This document discusses firewalls as a tool for information security. It defines a firewall as a barrier placed between a trusted and untrusted network that controls and monitors network traffic by imposing restrictions based on rules set by the network administrator. It then describes four main types of firewalls: packet filtering firewalls, circuit level gateways, application level gateways, and stateful multilayer inspection firewalls. Packet filtering firewalls inspect individual packets for allowed source/destination addresses and ports, while circuit level gateways monitor entire TCP sessions. Application level gateways act as a proxy for all network traffic. Stateful multilayer inspection firewalls provide the strongest security by deeply inspecting traffic at multiple levels.
This document discusses firewalls as a tool for information security. It defines a firewall as a barrier placed between a trusted and untrusted network that controls and monitors network traffic by imposing restrictions based on rules set by the network administrator. It then describes four main types of firewalls: packet filtering firewalls, circuit level gateways, application level gateways, and stateful multilayer inspection firewalls. Packet filtering firewalls inspect individual packets for allowed source/destination addresses and ports, while circuit level gateways monitor entire TCP sessions. Application level gateways act as a proxy for all network traffic. Stateful multilayer inspection firewalls provide the strongest security by deeply inspecting traffic at multiple levels.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online from Scribd
This document discusses firewalls as a tool for information security. It defines a firewall as a barrier placed between a trusted and untrusted network that controls and monitors network traffic by imposing restrictions based on rules set by the network administrator. It then describes four main types of firewalls: packet filtering firewalls, circuit level gateways, application level gateways, and stateful multilayer inspection firewalls. Packet filtering firewalls inspect individual packets for allowed source/destination addresses and ports, while circuit level gateways monitor entire TCP sessions. Application level gateways act as a proxy for all network traffic. Stateful multilayer inspection firewalls provide the strongest security by deeply inspecting traffic at multiple levels.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online from Scribd
SECURITY] OUTLINE What is a Firewall..?? Firewall Design Principles Firewall characteristics Firewall Types Configurations Illustration of a Firewall What is a Firewall..??? A firewall is a “choke point/guard box” of controlling and monitoring the network traffic. It is a barrier placed between a trusted and an untrusted network. It imposes restrictions on network services. Using rules set up by the Network Administrator, the firewall either permits or denies access. A firewall will also gather evidence of attacks, potentially allowing an organization to pursue legal action. Firewall.. An effective means of protecting a local system or network of systems from network-based security threats. Firewall Example FIREWALL DESIGN PRINCIPLES Firewall Types Firewall Types
Packet Filtering Firewalls
Circuit Level Gateways
Application Level Gateways
Stateful Multilayer Inspection
Firewalls Firewall Types Receive, inspect, and make decisions about all incoming packets before they reach the protected parts of a network. 1. Packet filters A packet is a small file that contains the following: the data, acknowledgment, request or command from the originating system; the source IP address and port; the destination IP address and port; information about the “protocol” by which the packet is to be handled; information for detecting errors; information on the type and status of the data being sent; and…. Packet filtering takes place at the lowest layer in the hierarchy of network processes. It allows, or disallows, packets based on their: source IP address; destination port number; Protocol; Packet Filters diagram1 Packet Filters diagram2 Circuit Level Gateways (or Circuit Relays) monitor TCP handshaking between packets to determine whether a requested session is legitimate. Information passed to a remote computer through a circuit level gateway appears to have originated from the gateway. useful for hiding information about protected networks. Circuit level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect. On the other hand, they do not filter individual packets. The firewall then checks to see if the sending host has permission to send to the destination, and that the receiving host has permission to receive from the sender. Circuit Level Gateways diagram1 Circuit Level Gateways diagram2 Application Gateways Application level gateways or proxy firewalls are software applications with two primary modes. This method ensures that all incoming connections are always made with the proxy client, while outgoing connections are always made with the proxy server. Application Gateways diagram1 Application Gateways diagram2 Stateful Multilayer Inspection Firewalls Stateful multilayer inspection firewalls provide the best security of the four firewall types by monitoring the data being communicated at application socket or port layer as well as the protocol and address level to verify that the request is functioning as expected. Firewall would not permit changes, the connection will discontinue. Stateful inspection systems can dynamically open and close ports for each session Stateful Multilayer Inspection diagram Firewall Limitations: The firewall cannot protect against attacks that bypass the firewall The firewall does not protect against internal threats, such as a disgruntled employee or an employee who unwittingly cooperates with an external attacker. The firewall cannot protect against the transfer of virus-infected programs or files. Finally, firewalls do not run themselves; they need to be actively managed. Conclusion One of the best things about a firewall from a security standpoint is that it stops anyone on the outside from logging onto a computer in your private network. While this is a big deal for businesses, most home networks will probably not be threatened in this manner. Still, putting a firewall in place provides some peace of mind. THANK YOU