FIREWALL - PowerPoint PPT Presentation

1 / 35
About This Presentation
Title:

FIREWALL

Description:

Why We Need a Firewall: Connecting to the Internet is like opening a door ... Guidelines on Firewalls and Firewall Policy by John Wack, Ken Cutler, Jamie Pole. ... – PowerPoint PPT presentation

Number of Views:554
Avg rating:3.0/5.0
Slides: 36
Provided by: tishree
Category:
Tags: firewall | wack

less

Transcript and Presenter's Notes

Title: FIREWALL


1
  • FIREWALL

MASTER OF COMMINUCATION ADVANCED NETWORKING
PROJECT
Supervised by associate professor Dr Hassan
Abbas
Prepared by Eng Reem Issa
2
Outline
  • Why We Need a Firewall
  • What is the Firewall
  • Types of Firewalls

3
Firewall
  • Why We Need a Firewall
  • Connecting to the Internet is like opening a door
    to your computer. Through that door, you can
    easily go online to shop, read the latest news,
    send e-mail, and more.
  • But an open door also allows hackers to easily
    gain access to your PC. hackers can steal your
    valuable personal data, such as bank account
    numbers and passwords.
  • firewall shuts your computer's door to hackers,
    allowing only authorized traffic to flow through.

4
Firewall
  • Is a system designed to prevent unauthorized
    access to or from a private network .
  • firewalls can be performed in both hardware and
    software or a combination of both.
  • Firewalls provide the first level of defense for
    computers that exchange information
  • And work as a barrier between a protected network
    and an unsecured network

5
Figure 1
firewall
6
HOW IT WORKS??
  • All incoming and outgoing packets from the
    network must pass through the firewall
  • The firewall examines each packets according to
    the security criteria and blocks those packets
    which do not meet the criteria.

7
Types of firewalls
  • 1.packet-filtering
  • 2.circuit- level gateway
  • 3.Application-Level Gateway
  • 4.Hybrid Firewall Technologies

8

Packet Filters
  • The most basic type of firewall .
  • Packet filter firewalls are essentially routing
    devices that include access control functionality
    for system addresses and communication sessions.
  • The access control functionality of a packet
    filter firewall is governed by set of rules.

9
Packet Filters
  • Packet filters operate at the Network Layer to
    examine incoming and outgoing packets and apply a
    fixed set of rules to the packets to determine
    whether they will be allowed to pass.
  • The packet filter firewall is typically very fast
    because it does not examine any of the data in
    the packet.

10
Packet Filters
  • It simply examines the IP packet header, the
    source and destination IP addresses, and the
    port, then it applies filtering rules.

11
Figure 2
12
Packet Filtering Figure 3
Discard or allow packets based on configurable
criteria
ACCEPT !!!!!
Drop!!!
Internet
13
Advantage
  • Packet filtering is fast, flexible, transparent
    (no changes are required at the client) and
    cheap.
  • Most routers will provide packet filtering
    capabilities, and pure packet filter firewalls do
    not require powerful hardware.
  • This type of filter is used in small to medium
    business that need to control where users can or
    cannot go.

14
Basic Weaknesses Of Packet Filters
  • 1-Because packet filter firewalls do not examine
    upper-layer data, they cannot prevent attacks
    that employ application-specific vulnerabilities
    or functions
  • 2- Because of the limited information available
    to the firewall, the logging functionality
    present in packet filter firewalls is limited.
    Packet filter logs normally contain source
    address, destination address, and traffic type.

15
  • Consequently, packet filter firewalls are very
    suitable for high-speed environments where
    logging and user authentication with network
    resources are not important.

16
Circuit-level Gateways
  • known as stateful packet inspection firewalls.
  • In the circuit-level firewall, all connections
    are monitored and only the connections that are
    found to be valid are allowed to pass through the
    firewall.

17
Circuit-level Gateways
  • stateful firewall is able to hold in memory
    significant characteristic of each connection,
    from start to finish. These characteristic known
    as the state of the connection, may include
    details as the IP addresses and ports involved in
    the connection and the sequence numbers of the
    packets passing the connection.

