Upload
tarnedo1
View
220
Download
0
Embed Size (px)
Citation preview
8/13/2019 Firewalls for Network Sec
1/48
OKSLTBGGV
OAS
IL]TASJ VLF\SK][
Vuchkttlm cy>
Ceuplimrb Juhbr, _knby skide
(Kitldrbtlm H.]lfe.)
2
8/13/2019 Firewalls for Network Sec
2/48
A\]GKIL
Tebt ks Vlfurkty
Illm ao slfurkty
Tea ks vugilrbcgl Fahhai slfurkty bttbfjs bim telkr fauitlrhlbsurls
Lglhlits ao slfurkty
Avlrvklw ao Okrlwbggs
]ypls ao okrlwbgg
Okrlwbgg febrbftlrkstkfs
3
8/13/2019 Firewalls for Network Sec
3/48
Autgkil (fait.)
Khpglhlitbtkai ao okrlwbgg
Ebrmwbrl okrlwbgg
Vaotwbrl okrlwbgg
Mrbwcbfjs
rlolrlifls
6
8/13/2019 Firewalls for Network Sec
4/48
Tebt ks Vlfurkty
2. Orllmah orah rksj ar mbidlr: sbolty.
3. Orllmah orah mauct, bixklty, ar olbr: faiokmlifl.
6. Vahltekid tebt dkvls ar bssurls sbolty, bs
2. B draup ar mlpbrthlit ao prkvbtl dubrms> Fbgg cukgmkid slfurkty ko b
vksktar bfts suspkfkaus.
3. Hlbsurls bmaptlm cy b davlrihlit ta prlvlit lspkaibdl, sbcatbdl,ar bttbfj.
6. Hlbsurls bmaptlm, bs cy b cuskilss ar eahlawilr, ta prlvlit b frkhsufe bs curdgbry ar bssbugt> Vlfurkty wbs gbx bt tel okrh's shbgglr pgbit
=
8/13/2019 Firewalls for Network Sec
5/48
Illm ao slfurkty
Pratlft vktbg kioarhbtkai wekgl stkgg bggawkid
bfflss ta teasl wea illm kt
]rbml slfrlts, hlmkfbg rlfarms, ltf.
Pravkml butelitkfbtkai bim bfflss faitrag oar
rlsaurfls Dubrbitll bvbkgbckgkty ao rlsaurfls
Lx> < ;s (;;.;;;% rlgkbckgkty)
Bgg trbookf orah kiskml ta autskml bim autskml ta kiskml hust
pbss teraude tel okrlwbgg (peyskfbggy cgafjkid bgg bfflss ta
tel gafbg iltwarj lxflpt vkb tel okrlwbgg)
Aigy butearkzlm trbookf (mlokilm cy tel gafbg slfurkty pagkfy)
wkgg cl bggawlm ta pbss
]el okrlwbgg ktslgo ks khhuil ta pliltrbtkai
8/13/2019 Firewalls for Network Sec
15/48
Okrlwbgg Febrbftlrkstkfs
\slr faitragFaitrags bfflss ta b slrvkfl bffarmkid ta
wekfe uslr ks bttlhptkid ta bfflss kt
Clebvkar faitrag
Faitrags eaw pbrtkfugbr slrvkfls brl uslm(l.d., kt hby libcgl lxtlribg bfflss ta aigy bpartkai ao gafbg kioarhbtkai).
2 O]P, E]]P, ]lgilt
ltf.3=
8/13/2019 Firewalls for Network Sec
25/48
Part Vfbis
Teli ebfjlrs rlhatlgy spy ai aur fahputlrs
ta sll webt saotwbrl bim slrvkfls wl ebvl.
Part sfbis brl fahhai cut wkte b praplrgy
faiokdurlm bim hbkitbkilm okrlwbgg wl fbi
rlstrkft bfflss.
3
Pbfjlt okgtlrkid
Praxy slrvkfl
Vtbtl-ougg kisplftkai
6?
Ebrmwbrl Okrlwbgg (Fait.)
8/13/2019 Firewalls for Network Sec
37/48
( )
Pbfjlt okgtlrkid - Pbfjlts brl bibgyzlm bdbkist b slt aookgtlrs.
Praxy slrvkfl - Kioarhbtkai orah tel Kitlrilt ksrltrklvlm cy tel okrlwbgg bim teli slit ta telrlqulstkid systlh bim vkfl vlrsb.
Vtbtl-ougg kisplftkai Kt fahpbrls flrtbki jly pbrts ao
tel pbfjlt ta b mbtbcbsl ao trustlm kioarhbtkai.Kioarhbtkai trbvlgkid orah kiskml ta tel autskml kshaiktarlm oar splfkokf mlokikid febrbftlrkstkfs, telikifahkid kioarhbtkai ks fahpbrlm ta telslfebrbftlrkstkfs.
