1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What...
-
Upload
cory-daniels -
Category
Documents
-
view
213 -
download
0
Transcript of 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What...
![Page 1: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/1.jpg)
1OFF SYMB - 04/21/23
Firewalls Basics
![Page 2: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/2.jpg)
2OFF SYMB - 04/21/23
Overview
• Why we have firewalls
• What a firewall does
• Why is the firewall configured the way it is
![Page 3: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/3.jpg)
3OFF SYMB - 04/21/23
Why Do We Have Firewalls??
• Recent Network Security Compromises
— Pentagon Domain Name Server
— March AFB Web Server
— Senate Web Server
• Network hacking has been simplified by the proliferation of tools available on the Internet
— Satan
— Crack
— Ping of Death
![Page 4: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/4.jpg)
4OFF SYMB - 04/21/23
Why Do We Have Firewalls??
Establishes a physical perimeter to protect your internal assets. Centralizes & consolidates management & enforcement of network access
policies. Saves $$ by consolidating security measures, investments, & admin. but ... … also consolidates your risks (all eggs in one basket)
Guard or Firewall
Internet
Attackers
User
Localarea
networkUser
Internal Servers
User
Internal Servers
Internal Servers
Internal Servers
Components:Your Policy: “Deny access to any service unless it is expressly permitted” implemented & enforced via a combination of:
Each Component performs a different role in implementing
your policy
• Hardware,• OS Software,• Application Software
![Page 5: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/5.jpg)
5OFF SYMB - 04/21/23
What does the Firewall Do??Overview
• Proxying
• Stateful Packet Inspection
• IP Filtering
• Access Control Lists
• Network Address Translation
• Logging
• Centralized Security Policy
• Type Enforcement
![Page 6: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/6.jpg)
6OFF SYMB - 04/21/23
Proxying
• Proxies are applications “running” on the firewall built to intercept communications for specific protocols and will explicitly allow only necessary, secure, and valid operations.
— Proxies are written by the vendor to handle a specific type of traffic (RealAudio, SQL*NET)
— Proxies examine all packets of a connection and therefore exact a performance penalty
![Page 7: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/7.jpg)
7OFF SYMB - 04/21/23
Stateful Packet Inspection
• Stateful Packet Inspection (SPI) technology keeps tables to track the status of each connection, as well as commands that appear in the data stream, and regulates traffic flow accordingly.
— The tables are checked before data is processed by the OS of the firewall
— Header information from the original connection passes through the firewall unchanged if the defined policy allows the access.
![Page 8: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/8.jpg)
8OFF SYMB - 04/21/23
IP Filtering
• IP Filtering allows all ports for a particular protocol (TCP,UDP,ICMP) to pass through the firewall
— IP filters allows packets to pass through unaltered and does not check headers for traffic types
— IP filtering provides very little protection and should not be used (Consider it a hole in the firewall)
![Page 9: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/9.jpg)
9OFF SYMB - 04/21/23
Access Control Lists
• Access Control List (ACL) is a mechanism that permits IP addresses to communicate in accordance to certain rules
• ACLs are used in conjunction with proxies, SPI, and IP filters
• ACLs provide granularity to the control over access
![Page 10: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/10.jpg)
10OFF SYMB - 04/21/23
Network Address Translation
• Network Address Translation (NAT) hides the addresses of all devices initiating connections from inside your network by converting their source address to the firewall's external address.
• NAT prevents external threats from gaining knowledge of the internal network structure of the base
![Page 11: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/11.jpg)
11OFF SYMB - 04/21/23
Logging
• Firewalls provide a central logging point that records all connections both successful and failed
• These logs can then be parsed to determine problem areas ( i.e. Misconfigured internal machines, person engaging in improper use of the network)
![Page 12: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/12.jpg)
12OFF SYMB - 04/21/23
Centralized Security Policy
• Reduces the number of systems that are exposed to security risks as only the firewall is exposed to attacks from the Internet
• Gives a single point at which an administrator can control network access to and from the Internet
• Simplifies security management by providing a GUI
![Page 13: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/13.jpg)
13OFF SYMB - 04/21/23
Type Enforcement Advantages
Provides “breach containment” Separates applications into domains Controls which resources each domain
can accessSoftware in a domain is granted access only
to resources it needs, and forbidden access to anything else
An access violation is triggered if any access outside of the current domain is attempted
Restricts malicious activity to the offending or compromised domain
Unique to the Sidewinder firewall
Admin
User
News Network
Telnet
FTP
WWW
![Page 14: 1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.](https://reader036.fdocuments.in/reader036/viewer/2022082820/5697bf7c1a28abf838c83f9f/html5/thumbnails/14.jpg)
14OFF SYMB - 04/21/23
Network Security Policy
• Defines overall roles and responsibilities of network security
• Defines security requirements, principles, and policies
• Network Infrastructure Services and Protocols Policy
— Listing of 33 infrastructure services and policies, their vulnerabilities, and usage policy