Firewall Survey Purpose of a Firewall To allow

  • Slides: 13
Download presentation
Firewall – Survey • Purpose of a Firewall – To allow ‘proper’ traffic and

Firewall – Survey • Purpose of a Firewall – To allow ‘proper’ traffic and discard all other traffic • Characteristic of a firewall – All traffic must go through the firewall – Allow and blocking traffic – The Firewall itself should be immune of attacked

Firewall – possibilities • 5(6) areas to control: – Services (web, ftp, mail …)

Firewall – possibilities • 5(6) areas to control: – Services (web, ftp, mail …) i. e. Port# – Network (hosts) i. e. IP addresses – Direction i. e. control inside-out or reverse – User i. e. only authorized users allow – Behaviour (e. g. attachment to mail) – (Denial of Service Inspection)

Firewall – solutions • Solutions: – HW – screening router – SW – Computer

Firewall – solutions • Solutions: – HW – screening router – SW – Computer Based (build in the OS) – SW – dedicated Host Firewall

Firewall – limitations • 3 limitations of Firewalls – Cannot protect against traffic not

Firewall – limitations • 3 limitations of Firewalls – Cannot protect against traffic not running trough the firewall (obvious!!) – Cannot protect against threats from inside (e. g. as the school network) – Cannot protect against viruses (i. e. they come in by legal traffic)

Firewall – Types • 3 types of Firewalls – Packet-filtering – with state-full inspection

Firewall – Types • 3 types of Firewalls – Packet-filtering – with state-full inspection – Application- gateways

Firewall – Packet-filtering • Level 3 – network (IP-packets) – Filtering on (the access

Firewall – Packet-filtering • Level 3 – network (IP-packets) – Filtering on (the access control list): • • • Source/Destination IP-addresses Source/Destination Port-numbers IP-protocol field (e. g. icmp, tcp, egp) TCP-direction (SYN-bit) IN / OUT on each interface ICMP message type

Firewall – Packet-filtering • Configurations – Policies: 1: optimistic: default set to allow 2:

Firewall – Packet-filtering • Configurations – Policies: 1: optimistic: default set to allow 2: pessimistic: default set to discard (normal) – Setting up rules

Firewall – Packet-filtering • Weakness – Cannot ‘look’ into appl. Level information – Limited

Firewall – Packet-filtering • Weakness – Cannot ‘look’ into appl. Level information – Limited logging information – Do normally not support authentication – Can be attack by weakness in IP (e. g. IP-spoofing)

Firewall – Packet-filtering • Stateful - inspection – Normal packet-filtering only look at one

Firewall – Packet-filtering • Stateful - inspection – Normal packet-filtering only look at one packet at a time. – Stateful packet-filtering can remember a sequence of packets. (can be used to detect spoofing)

Firewall – Application-level • Level 5 Application gateway – Using Proxy Servers (e. g.

Firewall – Application-level • Level 5 Application gateway – Using Proxy Servers (e. g. a mail-client and a mail-server) • Spilt connections into 2 (one for inbound and one for outbound)

Firewall – Application-level • More secure – Stateful inspection even more developed – User

Firewall – Application-level • More secure – Stateful inspection even more developed – User authentication are used • Weakness – slow-down performance – need to have proxies for all services

Intrusion System • Deep packet inspection – Read and remember history of packets •

Intrusion System • Deep packet inspection – Read and remember history of packets • Two types – Intrusion Detection System (IDS) • Send alert if behaviour is odd • One implementation snort (open source / Linux) – Intrusion Prevention System (IPS) • Filter out suspicious packets

Firewall – Architecture • One recommended solution: • Screened subnet firewall MOST secure DMZ

Firewall – Architecture • One recommended solution: • Screened subnet firewall MOST secure DMZ – demilitarized zone (2 packet-filter + bastion host on the net (DMZ) in between) • Home Firewall like Zone. Alarm/Windows-firewall

Firewall POS SATPAM Firewall Apa itu firewall FirewallFirewall POS SATPAM Firewall Apa itu firewall Firewall
FIREWALL Purpose of Firewall A firewall protects networkFIREWALL Purpose of Firewall A firewall protects network
FIREWALL Konsep Firewall Firewall adalah sebuah sistem atauFIREWALL Konsep Firewall Firewall adalah sebuah sistem atau
FIREWALL Conceito o que um Firewall Firewall umaFIREWALL Conceito o que um Firewall Firewall uma
FIREWALL Luidi V A Andrade Firewall Um firewallFIREWALL Luidi V A Andrade Firewall Um firewall
FIREWALL OUTLINES Firewall concept Firewall rule Types ofFIREWALL OUTLINES Firewall concept Firewall rule Types of
1 1 The Firewall Concept Purpose of firewall1 1 The Firewall Concept Purpose of firewall
PURPOSE Purpose and Food Value Chain PURPOSE PurposePURPOSE Purpose and Food Value Chain PURPOSE Purpose
FIREWALLS What is a Firewall l A firewallFIREWALLS What is a Firewall l A firewall
Firewall Administrao e Gerenciamento de Redes Firewall EstruturaFirewall Administrao e Gerenciamento de Redes Firewall Estrutura
QU ES UN FIREWALL Un cortafuegos o firewallQU ES UN FIREWALL Un cortafuegos o firewall
Firewall Pertemuan V Definisi Firewall merupakan sebuah perangkatFirewall Pertemuan V Definisi Firewall merupakan sebuah perangkat