data security in local network using distributed firewall ppt
DESCRIPTION
A seminar ppt on domain networking tittled Data security in local network using distributed firewallTRANSCRIPT
![Page 1: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/1.jpg)
Data Security in LAN Data Security in LAN using Distributed using Distributed FirewallFirewall
1
Presented by Sabreen Irfana GMIT
Guided by: Mr. Santosh Kumar B.E ,M Tech Asst prof ,Dept ISE GMIT
![Page 2: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/2.jpg)
AbstractAbstract
Computer and networking have become inseparable now .
A number of confidential transaction occur every second and today computers are used mostly for transaction rather than processing of data, so Data security is needed to prevent hacking of data and to provide authenticated data transfer
2
![Page 3: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/3.jpg)
..ContdContd
Data security can be achieved by Firewall Conventional firewall relay on the notion of
restricted topology and controlled entry point
Restricting the network topology difficult in filtering certain protocols, expanding network and few more problems leads to the evolution of DISTRIBUTED FIREWALL
3
![Page 4: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/4.jpg)
ContentsContents
Introduction to Security and Firewalls
Problems with traditional Firewalls Distributed Firewall Concept Distributed Firewall Implementation Conclusions
4
![Page 5: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/5.jpg)
FirewallsFirewalls
Firewall is a device or set of instruments designed to permit or deny network transmissions based upon a set of rules and regulations which are frequently used to protect networks from unauthorized access
In most systems today, the firewall is the software that implements the “security policy” for a system
A firewall is typically placed at the edge of a system and acts as a filter for unauthorized traffic5
![Page 6: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/6.jpg)
Security PolicySecurity Policy
A “security policy” defines the security rules of a system.
Without a defined security policy, there is no way to know what access is allowed or disallowed
An example policy: (simple)◦ Allow all connections to the web server◦ Deny all other access
6
![Page 7: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/7.jpg)
Firewall ExampleFirewall Example
7
![Page 8: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/8.jpg)
Firewall DrawbacksFirewall Drawbacks
Traditional Firewalls uses restricted topology of the network
Donot protect networks from internal attack
Certain protocols (FTP, Real-Audio) are difficult for firewalls to process
Assumes inside users are “trusted”
single points of access make firewalls hard to manage8
![Page 9: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/9.jpg)
.contd.contd
1.Restricted topology
9
![Page 10: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/10.jpg)
.contd .contd
2 .Assumes inside users are trusted
10
![Page 11: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/11.jpg)
.contd .contd
3.Single point of failure or access
11
![Page 12: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/12.jpg)
..Data security ThreatsData security Threats
IP Spoofing or IP masquerading
12
A10.10.10.1
B134.117.1.60
B
10.10.10.1
Src_IP
134.117.1.60
dst_IP
Any (>1024)
Src_port
80
dst_port
11.11.11.1
Src_IP
134.117.1.60
dst_IP
Any (>1024)
Src_port
80
dst_port
spoofed
![Page 13: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/13.jpg)
.cont IP spoofing.cont IP spoofing
13
sender ip spoofed packet
victim
partnerdst: victim
src: partner
Oh, my partner sent me a packet. I’ll process this.
