Introduction to Firewalls - University of Texas at Dallas€¦ · Web viewAllow a program or...

Lecture 5 Windows FirewallCyberPatriot Lab Manual

Lecture 5 Windows FirewallTable of ContentsIntroduction to Firewalls1

Why Firewalls2

Location of Firewalls2

Using a Demilitarized Zone (DMZ)3

Types of Firewalls4

Packet Filtering [2]4

Stateful Inspection Filtering Example [4]4

Application amp Proxy5

Unified Threat Management (UTM) and Next-generation Firewalls (NGFWs)6

Network Location Awareness6

Public Network6

Private Network7

Domain Network7

Turning Windows Firewall On and Off9

Allowing Programs10

Introduction to Windows Firewall with Advanced Security12

Configuring the Action Center23

Using Windows Defender23

Configuring Windows Defender25

References30

Introduction to FirewallsFirewalls can be implemented in hardware software or both For example ASIC1 chips found in TCPIP routers and layer 3 switches implement hardware firewalls Hardware firewalls are typically high in cost difficult to configure and tricky to upgrade While lower cost hardware firewalls can be found in home routers it still remains that software firewalls are cheaper and more robust to operate

1 Application Specific Integrated Circuitry (ASIC) are very fast integrated circuits customized for a specific use rather than general purpose circuity like a microprocessor ASIC sizes can range from thousands to millions of logic gates In ASIC-based firewalls the ASIC takes care of real time packet filtering while the CPU takes care of various configuration data collection and user interface tasks [6]

1


Protected a network by identifying and removing unwanted network traffic from passing through it Firewalls are bidirectional in that they can prevent unwanted traffic from either leaving or entering the network These are called inbound and outbound rules respectively

Further some firewalls support connection-specific rules These rules are applied to specific types of connections This allows you to enable specific TCP2 or UDP3 ports Windows offers this functionality through Windows Firewall with Advanced Security (WFAS) [1]

Why FirewallsWhen most people think of hackers they think of someone sitting at a computer attempting to steal information from a computer system However this represents a very small portion of the total network attacks [2] In fact the majority of network attacks are the result of automated software called worms and viruses They are opportunistic in nature (preferring systems with lack of security or easily exploitable vulnerabilities) and find targets at random If a worm or virus does not find a security vulnerability on a system it will instead look for other systems to attack and spread In this case you would become one of the ldquobad guysrdquo A firewall is a tool that can be used to reduce the chances of infection and hinder the ability of a virus or worm to spread

Location of FirewallsIn a typical corporate network architecture firewalls are located at the border perimeter and internal networks

1 The perimeter firewall faces between the internet and the DMZ of a corporate network It provides the initial layer of protection These firewalls are typically high performance and provide basic packet filtering

2 The internal firewall provides protection between internet facing services of a corporate network such as email and web servers and the internal network This firewall provides deep filtering of packets prevents information from leaking and can provide proxy services

Typical Properties of Internal Firewalls1 Management and control of network traffic using stateful packet inspection This firewall

recognizes connections between clients and servers2 Provide additional services such as caching single sign-on authenticated and encrypted

communications (IPSec) and NAT For example the Microsoft Internet Security and Acceleration (ISA) server

2 TCP or Transmission Control Protocol [5] is a core protocol of IP which provides reliable in-order and error-checked delivery of a data stream TCP exists in the Transport (5th) Layer of the OSI model3 UDP or User Datagram Protocol is a core protocol of IP which provides simple port-specific communication UDP provides no guarantee on the in order delivery of packets UDP does support trivial checksums UDP like TCP exists in the Transport (5th) Layer of the OSI model

2


3 The host local or personal firewall provides an added layer of filtering at the PC level and is managed by an administrator or user Because the other firewalls cannot provide protection for traffic generated inside a trusted network these firewalls prevent unauthorized access and deep integration with host OS services and applications

Using a Demilitarized Zone (DMZ)

Figure 1 - Example of a Network Architecture with a DMZ

Many organizations use their Internet connection to expose services to the public internet In the DMZ the network may be under your control but that network is outside your heaviest security HTTP DNS FTP SMTP and POP servers are all examples of network devices found in this area This network should be like an island and not a stepping stone [3] It should not be connected in any way to the organizations internal network and should not five information that could help hackers compromise other parts of the network In some cases the DMZ will contain a honeypot server This is used by security analysts to watch and learn from attackers Honeypots can provide invaluable information to strengthen the organizations internal network from future attack

