Unit-3

Internet security refers to securing communication over the internet. It includes specific security protocols
such as:
 Internet Security Protocol (IPSec)
 Secure Socket Layer (SSL)

Internet Security Protocol (IPSec)

It consists of a set of protocols designed by Internet Engineering Task Force (IETF). It provides security at
network level and helps to create authenticated and confidential packets for IP layer.

Secure Socket Layer (SSL)

It is a security protocol developed by Netscape Communications Corporation. ). It provides security at
transport layer. It addresses the following security issues:
 Privacy
 Integrity
 Authentication

Internet security is a branch of computer security. It encompasses the Internet, browser security,
web site security,[1] and network security as it applies to other applications or operating
systems as a whole. Its objective is to establish rules and measures to use against attacks over the
Internet.[2] The Internet is an inherently insecure channel for information exchange, with high risk
of intrusion or fraud, such as phishing,[3] online viruses, trojans, ransomware and worms.

Introduction of Firewall in Computer Network:-

A firewall is a network security device, either hardware or software-based, which monitors all
incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects or
drops that specific traffic. Accept : allow the traffic Reject : block the traffic but reply with an
“unreachable error” Drop : block the traffic with no reply A firewall establishes a barrier between
secured internal networks and outside untrusted network, such as the Internet.
 History and Need for Firewall

Before Firewalls, network security was performed by Access Control Lists (ACLs) residing on
routers. ACLs are rules that determine whether network access should be granted or denied to
specific IP address. But ACLs cannot determine the nature of the packet it is blocking. Also, ACL
alone does not have the capacity to keep threats out of the network. Hence, the Firewall was
introduced. Connectivity to the Internet is no longer optional for organizations. However, accessing
the Internet provides benefits to the organization; it also enables the outside world to interact with
the internal network of the organization. This creates a threat to the organization. In order to
secure the internal network from unauthorized traffic, we need a Firewall.

Types of Firewall
Firewalls are generally of two types: Host-based and Network-based.
1. Host- based Firewalls : Host-based firewall is installed on each network node which controls
each incoming and outgoing packet. It is a software application or suite of applications, comes
as a part of the operating system. Host-based firewalls are needed because network firewalls
cannot provide protection inside a trusted network. Host firewall protects each host from
attacks and unauthorized access.
2. Network-based Firewalls : Network firewall function on network level. In other words, these
firewalls filter all incoming and outgoing traffic across the network. It protects the internal
network by filtering the traffic using rules defined on the firewall. A Network firewall might have
two or more network interface cards (NICs). A network-based firewall is usually a dedicated
system with proprietary software installed.

Advantages of using Firewall

1. Protection from unauthorized access: Firewalls can be set up to restrict incoming traffic from
particular IP addresses or networks, preventing hackers or other malicious actors from easily
accessing a network or system. Protection from unwanted access.
2. Prevention of malware and other threats: Malware and other threat prevention: Firewalls can
be set up to block traffic linked to known malware or other security concerns, assisting in the
defense against these kinds of attacks.
3. Control of network access: By limiting access to specified individuals or groups for particular
servers or applications, firewalls can be used to restrict access to particular network resources
or services.
4. Monitoring of network activity: Firewalls can be set up to record and keep track of all
network activity. This information is essential for identifying and looking into security problems
and other kinds of shady behavior.
5. Regulation compliance: Many industries are bound by rules that demand the usage of
firewalls or other security measures. Organizations can comply with these rules and prevent
any fines or penalties by using a firewall.
6. Network segmentation: By using firewalls to split up a bigger network into smaller subnets,
the attack surface is reduced and the security level is raised.

Disadvantages of using Firewall

1. Complexity: Setting up and keeping up a firewall can be time-consuming and difficult,

especially for bigger networks or companies with a wide variety of users and devices.
2. Limited Visibility: Firewalls may not be able to identify or stop security risks that operate at
other levels, such as the application or endpoint level, because they can only observe and
manage traffic at the network level.
3. False sense of security: Some businesses may place an excessive amount of reliance on
their firewall and disregard other crucial security measures like endpoint security or intrusion
detection systems.
4. Limited adaptability: Because firewalls are frequently rule-based, they might not be able to
respond to fresh security threats.
5. Performance impact: Network performance can be significantly impacted by firewalls,
particularly if they are set up to analyze or manage a lot of traffic.
6. Limited scalability: Because firewalls are only able to secure one network, businesses that
have several networks must deploy many firewalls, which can be expensive.
7. Limited VPN support: Some firewalls might not allow complex VPN features like split
tunneling, which could restrict the experience of a remote worker.
8. Cost: Purchasing many devices or add-on features for a firewall system can be expensive,
especially for businesses.

What is a Firewall?
A firewall can be defined as a special type of network security device or a software program that monitors
and filters incoming and outgoing network traffic based on a defined set of security rules. It acts as a
barrier between internal private networks and external sources (such as the public Internet).

