PREPARED BY : PINA CHHATRALA 1

Firewall

Prepared By :Pina Chhatrala

PREPARED BY : PINA CHHATRALA 2

Milestone Firewall Basing

Bastion Host Host – based firewall Personal firewall

PREPARED BY : PINA CHHATRALA 3

Firewall Basing

PREPARED BY : PINA CHHATRALA 4

Bastion Host A bastion host is a system identified by the firewall administrator

as a critical strong point in the network’s security. It serves as a platform for an application – level or circuit – level

gateway. Some common characteristics :

Executes a secure version of its OS, making it a hardened system.

Only the services that the network administrator considers essential are installed on the bastion host.

PREPARED BY : PINA CHHATRALA 5

Bastion Host Some common characteristics :

It may require some additional authentication before user is allowed access to the proxy services.

Each proxy is configured to support only a subset of the standard application’s command set.

Each proxy is configured to allow access only to specific host systems.

Each proxy maintains detailed audit information by logging all traffic.

PREPARED BY : PINA CHHATRALA 6

Bastion Host Some common characteristics :

Each proxy module is a very small software package specifically designed for network security.

Each proxy is independent of other proxies on the bastion host.

A proxy generally performs no disk access other than to read its initial configuration file.

Each proxy runs as a nonprivilaged user in a private and secured dictionary on the bastion host.

PREPARED BY : PINA CHHATRALA 7

Host – based Firewalls A host – based firewall is a software module used to secure an

individual host. Such modules are available in many OSs or can be provided as

an add-on packages. It filters and restricts the flow of packages. A common location for such firewalls is a server. Advantage :

Filtering rules can be tailored to the host environment. Protection is provided independent of technology.

PREPARED BY : PINA CHHATRALA 8

Personal Firewalls Personal firewall controls traffic between a personal computer

or work – stations on one side and the Internet or Enterprise network on the other side.

These functionality can be used in the home environment and on corporate internets.

It is the software module on the personal computer. Firewall functionality can also be housed in a router that

connects all of the home computers to a DSL, cable modem, or other internet interface.

PREPARED BY : PINA CHHATRALA 9

Personal Firewalls They are typically much less complex than either server – based

firewalls or stand – alone firewalls. The primary role of the personal firewall is to deny the

unauthorized remote access to the computer. The firewall can also monitor the outgoing activity is an attempt

to detect and block worms and other malware.

PREPARED BY : PINA CHHATRALA 10

Thank

You