impersonation
![Page 14: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/14.jpg)
.contd.contd
Session hijacking
14
![Page 15: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/15.jpg)
contdcontd
Denial of service(DOS)
15
![Page 16: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/16.jpg)
Distributed Firewall Distributed Firewall ConceptConcept
Destributed firewall is a mechanism to enforce a
network domain security policy through the use
of policy language
Security policy is defined centrally
Enforcement of policy is done by network endpoint(s) where is the hackers try to penetrate
16
![Page 17: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/17.jpg)
..contdcontd
It filters traffic from both the internal and
internet network
They overcome the single point of failure concept
17
![Page 18: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/18.jpg)
18
![Page 19: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/19.jpg)
Architecture of Architecture of Distributed FirewallsDistributed Firewalls
The whole distributed firewall system consists of four main parts:
I. The management center
II. Policy actuator:
III.Remote endpoint connectors
IV.Log server
19
![Page 20: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/20.jpg)
.contd.contd
20
![Page 21: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/21.jpg)
PBNA SystemPBNA System
Policy Based Network Management System
21
![Page 22: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/22.jpg)
Standard Firewall ExampleStandard Firewall Example
22
Corporate NetworkCorporateFirewall
Internet
InternalExternal
ExternalHost
InternalHost
1
InternalHost
2(untrusted)
Webserver
IntranetWebserver(companyprivate)
![Page 23: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/23.jpg)
Standard Firewall Example Standard Firewall Example Connection to web serverConnection to web server
23
Corporate NetworkCorporateFirewall
Internet
InternalExternal
ExternalHost
InternalHost
1
InternalHost
2(untrusted)
Webserver
IntranetWebserver(companyprivate)
![Page 24: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/24.jpg)
Standard Firewall Example Standard Firewall Example Connection to intranetConnection to intranet
24
Corporate NetworkCorporateFirewall
Internet
InternalExternal
ExternalHost
InternalHost
1
InternalHost
2(untrusted)
Webserver
IntranetWebserver(companyprivate)
blocked byfirewall connection
allowed,but should
not be
![Page 25: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/25.jpg)
Distributed Firewall Distributed Firewall ExampleExample
25
Corporate NetworkInternet
InternalExternal
ExternalHost
InternalHost
1
InternalHost
2(untrusted)
Webserver
IntranetWebserver(companyprivate)
InternalHost
(telecommuting)
![Page 26: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/26.jpg)
Distributed Firewall Example Distributed Firewall Example to web serverto web server
26
Corporate NetworkInternet
InternalExternal
ExternalHost
InternalHost
1
InternalHost
2(untrusted)
Webserver
IntranetWebserver(companyprivate)
InternalHost
(telecommuting)
![Page 27: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/27.jpg)
Distributed Firewall Example Distributed Firewall Example to intranetto intranet
27
Corporate NetworkInternet
InternalExternal
ExternalHost
InternalHost
1
InternalHost
2(untrusted)
Webserver
IntranetWebserver(companyprivate)
InternalHost
(telecommuting)
![Page 28: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/28.jpg)
Components of Components of Distributed FirewallsDistributed Firewalls
28
A Distributed Firewall is a mechanism to enforce a network domain
security policy through the use of the following:
Policy Language
Policy Distributed Scheme
Certificates
![Page 29: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/29.jpg)
.contd.contd
29
Policy language The Policy language is used to create policies for each firewall.
These policies are the collection of rules, which guides the firewall for evaluating the network traffic. It also defines which inbound and outbound connections on any component of the network policy domain are allowed.
![Page 30: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/30.jpg)
.contd.contd
30
Policy Distribution Scheme
The policy distribution scheme should guarantee the integrity of the policy during transfer.
This policy is consulted before processing the incoming or outgoing messages.
The distribution of the policy can be different and varies with the implementation. It can be either directly pushed to end systems , or pulled when necessary
![Page 31: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/31.jpg)
.contd.contd
31
Certificates There may be the chance of using IP address for the host identification by the distributed firewalls.
But a mechanism of security is more important. It is preferred to use certificate to identify hosts. IPSec provides cryptographic certificates. Unlike IP address, which can be easily spoofed, the digital certificate is much more secure and the authentication of the certificate is not easily forged. Policies are distributed by means of these
![Page 32: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/32.jpg)
Advantages Advantages
32
1. Provides security for internet and intranet
2. Multiple access points
3. Insiders are no longer trusted
4. Security policy rules are distributed and established on needed basis
5 End to End can be easily done and filtering packets is easy
![Page 33: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/33.jpg)
DisadvantageDisadvantage
33
1. Compliance of the security policy for insiders is one of the major issues of the distributed firewalls. This problem especially occurs when each ending host have the right of changing security policy. There can be some techniques to make modifying policies harder but it is not totally impossible to prevent it.2 It is not so easy to implement an intrusion detection system in a distributed firewall environment. It is possible to log suspicious connections on local server but these logs need to be collected and analyzed by security experts in central service
![Page 34: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/34.jpg)
Distributed Firewall Distributed Firewall implementationimplementation....
