computer network firewall
TRANSCRIPT
-
8/4/2019 Computer Network Firewall
1/20
-
8/4/2019 Computer Network Firewall
2/20
1
Four major types of firewalls in OSI2
Window firewalls3
Firewall
-
8/4/2019 Computer Network Firewall
3/20
An internetwork gateway that restricts data communicationtraffic to and from one of the connected networks (the onesaid to be "inside" the firewall) and thus protects that
network's system resources against threats from the othernetwork (the one that is said to be "outside" the firewall).
A firewall is hardware, software, or a combination of boththat is used to prevent unauthorized programs or Internetusers from accessing a private network and/or a singlecomputer
-
8/4/2019 Computer Network Firewall
4/20
Hardware Firewalls
Protect an entire network
Implemented on the router level
Usually more expensive, harder to configure
Software Firewalls
Protect a single / group of computers Usually less expensive, easier to configure
-
8/4/2019 Computer Network Firewall
5/20
Intranet
DMZInternet
Firewall
Firewall
Web server, email
server, web proxy,etc
-
8/4/2019 Computer Network Firewall
6/20
DeMilitarized Zone: a portion of a networkthat separate a purely internal network from
an external network.
-
8/4/2019 Computer Network Firewall
7/20
Allow traffic that flows automaticallybecause it has been deemed as safe (Ex.
Meeting Maker, Eudora, etc.) Block traffic that is blocked because it has
been deemed dangerous to your computer Ask asks the user whether or not the traffic
is allowed to pass through
-
8/4/2019 Computer Network Firewall
8/20
GO BACK
-
8/4/2019 Computer Network Firewall
9/20
Packet filters
work at the network level.
compared to a set of criteria before it is forwarded
Advantages: low cost, low impact on networkperformance.
Disadvantages: does not support sophisticated rulebased models.
GO BACK
-
8/4/2019 Computer Network Firewall
10/20
GO BACK
-
8/4/2019 Computer Network Firewall
11/20
Circuit level gateways work at the session layer
monitor TCP handshaking between packets to
determine whether a requested session is legitimate Information passed to remote computer through a
circuit level gateway appears to have originated fromthe gateway.
Advantages: relatively inexpensive , hidinginformation about the private network Disadvantages:they do not filter individual packets.
GO BACK
-
8/4/2019 Computer Network Firewall
12/20
GO BACK
-
8/4/2019 Computer Network Firewall
13/20
Application level gateways
work at the application layer
Incoming or outgoing packets cannot access servicesfor which there is no proxy
filter application specific commands
can also be used to log user activity and logins.
Advantages: a high level of security Disadvantages: having a significant impact on network
performance, not transparent to end users.
GO BACK
-
8/4/2019 Computer Network Firewall
14/20
GO BACK
-
8/4/2019 Computer Network Firewall
15/20
Stateful multilayer inspection firewalls work at the application , session, network layer.
They filter packets at the network layer, determinewhether session packets are legitimate and evaluatecontents of packets at the application layer
They allow direct connection between client and host,alleviating the problem caused by the lack oftransparency of application level gateways. can alsobe used to log user activity and logins.
Advantages: a high level of security, goodperformance, transparency to end users
Disadvantages: they are expensive and complex.
GO BACK
-
8/4/2019 Computer Network Firewall
16/20
In 2003, Sasser worm and blaster wormattacked a large number of Windows machines,taking advantage of flaws in the RPC Windowsservice. Adding to that, Microsoft was criticizedfor not being active in protecting customersfrom threats. Therefore, Microsoft decided toimprove both functionality and the interface ofWindows XPs built-in firewall, and rebrand itas: Windows Firewall.
GO BACK
-
8/4/2019 Computer Network Firewall
17/20
Windows Firewall helps protecting yourcomputer by preventing unauthorized users
from gaining access to your computerthrough a network or internet.
GO BACK
-
8/4/2019 Computer Network Firewall
18/20
Help block computer viruses and wormsfrom reaching your computer.
Ask for your permission to block or unblockcertain connection requests.
Create a record (a security log)
-
8/4/2019 Computer Network Firewall
19/20
GO BACK
-
8/4/2019 Computer Network Firewall
20/20