64
Ebrmwbrl Okrlwbgg (Fait.)
8/13/2019 Firewalls for Network Sec
38/48
( )
kt pratlfts us orah>
Slhatl gadkis
Bppgkfbtkai cbfjmaars
VH]P slsskai eknbfjkid
L-hbkg Bmmrlssls
Vpbh
Mlikbg ao slrvkfl
L-hbkg cahcs
L-hbkg slit 2000s ao tkhls tkgg hbkgcax ks ougg
Hbfras
_krusls65
Vaotwbrl Okrlwbgg
8/13/2019 Firewalls for Network Sec
39/48
Bgsa fbgglm Bppgkfbtkai Glvlg Okrlwbggs
Kt ks okrlwbgg tebt aplrbtl bt tel Bppgkfbtkai Gbylr aotel AVK
]ely okgtlr pbfjlts bt tel iltwarj gbylr
Kt Aplrbtkid cltwlli tel Mbtb gkij Gbylr bim telIltwarj Gbylr
Kt haiktar tel fahhuikfbtkai typl (]FP, KP ltf.) bswlgg bs tel arkdkibtkai ao tel pbfjlt, mlstkibtkaipart ao tel pbfjlt, bim bppgkfbtkai (pradrbh) telpbfjlt ks fahkid orah ar elbmlm ta.
6;
Vaotwbrl Okrlwbgg (Fait )
8/13/2019 Firewalls for Network Sec
40/48
Vaotwbrl Okrlwbgg (Fait.)
Eaw mals saotwbrl okrlwbgg warjs 1
=0
8/13/2019 Firewalls for Network Sec
41/48
Okrlwbgg Vaotwbrl ]ypls
Pracglhs ta wbtfe oar
Bmhkikstrbtkvl gkhktbtkais Bfflss
Haiktarkid
gaddkid
Hbibdlhlit rlqukrlhlits
Bmmktkaibg faitrag pakits Bmmktkaibg iai-slfurl bppgkfbtkais rlqukrlm
Vaotwbrl gkhktbtkais
Fbpbfkty
Bvbkgbckgkty
Ebrmwbrl=2
8/13/2019 Firewalls for Network Sec
42/48
Okrlwbggs oar mkoolrlit
aplrbtkid systlhs
Okrlwbgg oar Tkimaws
^ail Bgbrh
Tkirautl
]ranbi ]rbp - ]ranbi Earsl
Okrlwbgg oar Gkiux
Kptbcgls
Okrlwbgg oar Hbf
Iltcbrrklr =3
8/13/2019 Firewalls for Network Sec
43/48
Vaotwbrl Okrlwbgg (Fait.)
Clilokt ao bppgkfbtkai okrlwbggs
lbsklr ta trbfj weli b patlitkbg vugilrbckgkty
ebpplis
pratlft bdbkist ilw vugilrbckgktkls cloarl tely
brl oauim bim lxpgaktlm
bckgkty ta "uimlrstbim" bppgkfbtkais splfkokfkioarhbtkai strufturl
Kifahkid ar autdakid pbfjlts fbiiat bfflss
slrvkfls oar wekfe telrl ks ia praxy=6
Vaotwbrl Okrlwbgg (Fait )
8/13/2019 Firewalls for Network Sec
44/48
Vaotwbrl Okrlwbgg (Fait.)
Clilokt ao bppgkfbtkai okrlwbggs (fait..)
bggaw mkrlft faiilftkai cltwlli fgklit bim east
bckgkty ta rlpart ta kitruskai mltlftkai saotwbrl
lqukpplm wkte b flrtbki glvlg ao gadkf
Hbjl kitlggkdlit mlfkskais faiokdurlm ta felfj oar b jiawi _ugilrbckgkty
gbrdl bhauit ao gaddkid
==
8/13/2019 Firewalls for Network Sec
45/48
sgaw mawi iltwarj bfflss mrbhbtkfbggy
harl susflptkcgl ta mkstrkcutlm mlikbg ao slrvkfl
(MMAV) bttbfjs.
iat trbispbrlit ta lim uslrs rlqukrl hbiubg faiokdurbtkai ao lbfe fgklit
fahputlr
=//aigkil.slfurktyoafus.fah/kioafus/2Slplggkid tel Tkgy Ebfjlr. Bmmksai-Tlsgly, 3000
Dbsslr, H. Cukgmkid b Vlfurl Fahputlr Vystlh. Slkieagm, 2;55
Poglldlr, F. Vlfurkty ki Fahputkid. Prlitkfl Ebgg, 2;;4
Dbilseb I., Kitramuftkai ta okrlwbggs
]bilicbuh V. Bimrlw, Fahputlr iltwarjs, prlitkfl ebgg ao kimkb,300
8/13/2019 Firewalls for Network Sec
48/48
=5