Firewalls n Types of Firewalls Screening router firewalls

  • Slides: 8
Download presentation
Firewalls n Types of Firewalls ¡ ¡ Screening router firewalls Computer-based firewalls Firewall appliances

Firewalls n Types of Firewalls ¡ ¡ Screening router firewalls Computer-based firewalls Firewall appliances Host firewalls (firewalls on clients and servers) n Inspection Methods n Firewall Architecture n Configuring, Testing, and Maintenance 1

Figure 5 -3: Firewall Hardware and Software n Screening Router Firewalls ¡ Add firewall

Figure 5 -3: Firewall Hardware and Software n Screening Router Firewalls ¡ Add firewall software to router ¡ Usually provide light filtering only ¡ Expensive for the processing power—usually must upgrade hardware, too ¡ Screens out incoming “noise” of simple scanning attacks to make the detection of serious attacks easier ¡ Good location for egress filtering—can eliminate scanning responses, even from the router 2

Figure 5 -3: Firewall Hardware and Software n Computer-Based Firewalls ¡ Add firewall software

Figure 5 -3: Firewall Hardware and Software n Computer-Based Firewalls ¡ Add firewall software to server with an existing operating system: Windows or UNIX ¡ Can be purchased with power to handle any load ¡ Easy to use because know operating system ¡ Firewall vendor might bundle software with hardened hardware and operating system software 3

Figure 5 -3: Firewall Hardware and Software n Computer-Based Firewalls ¡ General-purpose operating systems

Figure 5 -3: Firewall Hardware and Software n Computer-Based Firewalls ¡ General-purpose operating systems result in slower processing ¡ Security: Attackers may be able to hack the operating system n Change filtering rules to allow attack packets in n Change filtering rules to drop legitimate packets 4

Figure 5 -3: Firewall Hardware and Software n Firewall Appliances ¡ Boxes with minimal

Figure 5 -3: Firewall Hardware and Software n Firewall Appliances ¡ Boxes with minimal operating systems ¡ Therefore, difficult to hack ¡ Setup is minimal ¡ Not customized to specific firm’s situation ¡ Must be able to update 5

Figure 5 -3: Firewall Hardware and Software n Host Firewalls ¡ Installed on hosts

Figure 5 -3: Firewall Hardware and Software n Host Firewalls ¡ Installed on hosts themselves (servers and sometimes clients) ¡ Enhanced security because of host-specific knowledge n For example, filter out everything but webserver transmissions on a webserver 6

Figure 5 -3: Firewall Hardware and Software n Host Firewalls ¡ Defense in depth

Figure 5 -3: Firewall Hardware and Software n Host Firewalls ¡ Defense in depth n Normally used in conjunction with other firewalls n Although on single host computers attached to internet, might be only firewall 7

Figure 5 -3: Firewall Hardware and Software n Host Firewalls ¡ If not centrally

Figure 5 -3: Firewall Hardware and Software n Host Firewalls ¡ If not centrally managed, configuration can be a nightmare n ¡ Especially if rule sets change frequently Client firewalls typically must be configured by ordinary users n Might misconfigure or reject the firewall n Need to centrally manage remote employee computers 8

Router Architectures First generation router Second generation routerRouter Architectures First generation router Second generation router
Router Apa itu router Router adalah sebuah alatRouter Apa itu router Router adalah sebuah alat
CISCO ROUTER Cisco Router The Cisco router IOSCISCO ROUTER Cisco Router The Cisco router IOS
KMJ Contents 1 Router 2 Router 3 RouterKMJ Contents 1 Router 2 Router 3 Router
Router Configuration CISCO 2500 series router A routerRouter Configuration CISCO 2500 series router A router
Router 12 1 Router 22 n Router nRouter 12 1 Router 22 n Router n
FIREWALLS Firewalls Routers Switches Hubs VPNs Firewalls ImplementedFIREWALLS Firewalls Routers Switches Hubs VPNs Firewalls Implemented