PRESENTERS :- VARUN SACHDEVA ABHISHEK KHYATI MATHUR PRABHDEEP KAUR Presentation :’F irewalls’ 1
Aug 09, 2015
1
PRESENTERS :-
VARUN SACHDEVA ABHISHEK
KHYATI MATHUR
PRABHDEEP KAUR
Presentation :’Firewalls’
2
Introduction
FireWall is device that provides secure connectivity between networks..
A firewall may be a hardware, software, or a combination of both that is used to prevent unauthorized programs or Internet users from accessing a private network and/or a single computer.
3
Hardware vs. Software Firewalls
Hardware Firewalls Protect an entire network Implemented on the router level Usually more expensive, harder to configure
Software Firewalls Protect a single computer Usually less expensive, easier to configure
4
How does a software firewall work?
Inspects each individual “packet” of data as it arrives at either side of the firewall
Determines whether it should be allowed to pass through or if it should be blocked
5
Types of Firewalls
Common types of Firewalls:
1. Packet-filtering routers2. Application-level gateways13. Circuit-level gateways1
6
◦Packet-filtering Router
• Applies a set of rules to each incoming IP packet and then forwards or discards the packet
◦Filter packets going in both directions◦The packet filter is typically set up as a list of
rules based on matches to fields in the IP or TCP header
◦Two default policies (discard or forward)
7
Packet Filtering Firewall
Trusted Network
Firewall rule set
Packet is Blocked or Discarded
Untrusted Network
8
Packet Filtering Firewall
A packet filtering firewall is often called a network layer firewall because the filtering is primarily done at the network layer (layer three) or the transport layer (layer four) of the OSI reference model.
9
Application-level Gateway
Gateway sits between user on inside and server on outside. Instead of talking directly, user and server talk through proxy.
Allows more fine grained and sophisticated control than packet filtering. For example, ftp server may not allow files greater than a set size.
A mail server is an example of an application gateway◦ Can’t deposit mail in recipient’s mail server without passing
through sender’s mail server
host-to-gatewayftp session
gateway-to-remote host ftp session
applicationgateway
10
Application Gateways/Proxies
11
Circuit-level Gateway
1. Stand-alone system 2. Specialized function performed by an Application-level
Gateway3. Sets up two TCP connections4. The security function consists of determining which
connections will be allowed5. Typically use is a situation in which the system administrator
trusts the internal users
12
Circuit-level Gateway
13
Firewall Rules
Allow – traffic that flows automatically because it has been deemed
Block – traffic that is blocked because it has been deemed dangerous to your computer
Ask – asks the user whether or not the traffic is allowed to pass through
14
Making The Firewall Fit
IP address
Domain names
Protocols
15
What It Protects You From
Remote login
Simple Mail Transfer Protocol session hijacking
Operating system bugs
Spam
16
Conclusion
17
What a personal firewall can do ?
• Stop hackers from accessing your computer.
• Protects your personal information.
• Blocks “pop up” ads and certain cookies.
• Determines which programs can access the Internet.
• Block invalid packets.
18
• What a personal firewall cannot do ?
• Cannot prevent e-mail
viruses– Only an antivirus product
with updated definitions can
prevent e-mail viruses.
• After setting it initially, you cannot forget about it– The firewall will require periodic updates to the rulesets
and the software itself.
19
Thank you