The standard way of creating a DMZ is to place servers that provide services between two firewalls However one firewall can also create this effect given the ability to do deep inspection The firewall should also be stateful The reason for this is that connections originating from a server in the DMZ to the internal network should be forbidden but if originating from the internal network would be allowed For example an email server should not have any reason to initiate communication with a server or computer in the private network But an employeersquos PC in the internal network would be able to check email

3


Types of Firewalls

Packet Filtering [2]Packet-filtering (or network layer) firewalls validate packets based on protocol source and destination address and port time range type of service (ToS) and other parameters found in the IP header These firewalls are configured using Access Control Lists (ACLs) saved on the router or switch ACLs are validated in the order they are defined A rule will make a decision to either drop or accept a packet Typically a firewall will drop a packet when no rule matches This is known as whitelisting the opposite where the packet is accepted if and only if no rule matches is called blacklisting

The primary advantage of packet-filtering firewalls is the ubiquity across network devices The software can be implemented in relatively cheap hardware From the very smallest of home routers to enterprise appliances have this functionality built in These firewalls typically come in stateless of stateful mode of operations Stateless4 requires less memory and have faster but simpler filtering capabilities In stateful mode the firewall maintains active sessions and uses this information to speed up packet processing stateful firewalls can make complex decisions based on any stage of the connection

Stateful Inspection Filtering Example [4]Consider the example of stateful inspection filtering through an ISA server below An internet client connects to the ISA server which thinks it is the web server However as we will see this is not the case

4 Stateless packet filtering firewalls are especially useful for network protocols that have no concept of a session A combination of both stateless and stateful firewalls at different levels of the network architecture increases throughput and resilience to attack

4

Figure 2 - Example of an IP Packet Packet Filtering will look at the IP Header and TCPUDP Header


Figure 3 - Here we see the communication between a client and server

1 The Internet client initates an HTTP request to the Web server2 The ISA server receives the request and modifies the source to itself and sets the destination to

the real IP address of the internal web server The source port number is changed to allow the ISA server to track this conversation

3 The ISA server can now track filter and inspect the conversation based on an ACL

The disadvantage of packet filtering lies in the use of ACLs ACLs are static and packet filtering has no visibility into the data portion of the IP packet Further if communication is done through AH or ESP with IPSec5 the packet cannot be filtered correctly as the true header of the packet has been encrypted While this type of firewall does it works in the lower levels of the TCPIP stack they are not well suited for application level filtering Thus the need for application layer firewalls

Application amp ProxyApplication layer firewalls work at a higher level of the TCPIP stack Such firewalls are typically found on the host machine They are suited for the filtering of application-specific traffic such as a web browser They are capable of intercepting all traffic between the application and the rest of the network stack Because application layer firewalls are after any encryption mechanisms these firewalls can perform deep inspection of a packet but at the cost of performance These firewalls are on a per process bases usually have a GUI prompt to define rules and used in conjunction with a packet filter

A proxy is also a type of application firewall They act on behalf of the client Typically they are used to inspect and prevent malicious web traffic The proxy establishes a session with the outside network then

5 The IPSec Authentication Header (AH) provides integrity authentication services They can be used to verify messages and do not encrypt the header or datagram part of the packet The IPSec ESP Header provides both integrity checking and encryption of the header and datagram part of the packet While ESP can be configured to only do integrity checking there is no way for a firewall to know if an ESP packet is in integrity-only mode Thus it cannot inspect ESP packets because the data it reads may be garbled by encryption [7]

5


establishes a session with the PC inside the network This is unique in that the proxy firewall can establish a secure connection with the outside server decrypt and inspect packets then encrypt again (or pass unencrypted) to the PC inside the network

A reverse-proxy functions the same as firewall but they are used to protect servers not clients An example of this a load balancing device in a network A reverse-proxy handles connection establishment and sessions on behalf of a server for multiple clients This can go as far as to mitigate against DDoS and prevent malicious clients from communicating with important servers A common technique used in reverse proxies is blacklisting whereby malicious IPs are added to a list and instantly blocked

Proxies can make tampering with an internal system form an external network more difficult Further a misuse of an internal system would not necessarily create a security breach The most useful case of a proxy is Network Address Translation (NAT) functionality This translates private address ranges to publish address ranges Further it allows networks to obscure the number of attached devices within that network