18
Circuit-level Gateways
  • When packet arrives at firewall from the
    Internet, the firewall must decide if it should
    be pass .
  • Then the firewall looks to see what connections
    have been opened from the inside of network to
    the Internet. If there is a connection open that
    applies to the packet that has arrived from the
    Internet then it will be allowed through,
    otherwise it will be rejected.

19
Circuit-level Gateways
  • The firewall looks at the source and destination
    IP addresses, the source and destination ports
    and the sequence numbers to decide if the packet
    belongs to a current open connection
  • source port will be some number greater
  • than 1023 and less than 16384.
  • the destination port on the host will be
  • low-numbered port less than 1024

20
  • the firewall builds dynamic state tables It
    uses these tables to keep track of the
    connections that go through the firewall then
    allowing all packets that meet the rule set's to
    pass.
  • Stateful inspections usually occur at the
    Transport Layer, thus making it fast and
    preventing suspect packets from traveling up.

21
Advantage And Disadvantages
  • It inexpensive, fast
  • More secure, because they maintain the
  • connection state
  • Disadvantages
  • Lack of application awareness

22
Application Proxy gateway
  • Firewall proxy servers operate at the application
    layer. A firewall proxy server is an application
    that acts as an intermediary between two end
    systems. No direct connection between trusted and
    entrusted network.
  • Application proxy mediates connections

23
Application Proxy gateway
  • each proxy has the ability to require
    authentication of each individual network user.
  • This user authentication can take many forms,
    including the following
  • User ID and Password Authentication
  • Source Address Authentication

24
Application Proxy gateway
  • Proxy server firewalls have large
  • processor and memory requirements in order to
    support many simultaneous users

25
Application Proxy gateway
  • To reduce the load on the firewall and faster the
    process, A proxy service must be run for each
    type of Internet application the firewall will
    support a Simple Mail Transport Protocol (SMTP)
    proxy for e-mail, an HTTP proxy for Web services
    and so on. Proxy servers are almost always
    one-way arrangements running from the internal
    network to the outside network.

26
Figure 4
27
Advantages
  • Best security
  • work at application layer
  • Full application awareness
  • Information hiding
  • Authentication of network users based on their
    user ID and password
  • Extensive logging capabilities

28
Disadvantages
  • Very slow
  • Less flexible, for any new application
  • New proxy, harder to adapt to new technologies
  • Not suited to real-time applications Because of
    the full packet awareness the firewall is
    forced to spend more time in reading and
    interpreting each packet.

29
Hybrid Firewall Technologies
  • As a result of advances in network infrastructure
    engineering and information security. firewall
    products incorporate functionality from several
    different classifications of firewall to offset
    some of the weaknesses associated with firewall.

30
Hybrid Firewall Technologies
  • It Combine best of stateful inspection and
  • application gateway technologies
  • Achieve better balance between security and
    performance
  • Inspect and filter the packet from the network
  • level (network layer) up to the data content
  • (application layer)
  • Allow direct connection between client and
  • server when acting as stateful inspection
    firewall

31
The Algorithm Of the Packet Filter
  • Every packet has the following five fields

32
The Algorithm Of the Packet Filtering
  • 1. Rule r1 (I 1) and (S any) and
  • (D Mail Server) and (T 25) and (P tcp) ?
    accept
  • (This rule allows incoming SMTP packets to
    proceed to the mail server.)
  • 2. Rule r2 (I 1) and (S Malicious Hosts) and
    (D any) and (N any) and (P any) ? discard
  • (This rule discards incoming packets from
    previously known malicious hosts.)

33
The Algorithm Of the Packet Filtering
  • 3. Rule r3 (I 0) and (S server) and (D
    any) and (N any) and (P any) ? accept
  • (This rule allows any outgoing packet to
    proceed.)

34
Reference
  • Guidelines on Firewalls and Firewall Policy by
    John Wack, Ken Cutler, Jamie Pole.
  • www.csrc.nist.gov
  • Firewall Architecture A Nextep Broadband White
    Paper
  • www.nextep.com.au
  • www. Howstuffworks.com
  • Firewall Design Consistency, Completeness, and
    Compactness by Mohamed G. Gouda and Xiang-Yang
    Alex Liu
  • www.cse.msu.edu

35
  • THANKS
  • For your attention
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "FIREWALL" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!