View
237
Download
1
Category
Tags:
Preview:
Citation preview
Filtering in FirewallBy Fantastic 5
AgendaAgenda
What is Firewall?Types Of FirewallPros and Cons Of Different FirewallsWhat Firewall can do?What Firewall can not do?Q & A
What is Firewall?What is Firewall?
Isolates organization’s internal network from larger Internet, allowing some packets to pass, blocking others.
Types Of FirewallTypes Of Firewall
Packet Filtering Firewall Operate at network layer
Circuit Level Operates at transport layer
Application level Firewall Operates at Application layer
Packet Filter FirewallPacket Filter Firewall
Incoming Traffic Allowed Outgoing Traffic
Packet Filtering FirewallPacket Filtering Firewall
Stateless Filters
Stateful Filters
Content Filters
Dynamic Packet Filtering
Stateless Packet FiltersStateless Packet Filters
Simple filters
Makes decision on a packet by packet basis
Every packet check
Stateless Packet FilteringStateless Packet FilteringPros
Very fast, no need to remember
anything about the traffic •Cons
•More Complex criteria decreases performance•No protection against malicious code in upper layer•Difficult to get the filtering rules right
Stateful Packet FilteringStateful Packet Filtering
Each connection established is stored in saved in a table.
The first packet of the connection is checked against pre-defined rules.
Stateful Packet FilteringStateful Packet FilteringPros
Scalable More Secure, as maintain connection
state
ConsConnection maintain even for
connectionless protocolsTakes more CPU time.
Content FilteringContent Filtering
Check the content of the packetIt looks for the packet contents at the network layer
Circuit level FirewallCircuit level Firewall
Incoming Traffic Allowed Outgoing Traffic
Application Level FirewallApplication Level Firewall
Incoming Traffic
Allowed Outgoing Traffic
Circuit Level FirewallCircuit Level FirewallPros
Improved securityWhen network packets are
readdressed, information about protected network is hidden
Cons No application Level Security
Dynamic Packet FilteringDynamic Packet FilteringMonitor state of active connectionRecord session information such as IP, Port no.Determines whether packets are allowed or not, by comparing state of that connection.Much secure than static packet filter
e.g. only replies to users data requests are
let back in.
What Firewalls can do?What Firewalls can do?Deny unauthorized access
Control access to authorized services
Monitor traffic
Raise alarm if suspicious activity occurs
Enforce Policy
What Firewalls can not do?What Firewalls can not do?Protect against threats inside your network
Protect against services allowed through the firewall
Set themselves up – misconfiguration
Only Firewalls can not be used to make the secure network
Conclusion
The Firewall alone can not make the network secure from the public network like internet
ReferencesReferencesFirewall(networking). 2 March 2007. Wikimedia Foundation Inc. 2 March 2007. <http://en.wikipedia.org/wiki/Firewall>Dynamic packet Filtering (DPF). September 2002. Netmaster Digital security, Inc. 11 March 2007. <http://www.netmaster.com/products/ggoss-dbf.pdfFirewall Q&A. 2007. Vicomsoft Ltd. 26 Febraury2007. <http://www.vicomsoft.com/knowledge/reference/firewalls1.html#1>Introduction to Firewalls. 3 Sep 2004. Addison Wesley Professional, Inc. 12 March 2007. <http://www.awprofessional.com/articles/article.asp?p=170452&seqNum=2&rl=1>Evolution of Firewall Industry. 28 Sep 2002. Cisco Systems, Inc. 22 March 2007. <http://www.cisco.com/univercd/cc/td/doc/product/iaabu/centri4/user/scf4ch3.htm#xtocid0>IP Packet Filtering. April 2007. IBM. 26 March 2007. <http://publib.boulder.ibm.com/infocenter/eserver/v1r3s/index.jsp?topic=/ipha5/packetfilterfirewall.htm>NVIDIA Firewall. 2004. NVIDIA Corporation. 26 March 2007. <http://www.alienwaresystems.com.au/dnn2/Portals/0/nForce%204%20Firewall.pdf>
Questions?
Thank U !
Recommended