Firewall Course Work

7/31/2019 Firewall Course Work

1/15

Date: 16/03/2012

Module Tutor: Bo Li

Module code:CC3021N

Comparison of different types of firewall | Abdul Mannan 06037871

LONDONMETROPOLITANUNIVERSITY

Principles of Network Security: CWFirewall


2/15

Abdul Mannan Student ID 06037871

ContentsContents .............................................................................................. 2

1 Introduction ...................................................................................... 3

2 Literature review .............................................................................. 4

2.1 Firewall.......................................................................................................... 4

2.1.1 Hardware Firewall.................................................................................... 4

2.2 Purpose of Firewall........................................................................................ 7

2.3 How does it work ........................................................................................... 8

2.4 Types of firewall ........................................................................................... 8

2.4.1 Packet Filtering ....................................................................................... 8

2.4.2 Circuit-Level Gateways .......................................................................... 10

2.4.3 Application Gateways ............................................................................ 10

2.4.4 Stateful Multilayer Inspection ................................................................ 12

3 Comparison ..................................................................................... 13

4 Conclusion ......................................................................................13

4.1 Recommendation ....................................................................................... 13

2 | P a g e


3/15


Abstract

In this report my main aim is to assume that I am working as a consultant for a

network security organisation and prepare a report comparing different type of

firewalls available.by using the internet and other sources I will create a report

that will give the strengths and weakness of each product, I will also state wherethis product would generally be used.

1 Introduction

The internet has millions of data available for free to users to consume and share

it has evolved to such an extent we now play games, stream live TV, and even talk

using the internet on the go most are completely free, for many of us it has

become so essential that we cant get on with our normal lives but yet by

connecting to the internet has become a risk our confidential data could be

available to hackers or intruders if we dont have a firewall in place.

Threat has moved slowly from being most dominant in lower layer of the network

traffic to the application layer, this has reduced the effectiveness of firewall in

stopping threats that is carried through the network communications but firewall is

still needed to stop the threats that continue to work at the lower layer of network

traffic .firewall is good at providing some protection at the application layer

supplementing the capabilities of other network security technologies (CNG)

Firewall is the most basic form of protection users can have for their network andthere are many types of firewall to choose from depending on the network.

Firewall watches the traffic and examines suspicious activity and used for two

main reason

To keep people (intruders, hackers) out

To keep people (students, lecturers) in (VSC)

3 | P a g e


4/15


2 Literature review

2.1 Firewall

Firewall can be hardware or software program that prevents unauthorised access

to or from a network and it must have at least two network interfaces, one for thenetwork it is intended to protect, and one for the network it is exposed to.

Firewall also control the flow of network traffic between network and hosts that

employs differing security postures at one time most firewall was deployed at the

network perimeters.(VSC) This provided some form of protection for internal host

but did not recognise all forms of attacks, and attacks sent from one internal host

to another do no pass through the network firewall because of this reason network

designers now include firewall functionality at other places other than the network

perimeter to provide additional layer of security and also to protect mobile devices

that are place onto external networks.(CNG)

Firewall is used to safeguard the data within the network all data entering or

leaving the network will have to pass through a security check (firewall) which will

examine each packet that do no not meet the specified security criteria and then

will be rejected and denied access. The firewall is part of an overall security policy

that creates a perimeter defence designed to protect the information resources of

the network. (LSC)

The firewall will sit at the junction point or gateway between the two networks,

normally a private network and a public network such as the Internet. The earliest

firewalls were just routers. The term firewall comes from the fact that bysegmenting a network into different physical sub networks, they will limit the

damage caused that could of spread from one subnet to another just like fire doors

or firewalls. Below I have included diagrams showing the connection taking place.

(VSC)

2.1.1 Hardware Firewall

The hardware firewall will be often called a network firewall because its an

external box sitting between the internet and the computer for home network they

are normally integrated in the routers itself. This will allow you to connect on the

public network (internet) and even share the connection with other computers.

(CSR)

2.1.1.1 Advantages

Hardware firewall can protect an entire network compared to software firewall

which is thumbs up for big companies that would like minimize their spending

because firewall dont run on the computer it doesnt slow it down, hardware

firewall work more efficiently for businesses that use high speed connection such

as DSL or cable modem and also hardware firewall is harder to reach and also

difficult for malicious software to turn it off.