Language to express policies and resolving requests (KeyNote system)
Using keynode and Ipsec allows control of mixed level
policies where authentication mechanism is applied
through public key cryptography
34
![Page 35: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/35.jpg)
KeyNoteKeyNote
A language to describe security policies (RFC 2704)
Fields :◦ KeyNote Version – Must be first field, if present
◦ Authorizer – Mandatory field, identifies the issuer of the assertion
◦ Comment◦ Conditions – The conditions under which the Authorizer trusts the
Licensee
◦ Licensees – Identifies the authorized, should be public key, but can be IP address
◦ Signature – Must be last, if present
All field names are case-insensitive
35
![Page 36: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/36.jpg)
KeyNote Example 1KeyNote Example 1
36
![Page 37: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/37.jpg)
KeyNote Example 2KeyNote Example 2
37
KeyNote-Version: 2Authorizer: “rsa-hex:1023abcd”Licensee: “IP:158.130.6.141”Conditions: (@remote_port < 1024 &&
@local_port == 22 ) -> “true”;Signature: “rsa-sha1-hex:bee11984”
Note that this credential delegates to an IP address,
![Page 38: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/38.jpg)
Application interaction Application interaction with keyNote with keyNote
38
![Page 39: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/39.jpg)
Example of Connection to Example of Connection to a Distributed Firewalla Distributed Firewall
local host security policy:KeyNote-Version: 2
Authorizer: “POLICY”
Licensees: ADMINISTRATIVE_KEY
Assumes an IPSEC SA between hosts
39
![Page 40: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/40.jpg)
Example of Connection to a Example of Connection to a Distributed FirewallDistributed Firewall
KeyNote-Version: 2
Authorizer: ADMINISTRATIVE_KEY
Licensees: USER_KEY
Conditions:
(app_domain == "IPsec policy" &&
encryption_algorithm == “yes" &&
local_address == "158.130.006.141")
-> "true";
(app_domain == "Distributed Firewall" &&
@local_port == 23 &&
encrypted == "yes" &&
authenticated == "yes") -> "true";
Signature: ...
40
![Page 41: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/41.jpg)
Example of Connection to a Example of Connection to a Distributed FirewallDistributed Firewall
41
source
local host158.130.6.141
(running PolicyDaemon)
IPSEC SA
TCP connect (23)context created
local port=23encrypted="yes"
authenticated="yes"
Policy Daemonchecks context
vs.credential
continue TCPsession
Returns TRUE
![Page 42: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/42.jpg)
ConclusionsConclusions
Distributed firewalls allows the network security policy to remain under control of the system administrators
Insiders may no longer be unconditionally treated as “trusted”
Does not completely eliminate the need for traditional firewalls
More research is needed in this area to increase robustness, efficiency,
42
![Page 43: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/43.jpg)
Future WorkFuture Work
High quality administration tools NEED to exist for distributed firewalls to be accepted
Allow per-packet scanning as opposed to per-connection scanning
Policy updating
43
![Page 44: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/44.jpg)
ReferencesReferences
[1] Sotiris Ioannidis, Angelos D. Keromytis, Steve M. Bellovin, Jonathan M. Smith, “Implementing a Distributed Firewall”, CCS ’00,Athens, Greece.
[2] Steven M. Bellovin, “Distributed Firewalls”, November 1999 issue of; login: pp. 37-39.
[3] W. R. Cheswick and S. M. Bellovin. “Firewalls and Internet Security”: Repelling the Wily Hacker. Addison-Wesley, 1994.
[4] [Robert Stepanek, “Distributed Firewalls”, [email protected], T-110.501 Seminar on Network Security, HUT TML 2001.
[5] Dr. Mostafa Hassan Dahshan “Security and Internet Protocol”, Computer Engineering
44
![Page 45: Data security in local network using distributed firewall ppt](https://reader036.vdocuments.us/reader036/viewer/2022081417/55522f31b4c9054c668b5155/html5/thumbnails/45.jpg)
45