Unified Threat Management (UTM) and Next-generation Firewalls (NGFWs)These are enterprise appliances that combine stateful packet inspection antivirus and an intrusion prevention system (IPS) all in one Due to the increasing capability and presence of malware the next generation of firewalls are designed to use machine learning to classify and identify potentially malicious traffic As they inspect network communications they become smarter at identifying and eliminating bad traffic going as far as to learn from attackers by the use of honeypots

Network Location AwarenessWindows 7 supports network location awareness which enables network-interacting programs to change their behavior based on how the computer is connected to the network In the case of Windows Firewall with Advanced Security you can create rules that apply only when the profile associated with a specific network location type is active on your computer

Public NetworkBy default the public network location type is assigned to any new networks when they are first connected A public network is considered to be shared with the world with no protection between the local computer and any other computer Therefore the firewall rules associated with the public profile are the most restrictive

Private NetworkThe private network location type can be manually selected by a local administrator for a connection to a network that is not directly accessible by the public This connection can be to a home or office network that is isolated from publicly accessible networks by using a firewall device or a device that

6


performs network address translation (NAT) Wireless networks assigned the private network location type should be protected by using an encryption protocol such as Wi-Fi Protected Access (WPA) or WPAv2 A network is never automatically assigned the private network location type it must be assigned by the administrator Windows remembers the network and the next time that you connect to it Windows automatically assigns the network the private network location type again Because of the higher level of protection and isolation from the Internet private profile firewall rules typically allow more network activity than the public profile rule set

Domain Network

Figure 4 - Here we see a Windows 7 machine connected to a corporate domain

The domain network location type is detected when the local computer is a member of an Active Directory domain and the local computer can authenticate to a domain controller for that domain through one of its network connections An administrator cannot manually assign this network location type Because of the higher level of security and isolation from the Internet domain profile firewall rules typically permit more network activity than either the private or public profile rule sets On a computer that is running Windows 7 if a domain controller is detected on any network adapter then the Domain network location type is assigned to that network adapter

7


Turning Windows Firewall On and Off

To turn Windows Firewall on or off simply open the Windows Firewall control panel and click Turn Windows firewall on or off The Change notification settings link brings up the same screen as shown below

Not only can you turn the firewall on and off for each network location you can also block all programs and set notification when a program is blocked One of the few reasons you would ever want to turn this off is if you had another firewall program that you want to use instead

8


Allowing Programs

Traditionally with firewalls you can open or close a protocol port so that you can allow or block communication through the firewall With Windows Firewall included in Windows 7 you specify which programs or features you want to communicate through the firewall The most common options are available by clicking the Allow a program or feature through Windows Firewall option on the left pane of the Windows Firewall control panel Only users that are members of the local Administrators group or who have been delegated the appropriate privileges are able to modify Windows Firewall settings If you need to open a port instead of specifying a program you have to use the Windows Firewall with Advanced Security which is discussed later in this tutorial

If a program that you want to create a rule for is not present on this list click Allow Another Program This opens the Add A Program dialog box If the program that you want to create a rule for is not listed click Browse to add it Click the

9


Network Location Types button to specify the network profiles in which the rule should be active

If a program is blocked the first time you try to run it you are notified by the firewall allowing you to configure an exception that allows traffic from this program in the future If an exception is not configured at this time you will need to use the steps above to allow traffic through

10


Introduction to Windows Firewall with Advanced Security

Windows Firewall with Advanced Security is designed for advanced users and IT professionals and offers more powerful configuration options than the standard Windows Firewall You can now configure Inbound and Outbound Rules Block or Allow incoming or outgoing connections based off Protocols and Ports andor Programs and Services and configure IPSec The Inbound and Outbound Rules can be enforced on predefined profiles Public Private Domain or all Profiles WFAS becomes handy in instances where you need to enable a rule that allows traffic for a specific service while connected to one network profile but not on another For example you can allow FTP traffic for the Domain (Work) Profile but not for the Public Profile This would mean that computers at your work place can connect to your computer hosting an FTP service whereas such traffic is blocked when yoursquore connected to another network

The default Inbound rule settings is to block all connections that do not have rules (exceptions) that allow the connection unless the incoming request is a response from the client The default Outbound rule is to allow all outbound connections unless you have explicitly blocked an outbound connection

