Firewall
20
Firewall Design & Implementation Issues Prepared by : Kunal Kumar Submitted to : Ms. Hanisha Chhabra
-
Upload
kunal-kumar -
Category
Engineering
-
view
95 -
download
12
description
self made best ppt
Transcript of Firewall
Firewall Design
& Implementation Issues
Prepared by : Kunal Kumar
Submitted to : Ms. Hanisha Chhabra
Contents Origin of Firewall Introduction What a Firewall actually means ? Needs History Types Design and Implementation Issues Policies Conclusions
Origin of concept of Firewall
With the rapid growth of the internet and security flaws in operating system, network security has become a major concern for the organizations throughout the world.
Also the hacking tools needed to penetrate the security of corporate networks are widely used.
Because of this increased focus on network security, network administrators worked over this issue and developed a tool called as Firewall.
Introduction Blocks Unauthorized access: A Firewall is a part of
computer system and computer network which is designed to BLOCK the unauthorized access while permitting authorized connection.
Physical Firedoors: Its job is similar to a physical firedoors that keeps a fire from spreading from one area to another.
Hardware and/or Software: It can be implemented either as a software or a hardware or the combination of both.
Firewall protects the network from unauthorized use by attackers.
What a Firewall actually means ?
A firewall is a BARRIER to keep destructive forces away from our property/ assets. In fact, that is why it is called a Firewall.
In other words, it is a device or set of devices which is configured to permit or deny computer applications based upon set of rules and criteria.
Why Firewalls are needed ?
Remote log-in :- This is when someone is able to connect to a computer and control it in some form.
VIRUS :- The most common threat is computer virus. A virus is a small program that can copy itself to other computer.
Why Firewalls are needed ?
SOURCE ROUTING :- In most of the cases, the path taken by a packet to travel over the internet is determined by the routers along that path. But sometimes source itself specify the route through which the packet have to travel. Hackers sometimes take advantage of this source routing. Firewall simply DISABLE source routing by Default.
Firewalls History
First generation - Packet filters This firewall technology was in 1988 by Jeff
Mogul from Digital Equipment Corporation (DEC).
Second generation - Circuit level From 1980-1990 two colleagues from AT&T
Company, developed the second generation of firewalls known as circuit level firewalls.
Third generation - Application layer Gene Spafford of Purdue University, Bill
Cheswick at AT&T Laboratories described a third generation firewall. also known as proxy based firewalls.
Types of Firewall Packet filtering
Circuit level gateway
Application level firewall
Packet Filtering First generation of Firewall. Also known as Screening
routers and Filtering routers. Operates at Network layer or
Transport layer of OSI Model. Routers are used to protect Intranet
by blocking certain packets that’s why they are called Filtering or Screening routers.
Packet Filters
Circuit level gateway 2nd generation of Firewall.
Operates at Session layer of the OSI model, or TCP/IP layer of the TCP/IP.
They monitor TCP handshaking between packets to determine whether a requested session is legal. Traffic is filtered based on the specified session rules, such as when a session is initiated by the recognized computer.
Circuit level gateway
Application level Firewall 3rd Generation firewall. Also known as Proxy Firewalls. Operates at Application layer of
OSI or TCP/IP model and hence known as Application layer Firewall.
It works like a proxy—middleman, agent, substitute which has the authority to represent someone else
Firewalls - Application Level Gateway (or Proxy)
Design and Implementation Issues
The first and most important decision reflects the policy of how our organization wants to operate the system.
All traffic from inside to outside and vice-versa must pass to the firewall which can be achieved by physically locking all access to the local network accepted to the firewall.
Only authorized packet defined by local security policy will be allowed to pass.
Financial Issues : Complete firewall may be higher in cost.
Conclusions Don’t make the mistake of thinking that no one
will attack your network, because with the rise in automated attack tools, your network is as much at risk as every other network on the Internet.
Nearly every organization connected to the Internet has installed some sort of firewall.
When choosing and implementing a firewall solution, make a decision based on the organization's needs, security policy, technical analysis, and financial resources. Solutions available today utilize different types of equipment, network configurations, and software.
...Thankew.
..
