Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Firewall

    Hochgeladen von

    Sani Rathour
    11 Ansichten8 Seiten
    ghjklhjk

    Originaltitel

    ABC

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PPTX, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    ghjklhjk

    Copyright:

    © All Rights Reserved
    Als PPTX, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    11 Ansichten8 Seiten

    Firewall

    Hochgeladen von

    Sani Rathour
    ghjklhjk

    Copyright:

    © All Rights Reserved
    Als PPTX, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 8

    Firewall

    Definition
    A firewall is a network security device that monitors incoming
    and outgoing network traffic and decides whether to allow or
    block specific traffic based on a defined set of security rules.
    Firewalls have been a first line of defense in network security for
    over 25 years. They establish a barrier between secured and
    controlled internal networks that can be trusted and untrusted
    outside networks, such as the Internet.
    A firewall can be hardware, software, or both.
    Watch tutorial
    Packet filtering firewall
    On the Internet, packet filtering is the process of passing or
    blocking packets at a network interface based on source and
    destination addresses, ports, or protocols. The process is used in
    conjunction with packet mangling and Network Address
    Translation (NAT). Packet filtering is often part of
    a firewall program for protecting a local network from unwanted
    intrusion. In a software firewall, packet filtering is done by a
    program called a packet filter. The packet filter examines the
    header of each packet based on a specific set of rules, and on
    that basis, decides to prevent it from passing (called DROP) or
    allow it to pass (called ACCEPT).
    There are three ways in which a packet filter can be configured, once
    the set of filtering rules has been defined.

    1. In the first method, the filter accepts only those packets that it is
    certain are safe, dropping all others. This is the most secure mode, but
    it can cause inconvenience if legitimate packets are inadvertently
    dropped.

    2. In the second method, the filter drops only the packets that it is
    certain are unsafe, accepting all others. This mode is the least secure,
    but is causes less inconvenience, particularly in casual Web browsing.

    3. In the third method, if the filter encounters a packet for which its
    rules do not provide instructions, that packet can be quarantined, or
    the user can be specifically queried concerning what should be done
    with it. This can be inconvenient if it causes numerous dialog boxes to
    appear, for example, during Web browsing.
    Application layer firewall
    An application firewall is an enhanced firewall that limits access
    by applications to the operating system (OS) of a computer.
    Conventional firewalls merely control the flow of data to and
    from the central processing unit (CPU), examining
    each packet and determining whether or not to forward it
    toward a particular destination. An application firewall offers
    additional protection by controlling the execution of files or the
    handling of data by specific applications.
    Application layer firewall are of two types: network based and host
    based.
    Network-based-
    A network-based firewall controls traffic going in and out of a network.
    It does this by filtering traffic based on firewall rules and allows only
    authorized traffic to pass through it. Most
    organizations include at least one network-based firewall at the
    boundary between their internal network and the Internet.
    The network-based firewall is usually a dedicated system with
    additional software installed to monitor, filter, and log traffic. For
    example, a popular network-based firewall used in many larger
    environments is Sidewinder. This is a dedicated server with proprietary
    firewall software installed.
    A network-based firewall would have two or more network interface
    cards (NICs) and all traffic passes through the firewall. Many network-
    based firewalls are dedicated servers or appliances.
    Host based filtering
    Some companies use host-based firewalls in addition to
    perimeter-based firewalls in order to enhance internal security.
    For example, some of the malware attacks that may get past a
    perimeter firewall can be stopped at the individual device or
    workstation, using a host-based firewall.
    A host-based firewall setup can also be simpler for some users.
    The host-based firewall can also be configured to the particular
    computer, where customization can make the firewall more
    effective.
    Difference between network based
    and host based
    A host-based firewall is a firewall installed on each individual
    server that controls incoming and outgoing network traffic and
    determines whether to allow it into a particular device (i.e. the
    Microsoft firewall that comes with a Windows-based computer).
    A network-based firewall is a firewall that is built into the
    infrastructure of the cloud (i.e. Amazon’s firewall in AWS
    environments) or a virtual firewall service such as those offered
    by Cisco, VMware and Check Point.

    Das könnte Ihnen auch gefallen