1 / 31

Windows Firewall and Caching Fundamentals

Learn about perimeter security, Windows Firewall, rule creation, monitoring, and troubleshooting. Understand proxy servers, reverse proxy servers, and host-based firewalls.

pinkston
Download Presentation

Windows Firewall and Caching Fundamentals

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Module 10: Windows Firewall and Caching Fundamentals

  2. Module 10: Windows Firewall and Caching Fundamentals • Overview of Perimeter Security • Windows Firewall Overview • Creating Windows Firewall Rules • Monitoring and Troubleshooting Windows Firewall

  3. Lesson 1: Overview of Perimeter Security • Discussion: Security Concerns for a Perimeter Network • What Is A Proxy Server? • What Is a Reverse Proxy Server? • What Is a Host-based Firewall?

  4. Discussion: Security Concerns for a Perimeter Network • What are some of the resources that are located in a perimeter network? • Why is a perimeter network more at risk than an internal network? • What are some specific risks to perimeter network resources?

  5. What Is A Proxy Server? A proxy server: • Accepts request on behalf of a client computer • Isolates client computers from resources • Requires client computers to be configured to use the proxy server • Uses caching to increase data access speed • Can evaluate contents of packets not only port numbers Client Computer Web Server Proxy Server

  6. What Is a Reverse Proxy Server? A reverse proxy: • Accepts requests on behalf of a server • Isolates servers from client computers • Points to a single server • Requires no client computer configuration • Uses caching to reduce load on a server Web Server Proxy Server Client Computer

  7. What Is a Host-based Firewall? A host-based firewall: • Is a software firewall on the operating system • Is effective on the internal network • Allows software-based exceptions in addition to IP- and port-based exceptions

  8. Lesson 2: Windows Firewall Overview • What Is Windows Firewall? • New Features in Windows Firewall • Windows Firewall Administration Tools • Options Available Through Basic Firewall Configuration • Default Windows Firewall Configuration • Demonstration: Basic Firewall Configuration

  9. What Is Windows Firewall? Windows Firewall is: • A host-based firewall • Enabled by default • Automatically configured when new roles and features are installed

  10. New Features in Windows Firewall New features in Windows Firewall include:

  11. Windows Firewall Administration Tools Basic firewall configuration: • Available through Control Panel • Does not control outbound rules or IPsec • Resembles earlier versions of Windows Firewall Windows Firewall with Advanced Security: • Allows complete configuration of Windows Firewall • Allows configuration of IPsec rules

  12. Options Available Through Basic Firewall Configuration • Basic firewall configuration options include: • Enable or disable • Block all incoming connections • Configure exceptions • Specify enabled adapters

  13. Default Windows Firewall Configuration The default Windows Firewall configuration is: • All inbound connections are blocked • All outbound connections are allowed • Inbound exceptions are automatically modified for new roles and features

  14. Demonstration: Basic Firewall Configuration In this demonstration, you will see how to perform basic firewall configuration

  15. Lesson 3: Creating Windows Firewall Rules • What Are Profiles? • What Are Rules? • What Are Rule Types? • Rule Configuration Options • What Are Connection Security Rules? • Demonstration: Creating a Rule

  16. What Are Profiles?

  17. What Are Rules? Inbound rules: • Prevent incoming connections from other hosts • Reduce the attack surface Outbound rules: • Prevent outgoing connections from this host • Stop unauthorized software from communicating outside

  18. What Are Rule Types? Rule types include:

  19. Rule Configuration Options Rule configuration options include:

  20. What Are Connection Security Rules? Connection security rules define the authentication process for IPsec rules

  21. Demonstration: Creating a Rule In this demonstration, you will see how to create a rule

  22. Lesson 4: Monitoring and Troubleshooting Windows Firewall • What Is the Monitoring Node? • Logging Options for Windows Firewall • Restoring Windows Firewall Configuration Settings • What Is the Windows Firewall Service? • Discussion: Troubleshooting Windows Firewall • Demonstration: Monitoring Windows Firewall

  23. What Is the Monitoring Node? • The Monitoring node: • Provides an overview of current settings • Displays active firewall rules • Displays Connection Security Rules • Displays Security Associations <screenshot>

  24. Logging Options for Windows Firewall • Logging options include: • File name and location (%windir%\system32\logfiles\firewall\pfirewall.log) • Size limit (4 MB default) • Log dropped packets (default: no) • Log successful connections (default: no)

  25. Restoring Windows Firewall Configuration Settings Configuration setting options include:

  26. What Is the Windows Firewall Service? Windows Firewall Service: • Is the service that controls Windows Firewall • Must be running to protect the local computer • Can be stopped and started if experiencing problems • Must have write access to the location of log files

  27. Discussion: Troubleshooting Windows Firewall What steps would you take to troubleshoot Windows Firewall?

  28. Demonstration: Monitoring Windows Firewall In this demonstration, you will see how to monitor Windows Firewall

  29. Lab: Using Windows Firewall • Exercise 1: Limiting Access to a Web Application • Exercise 2: Distributing Windows Firewall Rules by Using Group Policy Logon information Estimated time: 60 minutes

  30. Lab Review • How does using Group Policy help you distribute Windows Firewall rules to multiple computers? • Can you bypass the Windows Firewall rule that prevents Iexplore.exe from accessing the network?

  31. Module Review and Takeaways • Review Questions • Real-world Issues and Scenarios • Best Practices

More Related