1 / 37

Network Security

Network Security. Professor Dr. Adeel Akram. Firewalls: A Practical Guide. Outline. ICSA Labs ICSA Certified Firewalls Kerio Winroute Firewall Astaro Security Gateway WatchGuard X1000 Firewall CASE Study Kerio Winroute Firewall 6. About ICSA Labs.

acton-camacho
Download Presentation

Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security Professor Dr. AdeelAkram

  2. Firewalls: A Practical Guide

  3. Outline • ICSA Labs • ICSA Certified Firewalls • KerioWinroute Firewall • Astaro Security Gateway • WatchGuard X1000 Firewall • CASE Study • KerioWinroute Firewall 6

  4. About ICSA Labs • For over a decade, ICSA Labs, an independent division of Cybertrust, Inc., has been the security industry's central authority for research, intelligence, and certification testing of products. • ICSA Labs sets standards for information security products and certifies over 95% of the installed base of anti-virus, firewall, IPSec VPN, cryptography, SSL VPN, network IPS, anti-spyware and PC firewall products commonly deployed in the world today.

  5. ICSA Labs Certification • ICSA Labs, formerly known as the International Computer Security Association, manages and sponsors security consortia that provide a forum for intelligence sharing among the leading vendors of security products. • In addition, ICSA Labs publishes surveys, security industry studies and buyers' guides for computer security products

  6. ICSA Labs Certification • The goal for ICSA Labs Certification is to enhance and improve security implementations of network and Internet computing, which will improve commercial security and its use of appropriate security products, services, policies, techniques, and procedures. • Certification enforces overall confidence in computing and drives enhanced security measures while at the same time, decreasing the intrusion of security measures in everyday life. • Certification also promotes user acceptance of increased security while improving the ease of use, and the invisible, automatic, and seamless integration of security technology in everyday computing.

  7. ICSA Labs Test Areas • Anti-Spyware • Antivirus • Cryptography • FIPS 140-2 Cryptographic Module Testing • Firewalls • Intrusion Detection • IPsec • Network Intrusion Prevention • PC Firewalls • PIV / FIPS 201 • Premier Services • SSL-TLS • Wireless

  8. Prominent ICSA Certified Firewalls • KerioWinroute Firewall for Windows • Astaro Security Linux • WatchGuard Firebox System Family • Juniper NetworksNetScreen Firewall Family • Microsoft Internet Security and Acceleration Server • CISCO PIX Firewall Family • Check PointSecurePlatform NG • NovellBorderManager

  9. KERIO Winroute Firewall • Corporate & enterprise network firewall: • Kerio WinRoute Firewall™ is a corporate gateway firewall for small and medium-sized businesses. • Equipped with VPN server, optional embedded McAfee Anti-Virus, integrated customizable ISS Orange Web Filter, and user-specific Internet access management, Kerio WinRoute Firewall provides a multi-layer architecture for protecting networks, servers and users. • http://www.kerio.com

  10. ASTARO Security Gateway • http://www.astaro.com • https://demo.astaro.com Astaro AppliancesAstaro SoftwareAstaro Report ManagerConfiguration ManagerAstaro Secure Client

  11. WATCHGUARD Firebox Family • Firebox Soho • Firebox Edge • Firebox Core • Firebox Peak } X-Series

  12. CASE STUDY: KWF 6 • Kerio Winroute Firewall • Comes as an installer package • ~ 22 MB (kerio-kwf-6.2.0-1382-win.exe) • Installs on all current versions of Windows

  13. KWF6: Installation • System Requirements • • CPU Intel Pentium II or compatible; 300 MHz • • 128 MB RAM • • 2 network interfaces • • 50 MB disc space free for the installation • • Free memory for logs (depends on traffic load and selected logging level) • The product supports for the following operating systems: • • Windows 2000 • • Windows XP • • Windows Server 2003 • Note: The Client for Microsoft Networks component must be installed for all supported operating systems, otherwise WinRoute will not be available as a service and NTML authentication will not function. The component is included in installation packages of all supported operating systems.

  14. Installation and Basic Configuration • Launch the installation program • kerio-kwf-6.2.0-1382-win.exe

  15. Select Components

  16. WinRoute Firewall Engine — core of the application • WinRoute Engine Monitor — utility for WinRoute Firewall Engine control and monitoring • its status (icon in the system’s notification area) • VPN Support — proprietary VPN solution developed by Kerio Technologies, • Kerio Administration Console — the Kerio Administration Console application (universal console for all server applications of Kerio Technologies)

  17. Restart the machine when the installation has completed. This will install the WinRoute low-level driver into the system kernel. • WinRoute Engine will be automatically launched after restart. • The engine runs as a service. • The WinRoute Engine Monitor will be launched after a user login. This utility monitors the Engine status and is used to start or stop the engine. • WinRoute Engine Monitor icon is displayed in the system’s notification area (system tray).

  18. Conflicting System Services • Internet Connection Sharing and Internet Connection Firewall • Universal Plug and Play Device Host and SSDP Discovery Service

  19. Admin Console Settings

  20. Remote Access to Admin Console

  21. Restart After Install • Engine Monitor: • Appears as system tray icon • Right Clicking shows context Menu

  22. First Start Setup

  23. Configuration Wizard

  24. Internet thru Ethernet

  25. Internet thru Dialup

  26. Allowed Internet Services to Clients

  27. Local Services Publishing

  28. Enable NAT

  29. Lets go to the Actual Process • Kerio Installed on Lab PCs

  30. References • http://download.kerio.com/archive/ Select Kerio Control (Firewall Software / Appliance) • http://www.astaro.com/products • http://www.astaro.com/support/downloads • https://support.astaro.com/support/index.php/Main_Page • http://www.watchguard.com/products/compare.asp • https://www.icsalabs.com

  31. Kerio Control Packages

  32. Kerio Control Documentation

  33. Questions ?????????????????????????????????? adeel.akram@gmail.com

More Related