Beruflich Dokumente
Kultur Dokumente
1.Definition of Firewall
2.Need of Firewall
3.Firewall Design Principles
4.Firewall Characteristics
6.Types of Firewall
7. Implementation of Firewall
2
What is a Firewall ?
A firewall :
Internet
◦Acts as a security gateway
between two networks
Usually between trusted and
untrusted networks (such as “Allow Traffic
between a corporate network to Internet”
and the Internet)
◦Tracks and controls network
communications
Decides whether to pass,
reject, encrypt, or log
communications (Access
Control)
Corporate
Site
3
Rules Determine
WHO ? WHEN ?
WHAT ? HOW ?
INTERNET My
PC
Secure
Private
Firewall Network
4
Need for Firewall
2. Networking Location:
-It consist of number of LAN’s, interconnecting PC’s and servers.
Firewall Design Principles
3. Enterprise-wide network:
-It consist of multiple, geographical distributed location of networks that are
interconnected by a private wide area network
4. Internet connectivity:
-It is where the various located networks hook into the internet and may or
my not be connected by private WAN
04/08/15 Firewall 7
Firewall Characteristics
1.All traffic from inside to outside must pass through the firewall
(physically blocking all access to the local network except via the
firewall)
8
Firewall Limitations
Application:
A firewall is a networking device –hardware, software or a
combination of both-whose purpose is to enforce a security policy across
its connection.
Working:
Firewalls enforce the establishment security policies. Variety of
mechanisms includes:
a) Firewalls can monitor and filter on the application layer (Layer 7),
as well as doing the traditional filtering such as packet filtering and
stateful packet inspection.
b) Application layer proxies are able to look deep within the packets
(traffic) content, and look for inconsistencies, invalid or
malicious commands, and executable programs.
Types of Firewalls
13
Software Firewall
1. Designed to run on a single computer so also called as “Personal Firewall”
2. It prevents unauthorized access to computer over a network connection by
identifying ports.
3. It can detect “suspicious activity” from outside world.
Example:
Norton 36,BlackICE
Advantages:
1. Easy to Configure
2. Restrict specific application from internet
Disadvantages:
Example:
CheckPoint,SonicWall
Advantages:
1. High Speed
2. More secure
3. No interference
Disadvantages:
1. Complex to configure
Proxy Server
1. A firewall proxy server is an application which act as a mediator two end
system.
2. A proxy server will receive a request from inside client, then the firewall will
send this request to the remote server outside of the firewall on behalf if
inside client.
3. Then the response from the server is read and send back to the client
Hybrid
3. In this some host resides inside the firewall and some resides outside
the firewall.
18
a)Source IP address :
IP address of system who generates the IP Packet.
b)Destination IP address:
IP address of system where IP packet is trying to
reach.
g)Interface:
It is for router who uses three or more ports
Packet Filtering Firewall
Trusted Untrusted
Network Firewall Network
rule set
04/08/15 Firewall 20
Packet Filtering Firewall
A packet filtering firewall is often called a network layer firewall because
the filtering is primarily done at the network layer (layer three) or the
transport layer (layer four) of the OSI reference model.
04/08/15 Firewall 21
Packet-filtering Router
Advantages:
◦Simplicity
◦Transparency to users
◦High speed
Disadvantages:
22
Application-level Gateway
1. Application level firewalls work at the Application layer of the OSI model.
4. Both the client and the server connect to these proxies instead of connecting
directly to each other.
24
Application-level Gateway
•Advantages
1.Proxy can log all connections, activity in connections
2.Proxy can provide caching
3.Proxy can do intelligent filtering based on content
4.Proxy can perform user-level authentication
•Disadvantages
1.Not all services have proxied versions
2.May need different proxy server for each service
3.Requires modification of client
4.Performance
04/08/15 Firewall 25
THANK
YOU
For more detail contact us
04/08/15 Firewall 26