4 | P a g e


5/15


2.1.1.2 Disadvantages

Hardware firewalls can be expensive at first and might be more difficult to

configure and hardware firewalls treat outgoing traffic from the local network as

safe, which can be a hazard if malware, such as a worm, penetrates your network

and attempts to connect to the Internet (TIC)

(VSC)

Products for hardware firewalls

UTM10EW-100EUS - Netgear NG Prosecure UTM10 Hardware Firewall inc 1YR

Email, Web & Maintenance/Support Subscription

The ProSecure UTM series of all-in-one gateway security has a combination of

security options to keep business safe and secure from the Web, email, and

network threats. Malware hosted on Web pages, phishing attacks, spam, virus

infected emails, hackers, and denial-of-service attacks,

Because comprehensive network security requires a lot of processing power to

examine the network in real time this all in one security solution is all a network

needs.

5 | P a g e


6/15


2.1.2 Software FirewallSoftware firewall work in a similar manner as the hardware firewall by monitoring

and blocking data that comes in to the computer via public networks but software

firewalls need to be installed as a program in to the computer. (AWC)

2.1.2.1 Advantages

Because software firewall runs on a computer it can get more information about

the network traffic and the ports it is using and familiarise with application that are

running so there are no errors based on this a software firewall can allow or block

traffic overall software firewall is able to take and investigate further at the

malicious traffic and have a report of it (SLB)

2.1.2.2 Disadvantages

One of the main disadvantages of software firewall is that it only protects the

machine that the software is installed on and for multiple implementations thesoftware has to be configured individually that will take time and can get

expensive. (SLB)

(VSC)

Products for software firewall:

6 | P a g e


7/15


Zone alarm firewall

Blocks hackers and prevents viruses & spyware from stealing your personal dataand sending it out to the Internet zone alarm has 2-Way Firewall (Inbound &

Outbound) Stops Internet attacks at the front door and even catches thieves on

their way out. Our 2-way firewall proactively protects against inbound and

outbound attacks while making you invisible to hackers.

Inbound & Outbound - monitors and blocks threat traffic in or out.

Full Stealth Mode - makes you invisible to hackers

Kill Controls - instantly disable malicious programs. (ZAS)

2.2 Purpose of Firewall

The firewall will help prevent unauthorised guests from accessing the computer

through public network and stealing important data and even infecting the

computer with virus a hacker is able to access the computer through open ports

that is connected to the internet, with a firewall these ports will be protected and

monitored from any attacks

Hackers or intruders can do massive damage such as they can plant viruses in the

computer that will send confidential details to the hacker Many firewalls will block

outbound traffic that will help prevent this from happening.The main purpose of a firewall is to separate a secure area from a less secure area

and to control communications between the two. Firewalls can perform other

functions, but is mainly responsible for controlling inbound and outbound

communications. (WMI)

Such as allowing or not allowing an application to send or receive data through a

port. Firewall should be an essential part for any computer security approach.

(AWC)

7 | P a g e


8/15


2.3 How does it work

The firewall will allow or block traffic between devices based upon the rules that

have been set by the firewall admin each rule defines a specific patter you would

want the firewall to detect (VSC)

There are many different methods firewall will use to filter out the information,

these methods work at different layers of the network which will determine how

specific the filtering option can be. (CDC)

The data gets analyses by the firewall to check if the IP address that is coming

from and the contents that its carrying, then it checks if the information is

compliant with the rules that has been configured on the firewall and then action is

taken if that rule detected is Brocken it also has the ability to analyse data at the

application level. For example all application accessed over the internet use port

depending on type of service performed and network traffic is identified by the

port number. (AWC)

2.4 Types of firewall

There are many types of firewall each with various capabilities to analyse network

traffic to allow or block traffic under set conditions by monitoring traffic

characteristics by understanding the capabilities of each type of firewall network

engineer can better understand which to implement and also critical to achieving

the protection of the network and its security needs

To compare the capabilities of different types of firewall is to look at the

transmission control protocol/internet protocol (TCP/IP) layers that is able toexamine TCP/IP communication are made of four layers that works together to

transfer data between hosts. When a user wants to transfer the data across

network the data is passed from the highest layer through intermediate layer to

the lowest layer with each layer adding more data. The lowest layer will then send

the accumulated data through the physical network. With the data then passed

upwards through the layer to its destination (CNG)

