firewall 2012 march
TRANSCRIPT
-
8/2/2019 Firewall 2012 MARCH
1/30
Firewalls
By:
Name :- Arshpreet Singh
Section: - RK22H1B30
Reg No. 11107537
-
8/2/2019 Firewall 2012 MARCH
2/30
Agenda
Firewall Basics for the Beginning User
Firewall Offering
Case Study Desktop Firewall Software Hardware and software Firewall
Questions and Answers
-
8/2/2019 Firewall 2012 MARCH
3/30
What is a Firewall?
A firewall is hardware, software, or a
combination of both that is used to prevent
unauthorized programs or Internet users from
accessing a private network and/or a single
computer
-
8/2/2019 Firewall 2012 MARCH
4/30
A firewall :- Acts as a securitygateway between two networks
Usually between trusted
and untrusted networks
(such as between a
corporate network and
the Internet)
Internet
Corporate Site
Corporate NetworkGateway
-
8/2/2019 Firewall 2012 MARCH
5/30
Hardware vs. Software Firewalls
Hardware Firewalls
Protect an entire network
Implemented on the router level
Usually more expensive, harder to configure
Software Firewalls
Protect a single computer
Usually less expensive, easier to configure
-
8/2/2019 Firewall 2012 MARCH
6/30
How does a software firewall work?
Inspects each individual packet of data as it
arrives at either side of the firewall
Inbound to or outbound from your computer
Determines whether it should be allowed to
pass through or if it should be blocked
-
8/2/2019 Firewall 2012 MARCH
7/30
Firewall Rules
Allow traffic that flows automatically
because it has been deemed as safe (Ex.
Meeting Maker, Eudora, etc.)
Block traffic that is blocked because it has
been deemed dangerous to your computer
Ask asks the user whether or not the traffic
is allowed to pass through
-
8/2/2019 Firewall 2012 MARCH
8/30
What a personal firewall can do
Stop hackers from accessing your computer
Protects your personal information
Blocks pop up ads and certain cookies Determines which programs can access the
Internet
-
8/2/2019 Firewall 2012 MARCH
9/30
What a personal firewall cannot do
Cannot prevent e-mail viruses
Only an antivirus product with updated definitions
can prevent e-mail viruses
After setting it initially, you can forget about it
The firewall will require periodic updates to the
rulesets and the software itself
-
8/2/2019 Firewall 2012 MARCH
10/30
Considerations when using personal
firewall software
If you did not initialize an action and your
firewall picks up something, you should most
likely deny it and investigate it
Its a learning process
If you notice you cannot do something you did
prior to the installation, there is a good
chance it might be because of your firewall
-
8/2/2019 Firewall 2012 MARCH
11/30
-
8/2/2019 Firewall 2012 MARCH
12/30
-
8/2/2019 Firewall 2012 MARCH
13/30
Classification of Firewall
Characterized by protocol level it controls in Packet filtering
Circuit gateways
Application gateways
Combination of above is dynamic packet filter
-
8/2/2019 Firewall 2012 MARCH
14/30
Firewall Gateways
Firewall runs set of proxy programs
Proxies filter incoming, outgoing packets
All incoming traffic directed to firewall
All outgoing traffic appears to come from firewall
-
8/2/2019 Firewall 2012 MARCH
15/30
Application-Level Filtering Has full access to protocol
user requests service from proxy
proxy validates request as legal
then actions request and returns result to user
Need separate proxies for each service E.g., SMTP (E-Mail)
NNTP (Net news)
DNS (Domain Name System) NTP (Network Time Protocol)
-
8/2/2019 Firewall 2012 MARCH
16/30
Firewalls - Application Level Gateway
(or Proxy)
-
8/2/2019 Firewall 2012 MARCH
17/30
App-level Firewall Architecture
Daemon spawns proxy when communication
detected
Network Connection
Telnetdaemon
SMTPdaemon
FTPdaemon
Telnetproxy
FTPproxy SMTP
proxy
-
8/2/2019 Firewall 2012 MARCH
18/30
Enforce policy for specific protocols
E.g., Virus scanning for SMTP
Need to understand MIME, encoding, Zip archives
-
8/2/2019 Firewall 2012 MARCH
19/30
Firewall Outlines
Packet filtering
Application gateways
Circuit gateways
Combination of above is dynamic packet filter
-
8/2/2019 Firewall 2012 MARCH
20/30
Firewalls - Circuit Level Gateway
-
8/2/2019 Firewall 2012 MARCH
21/30
Screened Host Architecture
-
8/2/2019 Firewall 2012 MARCH
22/30
Screened Subnet Using Two Routers
Fi ll A t P f t?
-
8/2/2019 Firewall 2012 MARCH
23/30
Firewalls Arent Perfect? Useless against attacks from the inside
Evil doer exists on inside
Malicious code is executed on an internal machine
Organizations with greater insider threat
Banks and Military
Protection must exist at each layer
Assess risks of threats at every layer
Cannot protect against transfer of all virus
infected programs or files because of huge range of O/S & file types
-
8/2/2019 Firewall 2012 MARCH
24/30
Windows 7 Firewall
Currently *not* enabled by default
Enable under Start -> Control Panel ->
Windows firewall
Select Local Area Connection
Select the Properties button
Click the Advanced tab
-
8/2/2019 Firewall 2012 MARCH
25/30
Windows 7 firewall
-
8/2/2019 Firewall 2012 MARCH
26/30
Mac OS X firewall
*Not* enabled by default
Enable under System Preferences
Select Sharing Click Firewall tab
Click Start button
-
8/2/2019 Firewall 2012 MARCH
27/30
Mac OS X firewall
-
8/2/2019 Firewall 2012 MARCH
28/30
Final Notes
Rule Management
Default Allow vs. Default Deny
Firewalls do NOT Solve the Entire Problem
-
8/2/2019 Firewall 2012 MARCH
29/30
Additional Information
Visit the following websites: http:// www.howstuffworks.com/firewall.htm
http:// www.firewall.com/
http://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.html
http://www.juniper.net/netscreen_com.html
http://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.htmlhttp://www.howstuffworks.com/firewall.htmhttp://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.htmlhttp://www.firewall.com/http://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.htmlhttp://www.juniper.net/netscreen_com.htmlhttp://www.juniper.net/netscreen_com.htmlhttp://www.juniper.net/netscreen_com.htmlhttp://www.juniper.net/netscreen_com.htmlhttp://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.htmlhttp://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.htmlhttp://www.firewall.com/http://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.htmlhttp://www.howstuffworks.com/firewall.htmhttp://www.it.northwestern.edu/reference/firewall/firewall_strategies_wp.html -
8/2/2019 Firewall 2012 MARCH
30/30
THANKS YOU
ANY QUESTION ?
http://www.juniper.net/netscreen_com.htmlhttp://www.juniper.net/netscreen_com.html