overview of firewalls n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Overview of Firewalls PowerPoint Presentation
Download Presentation
Overview of Firewalls

Loading in 2 Seconds...

play fullscreen
1 / 14

Overview of Firewalls - PowerPoint PPT Presentation


  • 96 Views
  • Uploaded on

Overview of Firewalls. Outline. Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration Firewall Issues Summary List of References. Objective.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Overview of Firewalls' - quennell


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
outline
Outline
  • Objective
  • Background
  • Firewalls
  • Software Firewall
  • Hardware Firewall
  • Demilitarized Zone (DMZ)
  • Firewall Types
  • Firewall Configuration
  • Firewall Issues
  • Summary
  • List of References
objective
Objective
  • To provide background on hardware and software firewalls, how they work and how they should be configured.
background
Background
  • To create the most secure environment for our information systems, we would like to lock them up somewhere and not connect them to the Internet!
    • Not practical or useful
  • Lets create a place (much like the gate in a walled castle) where we force all of the traffic to enter and or leave and we can closely observe it
firewalls
Firewalls
  • A firewall is a hardware or software device which is configured to permit, deny or proxy data through a computer network which has different levels of trust
  • A firewall's basic task is to transfer traffic between computer networks of different trust levels. Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust.

http://en.wikipedia.org/wiki/Firewall

firewalls1
Firewalls
  • A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to as a "perimeter network" or Demilitarized Zone (DMZ)
demilitarized zone
Demilitarized Zone
  • Connections from the internal and the external network to the DMZ are permitted, while connections from the DMZ are only permitted to the external network — hosts in the DMZ may not connect to the internal network.
  • This allows the DMZ's hosts to provide services to both the internal and external network while protecting the internal network in case intruders compromise a host in the DMZ.
  • The DMZ is typically used for connecting servers that need to be accessible from the outside world, such as e-mail, web and DNS servers.

http://en.wikipedia.org/wiki/Demilitarized_zone_%28computing%29

software firewall
Software Firewall
  • Software loaded on a PC that performs a firewall function.
    • Protects ONLY that computer
  • There are many commercially available software firewall products.
  • After loading on a PC, it may have to be configured correctly in order to perform optimally.
  • Many operating systems contain a built-in software firewall

Internet

PC

Firewall

hardware firewall
Hardware Firewall
  • Hardware device located between the Internet and a PC (or PCs) that performs a firewall function
    • Protects ALL of the computers that it is behind
  • Many have a subnet region of lesser security protection called a Demilitarized Zone (DMZ).
  • May perform Network Address Translation (NAT) which provides hosts behind the firewall with addresses in the "private address range". This functionality hides true addresses of protected hosts and makes them harder to target.
  • There are several commercially available hardware firewall products.
  • After installation, it may have to be configured correctly in order to perform optimally.

Internet

DMZ

PC

Firewall

PC

PC

PC

firewall types
Firewall Types
  • Packet Filters, also called Network Layer Firewalls, operate at a relatively low level of the TCP/IP protocol stack, not allowing packets to pass through the firewall unless they match the established ruleset. The firewall administrator may define the rules; or default rules may apply.
  • Application-Layer Firewalls work on the application level of the TCP/IP stack (i.e., all browser traffic, or all telnet or ftp traffic), and may intercept all packets traveling to or from an application while blocking other packets. In principle, application firewalls can prevent all unwanted outside traffic from reaching protected machines.
  • A Proxy device acts as a firewall by responding to input packets (connection requests, for example) in the manner of an application, while blocking other packets. They make tampering with an internal system from the external network more difficult.

http://en.wikipedia.org/wiki/Firewall

firewall configuration
Firewall Configuration
  • Self-learning - some software firewalls will prompt the user as connection attempts occur (in-bound and out-bound) and ask for permission.
  • Some require subscription to White/Black Lists.
  • Many require (or can also be configured) that allowable ports and/or IP addresses be listed.
    • Access Control List – ACL
    • Requires a “knowledgeable” user
firewall issues
Firewall Issues
  • Some firewalls can also help protect against other problems such as viruses, spam, etc.
    • However, just because you have a firewall, don’t believe you are fully protected against malware.
  • Firewalls CANNOT protect against traffic or software that does not come through it.
    • Unauthorized connections (Modem, wireless, etc.)
    • Malware delivered via CD, DVD, Thumbdrives, etc.
summary
Summary
  • In this section we have tried to provide some background on hardware and software firewalls, how they work and how they should be configured.
list of references
List of References
  • http://en.wikipedia.org/wiki/Firewall
  • http://en.wikipedia.org/wiki/Demilitarized_zone_%28computing%29
  • http://www.htmlgoodies.com/beyond/security/article.php/347320
  • http://www.pcstats.com/articleview.cfm?articleID=1618
  • http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx
  • http://www.microsoft.com/technet/community/columns/cableguy/cg0204.mspx

CyberPatriot wants to thank and acknowledge the CyberWatch program

which developed the original version of these slides and who has graciously

allowed their use for training in this competition.