I have documented below most types of firewall and it advantages and

disadvantages and discussing their security capabilities to

2.4.1 Packet Filtering

Packet filtering firewall examines the information that is contained in the header of

a packet that is trying to pass; it will examine the source address and its

destination it works on the network level of the open system interconnection (KLT)

Packet filtering is mostly used as a first line of defence against attacks from

outside the network because most routers have built in packet filtering capabilities

it has become common. (SPS)

8 | P a g e


9/15


Below is a product that can be used for small or medium sized business this

product has the functionality of a router,packet filtering firewall, VPN gateway,and modem pool in one cost effective solution

The Epipe 2000

Shared Internet access for your entire office

Packet filtering firewall, robust security features

Secure Remote Access for mobile clients (PPTP server)

Site to Site VPN using IPsec and E2B (MLIP bonding technology) or IPsec and

IKE

Direct dial access for remote workers, and Site to Site direct dial

connections

(MLI)

Advantages

Uses very little CPU resources

Rules are set by the administrator

Very cheap

Disadvantages

Visible to hackers

No password

Lack identification options

No user authentication

9 | P a g e


10/15


2.4.2 Circuit-Level Gateways

Circuit gateway firewalls is transparent and works on the transport level of the

protocol stack they are very fast (KLT)

Product Description: Juniper Networks Secure Services Gateway 5 with ISDN

backup, S/T Interface, 128 MB Memory

The Juniper Networks SSG5 it is built for small sized offices protected from outside

network by making it invisible as everything coming from within the firewall

appears to have originated from the firewall itself. (VSJ)

Advantages

Data hidden

No need to filter each packets

Fast

Simple

Disadvantages

No protection from attacks (CRN)

Boot time

2.4.3 Application Gateways

The Application Level Gateway works as a proxy for applications all data is

exchanged with the remote system it has the option of controlling the trafficaccording to specific rules even limiting access to certain file or accounts carrying

10 | P a g e


11/15


rules according to authentication and privilege and can monitor events on the host

system and capabilities of sounding alarm or notification if rules are disobeyed An

application gateway is normally implemented on a separate computer on the

network whose primary function is to provide proxy service.(PHO)

Description

Blocking of harmful information on the web / Time Control of Internet access

Multi-Connection - By Using only one ADSL or Cable line, up to 253 PCs can

be connected to the Internet

NAT-based IP sharing - Multiple PC's in LAN can access Internet

simultaneously on a single IP account

NAT-based firewall - Provides an effective firewall

HUB - Enables multiple PC's to communicate data in LAN

Port mapping - Provides application gateway function like Web server, FTP

server, etc.(TKP)

Advantages

Examines packets at the application level

High security features such as denial of service attacks

Reject packets

11 | P a g e


12/15


No direct connection

Disadvantages

CPU requirements is high

Slow

Complicated to set up

2.4.4 Stateful Multilayer Inspection

Stateful multilayer inspection firewall has the facility of three types of firewall

combined they filter packets at the network layer and evaluate packets at the

application layer they also allow direct connection between the client and host.

(CSU)

ZyXEL ZyWALL USG50 Internet Security Firewall with Dual-WAN, 4 Gigabit LAN /

DMZ Ports, 5 IPsec VPN, SSL VPN, and 3G WAN Support

The ZyWALL is very powerful solutions for small business has the capabilities to

perform deep packet inspection and also It embodies a Stateful Packet Inspection(SPI) firewall, Anti-Virus, Intrusion Detection and Prevention (IDP), Content

Filtering, Anti-Spam, and VPN (IPsec/SSL) all in one box. This multi-layered security

safeguards your organization's customer and company records, intellectual

property, and critical resources from external and internal threats. (NCP)

Advantages

More performance then proxies

Very high security feature such as enforcing security policies at theapplication

12 | P a g e


13/15


Transparency to the end user

Disadvantages

Expensive

Complex

3 Comparison

Above I have compared most firewall type and come to a conclusion that the best

firewall is not a product itself but the feature and option it provides for the homeor a business.in most cases there is no universal firewall that best suites the

security need for all.

4 Conclusion

Serious evaluation should be taken when choosing a firewall solution for a

network. Firstly before any firewall is implemented at home user need to note

down any task they would be performing with the computers to best match what

firewall device they need for the home but I think software firewall should do the

job, but in a corporate firewall it needs to be evaluated for any security issues and

how important the data is and from that they will create a firewall security policyand then implemented after successful evaluation.

