View
215
Download
2
Category
Tags:
Preview:
Citation preview
Software Firewalls
© N. Ganesan, Ph.D.
Module Objectives
• Explore the features of a software firewall such as Zone Alarm Pro
Introduction
Features
• Inbound traffic protection• Outbound traffic protection• Optional e-mail protection• Optional antivirus monitoring
Types of Protection and Control
• Firewall Protection• Program Control• Privacy Protection• Identity Protection
Protection Alerts
• Program alerts• Firewall alerts
Program Alert Example
• In the following example, program alert for the ping command will be demonstrated
Firewall Event
• Informs intrusion efforts
Zoning for Access Control
• Internet zone– All computers fall into this category– They are generally unknown computers
• Trusted zone– Permission is automatically given to access
computers in the trusted zone
• Bad zone– Access to computers in this zone are
explicitly denied
Disconnecting from Internet
• Stop button• Internet lock
Additional Information
• Use the help feature
Overview of ZoneAlarm Pro
Firewall Zone Settings
• High– Explicit permission must be given for
access
• Medium– Access must be blocked explicitly
1
2
3
Blocked Zone
• Advanced control is possible for blocked zones
Adding and Removing Networks to and from Zones
Assigning Networks
• Networks can be assigned to trusted and internet zones based on:– Host/site– IP address – IP range– Subnet
Computers with Access
• In the previous example, the computers with the following range of IP address will have network access privilege– 130.182.215.0 to 130.182.215.254
• The values defined could also be edited
Can be removed as well.
Rule Based Access Control
Purpose
• Traffic can be controlled based on source address, destination address, protocol and time of the day
Expert Firewall
• Access control (allow of blocks) can be exercised based on the following parameters:– Source– Destination– Protocol– Time
Auto-Lock
• Auto lock can be set to be involved when the computer is inactive for a given period of time
Program Access Control
Individual Program Control
• This is perhaps the most frequently used option
• Access to the network for a program can be set to the following – Allow – Block X– Ask ?
Program Control Properties
• Allow– Allows the program to access the network
• Ask– Ask each time the program tries to access the network
• Block– Block access without asking
• In general, one may want to block the program acting as a server
• Moreover, whenever in doubt, access could be set to “Ask”
• As seen in the next slide, new program could also be added to the list of programs that need to be controlled with respect to network access
Individual program security.
Antivirus Monitoring
Email Protection
Newattachment types
can be added.
Privacy
1
2
3
Customizing cache cleaning.
Cookie Control, Ad Blocking and Mobile Code Control
1
2
3
Cookie control.
Ad blocking.
Mobile code execution control.
Site Access Control
ID Lock
Alerts and Logs
The End
Recommended