1 / 16

Firewalls

Firewalls. Nathan Long Computer Science 481. What is a firewall?. A firewall is a system or group of systems that enforces an access control policy between two or more networks. Pair of mechanisms One to block traffic One to permit traffic. What is a firewall?.

andersonpaul
Télécharger la présentation

Firewalls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Firewalls Nathan Long Computer Science 481

  2. What is a firewall? • A firewall is a system or group of systems that enforces an access control policy between two or more networks. • Pair of mechanisms • One to block traffic • One to permit traffic

  3. What is a firewall? http://www.interhack.net/pubs/faq/

  4. Why use a firewall? • Protect systems and data against intrusion from Internet. • Protect from leakage of information from inside company to Internet. (to a point) • Security blanket for large organizations. • Historically, firewalls were used as data storage for public information and intranet files. Most companies now use web servers. • Serve as gateways for internal Internet connection, allowing companies to control access.

  5. What can a firewall protect against? • Unauthorized interactive logins from ‘outside’ world. • Provide point where security and audit can be imposed. • Can act as a ‘phone tap’ and tracing tool. • Can be used as evidence in court. • Unauthorized access from inside corporate network to Internet.

  6. What can a firewall not protect against? • Can’t protect against things that don’t go through firewall. • Should be part of an overall security architecture. • Users • Information can be leaked via other sources such as telephone, Fax, CDs, Flash Drives. • Many locations have problems with security policy • How hard is it to get a password reset? • How much trouble does a contractor have getting into network? • Tunneling over application protocols.

  7. What types of firewalls are available? • Hardware Systems • Routers • Dedicated Proxy Server • Software Systems • PC Applications • Proxy Software

  8. Hardware Firewalls • Typically monitors network layer. • Make decisions based on source, destination address and ports found in IP packets. • Routers are a type, but not sophisticated. • Newer network layer firewalls maintain data on the state of connections and content of data passing through it. • Protects a whole network from one point.

  9. Network Firewalls • Advantages • Typically easy to setup (needs to conform to security policy) • Doesn’t slow down machines or consume system resources. • Disadvantages • Blocks everything in filter – not dynamic

  10. Software Firewalls • Monitors inbound and outbound connections on a single computer. • Monitors network and application layers. • Most popular option for home users. • Dynamically makes decisions on whether or not to block connection or data.

  11. Software Firewalls • Advantages • Easy to setup. • Monitors inbound and outbound connections. • Dynamic monitoring • Upgradable • Disadvantages • Slows down computer • Only protects one computer at a time.

  12. Popular Software Firewalls • Big Three: • ZoneAlarm Security Suite • McAfee Personal Firewall • Norton Personal Firewall … others available

  13. ZoneAlarm – Triple Defense • Protects from hackers, spyware and Trojan horses. • Prevents bad programs from attacking good programs on computer. • Protects operating system down to kernel (registry and file systems)

  14. ZoneAlarm • Considered difficult to use/configure, but very versatile. • New version provides updates via Internet for firewall. Identifies common programs and network usage rules. Allows novice users to use with no configuration. • Total protection for PC when used with Antivirus and spyware software.

  15. Weakest Link • Hardware firewalls are the weakest link • Application layer attacks can bypass network layer firewalls • Stateful Packet Inspection examines header information and contents of packet to determine if valid. • Stateful firewalls examine packet information in OSI layer 4 (transport layer) and below to provide better performance. • The only packets inspected are the layer 7 packets that initialize a connection. • After connection is made, vulnerabilities can be passed through as legitimate network traffic.

  16. The best of both worlds.. • Hardware or Software? BOTH • To fully protect your network, some sort of hardware and software firewall needs to be implemented. • This is the only way that network and application layer protection will be present.

More Related