Upload
ashish-nautiyal
View
231
Download
0
Embed Size (px)
Citation preview
8/7/2019 Aman Firewall
1/15
WeLCOME
SEMINAR ON FIREWALL
AMAN BHARDWAJ
B.Tech(CS) 4th SEM
ROLL NO.- 15
8/7/2019 Aman Firewall
2/15
Firewalls
8/7/2019 Aman Firewall
3/15
Firewalls
What is a Firewall
Types of Firewall Network Layer and Packet Filters
Application Layer
Proxy Firewalls
Network Address Translations
8/7/2019 Aman Firewall
4/15
What is a Firewall?
A hardware or software solution whichrestricts access between your network and
an outside network.
Firewall can be uni-directional or bi-directional Usually at perimeter (where the two networks meet)
Like a Military Checkpoint:
Stops all traffic in and/or out of your network
Inspects the traffic to see if it meets the security policy
Allows or denies the traffic based on the security
policy
Like a real checkpoint, it will slow down traffic!!!
8/7/2019 Aman Firewall
5/15
What is a Firewall
A firewall's function within a network is similar
to firewalls in building construction, because in
both cases they are intended to isolate one
"network" or "compartment" from another.However, network firewalls, unlike physical
firewalls, are designed to allow some traffic to
flow.
8/7/2019 Aman Firewall
6/15
What is a Firewall? A firewall :
Acts as a security gateway
between two networks
Usually between trusted
and untrusted networks
(such as between a
corporate network and
the Internet
Corporate
Site
Corporate
Site
Internet
Corporate Network
Gateway
8/7/2019 Aman Firewall
7/15
EVOLUTION OF FIREWALLS
Packet
Filter
Application
Proxy
Stateful
Inspection
Stage of Evolution
8/7/2019 Aman Firewall
8/15
Types of Firewall
There are mainly four types of Firewalls
Network layer and packet filters
Application-layer
Proxies
Network address translation
8/7/2019 Aman Firewall
9/15
Packet Filter
How Packet filters work
Read the header and filter by whether fields
match specific rules
The firewall administrator may define the rules; or
default rules may apply
Operate at network level, not application level
8/7/2019 Aman Firewall
10/15
Application-Layer
Application-layer firewalls work on theapplication level of the TCP/IP stack, and may
intercept all packets traveling to or from anapplication.
Stronger security
Harder to implement and maintain
Requires writing new or custom rules/proxies asapplications and protocols change or are introduced
Slower performance, less scalable
8/7/2019 Aman Firewall
11/15
Proxy firewalls
Proxy firewalls pass data between two
separate connections, one on each side of
the firewall.
Proxies should not route packets between
interfaces.
8/7/2019 Aman Firewall
12/15
Network Address Translation
(NAT)
NAT changes the ip addresses in a packet, so that
the address of the client inside never shows up on
the internet.
Examples: Cisco PIX, Linux Masquerading, Firewall
One, ipfilter
8/7/2019 Aman Firewall
13/15
Appropriate use of Firewalls
Firewalls are applicable when
When there is two networks that have a distinct
trust factor (friend/foe).
When protected networks connection must
terminate behind firewall.
When there is need for extra layer of protection
for certain applications.
8/7/2019 Aman Firewall
14/15
Configuration Considerations
By default, less trusted networks has NO access tothe trusted network (deny all).
Be port specific as possible when allowing outsidehost to access applications.
Rulesets/access-list will not work unless applied tointerface.
Certain applications are very firewall sensitive (i.e.Voice, H323)
8/7/2019 Aman Firewall
15/15
THANK YOU