mahalingam ramkumar n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Firewalls PowerPoint Presentation
Download Presentation
Firewalls

Loading in 2 Seconds...

play fullscreen
1 / 24

Firewalls - PowerPoint PPT Presentation


  • 162 Views
  • Uploaded on

Mahalingam Ramkumar. Firewalls. Evolution of Networks. Centralized data processing LANs Premises network – interconnection of LANs and mainframes Enterprise-wide network – interconnection of LANs in a private WAN LANs interconnected using the Internet and using virtual private networks.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Firewalls' - chuck


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
evolution of networks
Evolution of Networks
  • Centralized data processing
  • LANs
  • Premises network – interconnection of LANs and mainframes
  • Enterprise-wide network – interconnection of LANs in a private WAN
  • LANs interconnected using the Internet and using virtual private networks
what is a firewall
What is a Firewall?
  • A “choke point”
  • A location for monitoring security related events
    • Audits and alarms
  • Non-security related functions
    • NAT, network management
  • An end-point for IPSec
firewall limitations
Firewall Limitations
  • Cannot protect from attacks bypassing it
    • eg sneaker net, utility modems, trusted organisations, trusted services (eg SSL/SSH)
  • Cannot protect against internal threats
    • eg disgruntled employee
  • Cannot protect against transfer of virus infected programs or files
    • because of huge range of O/S & file types
firewall basic types
Firewall – Basic Types
  • Packet-Filtering Router
  • Stateful Inspection Firewalls
  • Application Level Gateway
  • Circuit Level Gateway
packet filters1
Packet Filters
  • Filtering based on
    • Source IP address
    • Destination IP address
    • Source and Destination transport-level address
    • IP protocol field
    • Interface (physical)
  • Rules!
    • Configuration files
    • Explicit allow / block
attacks on packet filtering
Attacks on Packet Filtering
  • IP address spoofing
  • Source routing attacks
  • Tiny fragment attacks
firewalls stateful packet filters
Firewalls – Stateful Packet Filters
  • Examine each IP packet in context
    • keeps tracks of client-server sessions
    • checks each packet belongs to a valid session
  • Better ability to detect bogus packets “out of context”
  • A session might be pinned down by
    • Source IP and Port,
    • Dest IP and Port,
    • Protocol, and
    • Connection State
application level gateway
Application Level Gateway
  • Application specific gateway / proxy
  • has full access to protocol
    • user requests service from proxy
    • proxy validates request as legal
    • acts on behalf of the user,
    • returns result to user
  • need to separate proxies for each service
    • some services naturally support proxying
    • others are more problematic
    • custom services generally not supported
circuit level gateway
Circuit Level Gateway
  • Relays two TCP connections
  • Imposes security by limiting types of connections that are allowed
  • Once created, usually relays traffic without examining contents
  • Typically used with trusted internal users (by allowing general outbound connections)
  • SOCKS (RFC 1928)
    • SOCKS server
    • SOCKS client library
    • SOCKSified versions of application programs
bastion host
Bastion Host
  • Highly secure host system
  • Exposed to "hostile" elements
    • hence secured to withstand attacks
    • Trusted System
  • May be single or multi-homed
  • Enforce trusted separation between network connections
  • Run circuit / application level gateways
  • Provide externally accessible services
firewall configurations
Firewall Configurations
  • Screened Host – Single Homed Bastion Host
  • Screened Host – Dual Homed Bastion Host
  • Screened Subnet
access control
Access Control
  • Given that system has identified a user
  • Determine what resources they can access
  • General model - access matrix
    • subject - active entity (user, process)
    • object - passive entity (file or resource)
    • access right – way object can be accessed
  • can decompose by
    • columns as access control lists
    • rows as capability tickets
trusted computer systems
Trusted Computer Systems
  • Varying degrees of sensitivity of information
    • military classifications: confidential, secret, TS, etc
  • Subjects (people or programs) have varying rights of access to objects (information)
  • Need to consider ways of increasing confidence in systems to enforce these rights
  • Multilevel security
    • subjects have maximum & current security level
    • objects have a fixed security level classification
bell lapadula blp model
Bell LaPadula (BLP) Model
  • One of the well-known security models
  • Implemented as mandatory policies on system
  • Two key policies:
    • no read up (simple security property)
      • a subject can only read/write an object if the current security level of the subject dominates (>=) the classification of the object
    • no write down (*-property)
      • a subject can only append/write to an object if the current security level of the subject is dominated by (<=) the classification of the object