The primary purpose of a firewall is to allow non-threatening traffic and prevent malicious or unwanted
data traffic for protecting the computer from viruses and attacks. A firewall is a cybersecurity tool that
filters network traffic and helps users block malicious software from accessing the Internet in infected
computers.

Functions of Firewall
As stated above, the firewall works as a gatekeeper. It analyzes every attempt coming to gain access to
our operating system and prevents traffic from unwanted or non-recognized sources.

Since the firewall acts as a barrier or filter between the computer system and other networks (i.e., the
public Internet), we can consider it as a traffic controller. Therefore, a firewall's primary function is to
secure our network and information by controlling network traffic, preventing unwanted incoming network
traffic, and validating access by assessing network traffic for malicious things such as hackers and
malware.

Generally, most operating systems (for example - Windows OS) and security software come with built-in
firewall support. Therefore, it is a good idea to ensure that those options are turned on. Additionally, we
can configure the security settings of the system to be automatically updated whenever available.

Firewalls have become so powerful, and include a variety of functions and capabilities with built-in
features:

o Network Threat Prevention

o Application and Identity-Based Control
o Hybrid Cloud Support
o Scalable Performance
o Network Traffic Management and Control
o Access Validation
o Record and Report on Events

Limitations of Firewall
When it comes to network security, firewalls are considered the first line of defense. But the question is
whether these firewalls are strong enough to make our devices safe from cyber-attacks. The answer may
be "no". The best practice is to use a firewall system when using the Internet. However, it is important to
use other defense systems to help protect the network and data stored on the computer. Because cyber
threats are continually evolving, a firewall should not be the only consideration for protecting the home
network.

The importance of using firewalls as a security system is obvious; however, firewalls have some
limitations:

o Firewalls cannot stop users from accessing malicious websites, making it vulnerable to internal
threats or attacks.
o Firewalls cannot protect against the transfer of virus-infected files or software.
o Firewalls cannot prevent misuse of passwords.
o Firewalls cannot protect if security rules are misconfigured.
o Firewalls cannot protect against non-technical security risks, such as social engineering.
o Firewalls cannot stop or prevent attackers with modems from dialing in to or out of the internal
network.
o Firewalls cannot secure the system which is already infected.

Therefore, it is recommended to keep all Internet-enabled devices updated. This includes the latest
operating systems, web browsers, applications, and other security software (such as anti-virus). Besides,
the security of wireless routers should be another practice. The process of protecting a router may include
options such as repeatedly changing the router's name and password, reviewing security settings, and
creating a guest network for visitors.

Types of Firewall
Depending on their structure and functionality, there are different types of firewalls. The following is a list
of some common types of firewalls:

o Proxy Firewall
o Packet-filtering firewalls
o Stateful Multi-layer Inspection (SMLI) Firewall
o Unified threat management (UTM) firewall
o Next-generation firewall (NGFW)
o Network address translation (NAT) firewalls

Difference between a Firewall and Anti-virus

Firewalls and anti-viruses are systems to protect devices from viruses and other types of Trojans, but
there are significant differences between them. Based on the vulnerabilities, the main differences
between firewalls and anti-viruses are tabulated below:

Attributes Firewall Anti-virus

Definition A firewall is defined as the system
which analyzes and filters incoming
or outgoing data packets based on
pre-defined rules.
Anti-virus is defined as the special type of
software that acts as a cyber-security
mechanism. The primary function of Anti-
virus is to monitor, detect, and remove any
apprehensive or distrustful file or software
from the device.

Structure Firewalls can be hardware and Anti-virus can only be used as software.
software both. The router is an Anti-virus is a program that is installed on
example of a physical firewall, and a the device, just like the other programs.
simple firewall program on the system
is an example of a software firewall.

Implementation Because firewalls come in the form of Because Anti-virus comes in the form of
hardware and software, a firewall can software, therefore, Anti-virus can be
be implemented either way. implemented only at the software level.
There is no possibility of implementing Anti-
virus at the hardware level.

Responsibility A firewall is usually defined as a Anti-viruses are primarily responsible for

network controlling system. It means detecting and removing viruses from
that firewalls are primarily responsible computer systems or other devices. These
for monitoring and filtering network viruses can be in the form of infected files
traffic. or software.

Scalability Because the firewall supports both Anti-viruses are generally considered less-
types of implementations, hardware, scalable than firewalls. This is because
and software, therefore, it is more anti-virus can only be implemented at the
scalable than anti-virus. software level. They don't support
 hardware-level implementation.

Threats A firewall is mainly used to prevent
network related attacks. It mainly
includes external network threats?for
example- Routing attacks and IP
Spoofing.
Anti-virus is mainly used to scan, find, and
remove viruses, malware, and Trojans,
which can harm system files and software
and share personal information (such as
login credentials, credit card details, etc.)
with hackers.

Information privacy:-
Information privacy is the relationship between the collection and dissemination of data, technology, the
public expectation of privacy, contextual information norms, and the legal and political issues surrounding them. It is
[1]

also known as data privacy or data protection.

[2]