Category: Education

Presentation Description

No description available.


Presentation Transcript




FireWall David Palmi and Scott Bauer



PowerPoint Presentation:

I ntroduction The Internet has made large amounts of information available to the average computer user at home, in business and in education . For many people, having access to this information is no longer just an advantage, it is essential . Yet connecting a private network to the Internet can expose critical or confidential data to malicious attack from anywhere in the world. Firewalls can protect both individual computers and corporate networks from hostile intrusion from the Internet, but must be understood to be used correctly.

PowerPoint Presentation:

What is a firewall A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service . It may be a hardware device or a software program running on a secure host computer . In either case, it must have at least two network interfaces, one for the network it is intended to protect, and one for the network it is exposed to. A firewall sits at the junction point or gateway between the two networks, usually a private network and a public network such as the Internet.

Types of Fire Walls:

Types of Fire Walls Firewalls use one or more of three methods to control traffic flowing in and out of the network. They are i . Application-filtering Firewall ii. Packet-filtering Firewall iii. Stateful Inspection Firewall

PowerPoint Presentation:

Application level Gateway Stateful Multilayer Inspection Firewall

PowerPoint Presentation:

Packet Filtering Firewall Circuit level Gateway

PowerPoint Presentation:

Hardware firewall providing protection to a Local Network.

PowerPoint Presentation:

Purpose of the Firewall This report provides an index of firewall tools, which are also described in the IATAC Firewalls. The tools listed in this Report were reviewed during the period 2 February – 2 May 2011 and represents a best effort to capture all/relevant tools and corresponding information . Scope of the Firewall This report addresses all types of firewalls as defined and described in Section . The Report’s authors recognize that a number of products being marketed as “firewalls” do not conform with this Report’s definition of a firewall .

PowerPoint Presentation:

What Does a Firewall D o A firewall examines all traffic routed between the two networks to see If it meets certain criteria. It can also manage public access to private networked resources such as host applications. It can be used to log all attempts to enter the private network and trigger alarms when unauthorized entry is attempted. Firewalls can filter packets based on their source and destination addresses and port numbers.

PowerPoint Presentation:

Who needs a firewall Anyone who is responsible for a private network that is connected to a public network needs firewall protection. Furthermore, anyone who connects so much as a single computer to the Internet via modem should have personal firewall software.

PowerPoint Presentation:

The OSI and TCP/IP

PowerPoint Presentation:

Implementation of a firewall We suggest you approach the task of implementing a firewall by going through the following steps: Determine the access denial methodology to use. It is recommended you begin with the methodology that denies all access by default. In other words, start with a gateway that routes no traffic and is effectively a brick wall with no doors in i t.

PowerPoint Presentation:

A firewall sufficient to secure data or not? The firewall is an integral part of any security program, but it is not a security program in and of itself. Security involves data integrity (has it been modified), service or application integrity (is the service available, and is it performing to spec), data confidentiality (has anyone seen it?) and authentication (are they really who they say they are).

PowerPoint Presentation:

Firewall related problems Firewalls introduce problems of their own. Information security involves constraints, and users don't like this. It reminds them that Bad Things can and do happen. Firewalls restrict access to certain services. The vendors of information technology are constantly telling us "anything, anywhere, any time", and we believe them .


Architecture Bastion Host or Screened Host

PowerPoint Presentation:

Firewall Appliance

Benefits of a firewall :

Benefits of a firewall Firewalls protect private local area networks from hostile intrusion from the Internet. Consequently, many LANs are now connected to the Internet where Internet connectivity would otherwise have been too great a risk. Firewalls allow network administrators to offer access to specific types of Internet services to selected LAN users. This selectivity is an essential part of any information management program, and involves not only protecting private information assets, but also knowing who has access to what.

Merits and demerits :

Merits and demerits Merits They can stop incoming requests to inherently insecure services. They can control access to other services e.g. bar callers from certain IP addresses, filter the service operations (both incoming and outgoing), e.g. stop They are more cost effective than securing each host on the corporate network since there is often only one or a few firewall systems to concentrate on .


Demerits They may restrict legitimate users from accessing valuable services, for example corporate users may not be let out onto the Web, or when working away from home a corporate user may not have full access to the organization’s network. They do not protect against backdoor attacks, and may encourage users to enter and leave via the backdoor, particularly if the service restrictions are sever enough . Examples of backdoor entrance points to the corporate network are: modems, and importing/exporting floppy disk.

Firewall can protect against: :

Firewall can protect against: Data corruption or theft due to unauthorized access to the network. Exploitation of software application bugs. Spoofing (IP or DNS) Denial-of-Service (disrupting, crashing, jamming, or flooding) Unwanted access to services not offered (ftp, http, etc) Network-borne attack s


Conclusion The configuration shown it is even more secure that the screened subnet seen in the previous section. It is used by a bank to protect its internal network from direct access from the Internet. Users from the Internet have to pass through to application proxies before they can access the bank’s intranet.

PowerPoint Presentation:

Queries ?

authorStream Live Help