewall work?


    deny/grant access based on the rules pre-defined by admin

    5
    Taxonomy

    FW Products
    Software
    ISA Server, Iptables, Comodo, ZoneAlarm,

    Appliance
    Cisco PIX, Checkpoint, SonicWall, WatchGuard,

    Integrated
    Multiple security functions in one single appliance: FW, IPS,
    VPN, Gateway Anti-virus/spam, data leak prevention

    Open vs. Closed Source FWs


    ipfw, ModSecurity, pfSense,
    6
    Taxonomy

    FW Technologies
    Host-based (or Personal) FW
    Windows FW, Firestarter,
    Network FW

    (Simple) Packet Filtering


    Stateful Inspection
    Application FWs
    Application-Proxy Gateways
    Dedicated Proxy Servers
    Transparent (Layer-2) FWs
    7
    Taxonomy

    FW Technologies

    Others (Network FW)

    NAT (it is actually a routing technology)


    VPN
    Network Access Control/Protection (NAC/NAP)
    Web Application FW
    Firewalls for Virtual Infrastructures
    Unified Threat Management (UTM)

    8
    Architectures

    DMZ
    Single (Three legged) firewall

    Firewall

    9
    Architectures

    DMZ
    Dual firewall

    Internal FW

    External FW

    10
    Planning & Implementation

    Plan

    Manage Configure

    Deploy Test

    11
    Limitations

    What a firewall CANT protect against:

    viruses/malwares
    internal threats (disgruntled workers, poor security
    policy)
    attacks that do not traverse the firewall (social
    engineering, personal modems or unauthorized
    wireless connections)
    attacks on services that are allowed through the
    firewall (HTTP, SMTP, FTP)
    12
    Conclusion

    Firewalls are an integral part of any Defense in Depth strategy

    13
    References

    [1] Firewall Fundamentals, Cisco Press (2006)

    [2] Tactical Perimeter Defense, Element K (2007)

    [3] Module 16 of CEH v7, EC-Council (2010)

    [4] Building Internet Firewalls 2nd Edition, O'Reilly (2000)

    [5] Guidelines on Firewalls and Firewall Policy, NIST (2009)

    14

    Das könnte Ihnen auch gefallen