firewall 2012 march

8/2/2019 Firewall 2012 MARCH

1/30

Firewalls

By:

Name :- Arshpreet Singh

Section: - RK22H1B30

Reg No. 11107537


2/30

Agenda

Firewall Basics for the Beginning User

Firewall Offering

Case Study Desktop Firewall Software Hardware and software Firewall

Questions and Answers


3/30

What is a Firewall?

A firewall is hardware, software, or a

combination of both that is used to prevent

unauthorized programs or Internet users from

accessing a private network and/or a single

computer


4/30

A firewall :- Acts as a securitygateway between two networks

Usually between trusted

and untrusted networks

(such as between a

corporate network and

the Internet)

Internet

Corporate Site

Corporate NetworkGateway


5/30

Hardware vs. Software Firewalls

Hardware Firewalls

Protect an entire network

Implemented on the router level

Usually more expensive, harder to configure

Software Firewalls

Protect a single computer

Usually less expensive, easier to configure


6/30

How does a software firewall work?

Inspects each individual packet of data as it

arrives at either side of the firewall

Inbound to or outbound from your computer

Determines whether it should be allowed to

pass through or if it should be blocked


7/30

Firewall Rules

Allow traffic that flows automatically

because it has been deemed as safe (Ex.

Meeting Maker, Eudora, etc.)

Block traffic that is blocked because it has

been deemed dangerous to your computer

Ask asks the user whether or not the traffic

is allowed to pass through


8/30

What a personal firewall can do

Stop hackers from accessing your computer

Protects your personal information

Blocks pop up ads and certain cookies Determines which programs can access the

Internet


9/30

What a personal firewall cannot do

Cannot prevent e-mail viruses

Only an antivirus product with updated definitions

can prevent e-mail viruses

After setting it initially, you can forget about it

The firewall will require periodic updates to the

rulesets and the software itself


10/30

Considerations when using personal

firewall software

If you did not initialize an action and your

firewall picks up something, you should most

likely deny it and investigate it

Its a learning process

If you notice you cannot do something you did

prior to the installation, there is a good

chance it might be because of your firewall


11/30


12/30


13/30

Classification of Firewall

Characterized by protocol level it controls in Packet filtering

Circuit gateways

Application gateways

Combination of above is dynamic packet filter


14/30

Firewall Gateways

Firewall runs set of proxy programs

Proxies filter incoming, outgoing packets

All incoming traffic directed to firewall

All outgoing traffic appears to come from firewall


15/30

Application-Level Filtering Has full access to protocol

user requests service from proxy

proxy validates request as legal

then actions request and returns result to user

Need separate proxies for each service E.g., SMTP (E-Mail)

NNTP (Net news)

DNS (Domain Name System) NTP (Network Time Protocol)


16/30

Firewalls - Application Level Gateway

(or Proxy)


17/30

App-level Firewall Architecture

Daemon spawns proxy when communication

detected

Network Connection

Telnetdaemon

SMTPdaemon

FTPdaemon

Telnetproxy

FTPproxy SMTP

proxy


18/30

Enforce policy for specific protocols

E.g., Virus scanning for SMTP

Need to understand MIME, encoding, Zip archives


19/30

Firewall Outlines

Packet filtering

Application gateways

Circuit gateways

Combination of above is dynamic packet filter


20/30

Firewalls - Circuit Level Gateway


21/30

Screened Host Architecture


22/30

Screened Subnet Using Two Routers

Fi ll A t P f t?


23/30

Firewalls Arent Perfect? Useless against attacks from the inside

Evil doer exists on inside

Malicious code is executed on an internal machine

Organizations with greater insider threat

Banks and Military

Protection must exist at each layer

Assess risks of threats at every layer

Cannot protect against transfer of all virus

infected programs or files because of huge range of O/S & file types


24/30

Windows 7 Firewall

Currently *not* enabled by default

Enable under Start -> Control Panel ->

Windows firewall

Select Local Area Connection

Select the Properties button

Click the Advanced tab


25/30

Windows 7 firewall


26/30

Mac OS X firewall

*Not* enabled by default

Enable under System Preferences

Select Sharing Click Firewall tab

Click Start button


27/30

Mac OS X firewall


28/30

Final Notes

Rule Management

Default Allow vs. Default Deny

Firewalls do NOT Solve the Entire Problem


29/30

Additional Information

Visit the following websites: http:// www.howstuffworks.com/firewall.htm

http:// www.firewall.com/

http://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.html

http://www.juniper.net/netscreen_com.html
http://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.htmlhttp://www.howstuffworks.com/firewall.htmhttp://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.htmlhttp://www.firewall.com/http://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.htmlhttp://www.juniper.net/netscreen_com.htmlhttp://www.juniper.net/netscreen_com.htmlhttp://www.juniper.net/netscreen_com.htmlhttp://www.juniper.net/netscreen_com.htmlhttp://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.htmlhttp://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.htmlhttp://www.firewall.com/http://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.htmlhttp://www.howstuffworks.com/firewall.htmhttp://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.html


30/30

THANKS YOU

ANY QUESTION ?
http://www.juniper.net/netscreen_com.htmlhttp://www.juniper.net/netscreen_com.html

firewall 2012 march

Documents