4.1 Recommendation

Network architecture and threat analysis should be performed before any

security implementation.

Firewall policies should be based on strict rule set.

Policies handling all incoming and outgoing traffic

13 | P a g e


14/15


References

(CNG) http://csrc.nist.gov/publications/nistpubs/800-41-Rev1/sp800-41-rev1.pdf

(VSC)http://www.vicomsoft.com/learning-center/firewalls/

(LSC) www.linuxsecurity.com/resource_files/firewalls/nsc/500619.html

(CSR) http://www.computer-security-review.org/faqs/firewalls/are-there-different-

types-of-firewalls.html

(SLB)

http://www.smallbusinesscomputing.com/webmaster/article.php/3103431/Firewall-

Debate-Hardware-vs-Software.htm

(AWC) http://www.antivirusware.com/articles/what-is-firewall.htm

(ZAS) http://www.zonealarm.com/security/en-us/zonealarm-pc-security-free-

firewall.htm

(TIC) http://technology.inc.com/2006/11/01/choosing-a-firewall-hardware-v-

software/

(WMI) www.whatismyipaddress.com/firewall

(CDC) http://www.comodo.com/resources/home/how-firewalls-work.php

(KLT) http://kimberleytaylor.com/articles/firewalls_type.htm

(SPS) http://www.support.psi.com/support/common/routers/files/Filter-Desc.html

(MLI) http://www.ml-ip.com/html/documentation/vpn-ug-intro-hw.html

(VSJ) http://www.vology.com/shop/juniper-ssg-5-sb-bt-5358

(CRN) http://www.careerride.com/nw-circuit-level-gateway.aspx

(PHO) http://www.pc-help.org/www.nwinternet.com/pchelp/security/firewalls.htm

(TKP) http://www.tradekorea.com/product-detail/P00006352/RG_1000.html#

(CSU) http://www.c-sharpcorner.com/uploadfile/pmalik/what-is-a-firewall/

(NCP) http://www.newegg.ca/Product/Product.aspx?Item=N82E16833181137

14 | P a g e
http://csrc.nist.gov/publications/nistpubs/800-41-Rev1/sp800-41-rev1.pdfhttp://www.vicomsoft.com/learning-center/firewalls/http://www.vicomsoft.com/learning-center/firewalls/http://www.computer-security-review.org/faqs/firewalls/are-there-different-types-of-firewalls.htmlhttp://www.computer-security-review.org/faqs/firewalls/are-there-different-types-of-firewalls.htmlhttp://www.antivirusware.com/articles/what-is-firewall.htmhttp://www.comodo.com/resources/home/how-firewalls-work.phphttp://kimberleytaylor.com/articles/firewalls_type.htmhttp://www.support.psi.com/support/common/routers/files/Filter-Desc.htmlhttp://www.ml-ip.com/html/documentation/vpn-ug-intro-hw.htmlhttp://www.vology.com/shop/juniper-ssg-5-sb-bt-5358http://www.careerride.com/nw-circuit-level-gateway.aspxhttp://www.pc-help.org/www.nwinternet.com/pchelp/security/firewalls.htmhttp://www.tradekorea.com/product-detail/P00006352/RG_1000.htmlhttp://www.c-sharpcorner.com/uploadfile/pmalik/what-is-a-firewall/http://www.newegg.ca/Product/Product.aspx?Item=N82E16833181137http://csrc.nist.gov/publications/nistpubs/800-41-Rev1/sp800-41-rev1.pdfhttp://www.vicomsoft.com/learning-center/firewalls/http://www.computer-security-review.org/faqs/firewalls/are-there-different-types-of-firewalls.htmlhttp://www.computer-security-review.org/faqs/firewalls/are-there-different-types-of-firewalls.htmlhttp://www.antivirusware.com/articles/what-is-firewall.htmhttp://www.comodo.com/resources/home/how-firewalls-work.phphttp://kimberleytaylor.com/articles/firewalls_type.htmhttp://www.support.psi.com/support/common/routers/files/Filter-Desc.htmlhttp://www.ml-ip.com/html/documentation/vpn-ug-intro-hw.htmlhttp://www.vology.com/shop/juniper-ssg-5-sb-bt-5358http://www.careerride.com/nw-circuit-level-gateway.aspxhttp://www.pc-help.org/www.nwinternet.com/pchelp/security/firewalls.htmhttp://www.tradekorea.com/product-detail/P00006352/RG_1000.htmlhttp://www.c-sharpcorner.com/uploadfile/pmalik/what-is-a-firewall/http://www.newegg.ca/Product/Product.aspx?Item=N82E16833181137


15/15


Bibliography

http://www.vicomsoft.com/learning-center/firewalls/

http://www.buzzle.com/articles/what-is-the-purpose-of-a-firewall.html

http://www.pc-help.org/www.nwinternet.com/pchelp/security/firewalls.htm

http://whatismyipaddress.com/firewall

http://www.networkworld.com/subnets/cisco/060109-ch1-cisco-secure-

firewalls.html?page=1

http://acw1-nt.wikidot.com/what-is-a-firewall

http://www.comtest.com/tutorials/firewalls.html

http://searchnetworking.techtarget.com/tutorial/Introduction-to-firewalls-Types-of-

firewalls

http://www.computer-security-review.org/faqs/firewalls/are-there-different-types-

of-firewalls.html

http://www.aboutonlinetips.com/what-is-a-computer-firewall/

http://en.wikipedia.org/wiki/Internet_security#Types_of_firewalls

http://www.techrepublic.com/forum/questions/101-314601/stateful-firewalls

http://csrc.nist.gov/publications/nistpubs/800-41-Rev1/sp800-41-rev1.pdf

15 | P a g e
http://www.vicomsoft.com/learning-center/firewalls/http://www.buzzle.com/articles/what-is-the-purpose-of-a-firewall.htmlhttp://www.pc-help.org/www.nwinternet.com/pchelp/security/firewalls.htmhttp://whatismyipaddress.com/firewallhttp://www.networkworld.com/subnets/cisco/060109-ch1-cisco-secure-firewalls.html?page=1http://www.networkworld.com/subnets/cisco/060109-ch1-cisco-secure-firewalls.html?page=1http://acw1-nt.wikidot.com/what-is-a-firewallhttp://www.comtest.com/tutorials/firewalls.htmlhttp://searchnetworking.techtarget.com/tutorial/Introduction-to-firewalls-Types-of-firewallshttp://searchnetworking.techtarget.com/tutorial/Introduction-to-firewalls-Types-of-firewallshttp://www.computer-security-review.org/faqs/firewalls/are-there-different-types-of-firewalls.htmlhttp://www.computer-security-review.org/faqs/firewalls/are-there-different-types-of-firewalls.htmlhttp://www.aboutonlinetips.com/what-is-a-computer-firewall/http://en.wikipedia.org/wiki/Internet_security#Types_of_firewallshttp://www.techrepublic.com/forum/questions/101-314601/stateful-firewallshttp://csrc.nist.gov/publications/nistpubs/800-41-Rev1/sp800-41-rev1.pdfhttp://www.vicomsoft.com/learning-center/firewalls/http://www.buzzle.com/articles/what-is-the-purpose-of-a-firewall.htmlhttp://www.pc-help.org/www.nwinternet.com/pchelp/security/firewalls.htmhttp://whatismyipaddress.com/firewallhttp://www.networkworld.com/subnets/cisco/060109-ch1-cisco-secure-firewalls.html?page=1http://www.networkworld.com/subnets/cisco/060109-ch1-cisco-secure-firewalls.html?page=1http://acw1-nt.wikidot.com/what-is-a-firewallhttp://www.comtest.com/tutorials/firewalls.htmlhttp://searchnetworking.techtarget.com/tutorial/Introduction-to-firewalls-Types-of-firewallshttp://searchnetworking.techtarget.com/tutorial/Introduction-to-firewalls-Types-of-firewallshttp://www.computer-security-review.org/faqs/firewalls/are-there-different-types-of-firewalls.htmlhttp://www.computer-security-review.org/faqs/firewalls/are-there-different-types-of-firewalls.htmlhttp://www.aboutonlinetips.com/what-is-a-computer-firewall/http://en.wikipedia.org/wiki/Internet_security#Types_of_firewallshttp://www.techrepublic.com/forum/questions/101-314601/stateful-firewallshttp://csrc.nist.gov/publications/nistpubs/800-41-Rev1/sp800-41-rev1.pdf

Firewall Course Work

Documents