To access Windows Firewall with Advanced Security snap-in open the Network and Sharing Center and click on Advanced Settings in the left pane Or you can type Windows Firewall with Advanced Security into the Search Programs And Files box in the Start menu You must be a member of the administrators group

11


Creating Rules

To create and inbound or outbound rule follow these steps

First click on Inbound Rules or Outbound Rules in the left pane depending on which type of rule you are trying to create In this case we selected Inbound Rules

Click on the Action menu and select New Rule

12


This brings up the New Inbound Rules Wizard In this window you can define a rule based on a program a port a predefined service or feature or multiple parameters (custom rule) The program and predefined rules are the same as those found in the standard Windows Firewall The custom rule allows you to configure a rule based on more than one option for example a rule that involves a specific program and ports

13


What happens from here depends on the type of rule you are going to create and we suggest that you familiarize yourself with all of them In this case we are going to create a custom rule

14


Here you can apply the rule to all programs browse to a specific program or a service Were going to apply ours to a specific program by clicking the Browse and selecting a program

15


Here we can apply the rule to specific protocols and ports We selected a TCP port

16


Next we define the scope of the rule We have the option to configure local and remote addresses The local IP address is used by the local computer to determine if the rule applies The rule only applies to network traffic that goes through a network adapter that is configured to use one of the specified addresses Specify the remote IP addresses to which the rule applies Network traffic matches the rule if the destination IP address is one of the addresses in the list

17


Next we can allow the connection allow the connection if it is secure or block the connection

18


Now we choose which network locations the rule will apply to

19


In the final step we enter a name and description for the rule and click Finish

The above instruction only demonstrate one of the possible types of rules you can create and the dialogue boxes will vary depending on the type of rule and selections you make

In addition to inbound and outbound rules you can also configure Connection Security Rules For more information about this read Understanding Connection Security Rules

Import and Export

20


WFAS allows you to import and export the current firewall configuration for the purpose of easy configuration on stand-alone computers To roll out the firewall configuration on a company network it is better to use group policy The import and export feature also essentially enables you to make a backup copy of your configuration before you make changes to it Exported policy files are binary with a wfw extension

21


Configuring the Action CenterThese days having a firewall just isnrsquot enough Spyware and viruses are becoming more widespread more sophisticated and more dangerous Users can unintentionally pick up spyware and viruses by visiting websites or by installing an application in which spyware and viruses are bundled

Even worse malicious software cannot typically be uninstalled Thus antispyware and virus protection applications are also required to ensure that your computer remains protected Letrsquos take a look at some of the ways you can protect your Windows 7 computers using the Action Center

Using Windows DefenderWindows 7 comes with an antispyware application called Windows Defender Windows Defender offers real-time protection from spyware and other unwanted software You can also configure Windows Defender to scan for spyware on a regular basis

Like antivirus programs Windows Defender relies on definitions which are used to determine whether a file contains spyware Out-of-date definitions can cause Windows Defender to fail to detect some spyware Windows Update is used to regularly update the definitions used by Windows Defender so that the latest spyware can be detected You can also configure Win- dows Defender to manually check for updates using Windows Update

To access Windows Defender as shown in Figure 920 click Start1113088Control Panel1113088Large Icons View Action Center Windows Defender status appears at the bottom of the screen which includes time of the last scan the scan schedule the real-time protection status and the definition version

22


Letrsquos look at how we can scan the system for spyware using Windows Defender

Performing a Manual Scan

You can configure Windows Defender to perform a manual scan of your computer at any time You can perform the following three types of scans

Quick Scan checks only where spyware is most likely to be found Full Scan checks all memory running processes and folders Custom Scan checks only the drives and folders that you select By default Windows Defender

performs a Quick Scan daily at 2 am You can change this as setting by using the Tools menu option as shown below

23


Programs are classified into four spyware alert levels as shown above

Severe High Medium Low

Depending on the alert level you can choose to have Windows Defender ignore quarantine remove or always allow software

Spyware alert levels

In the next section you will learn how to configure the many options of Windows Defender

Configuring Windows DefenderUse the Tools and Settings menu to configure Windows Defender As shown in Figure 923 you can access the following items through this menu

Options

24


Microsoft SpyNet Quarantined Items Allowed Items Windows Defender Website Microsoft Malware Protection CenterLetrsquos look at each one of these Windows Defender

options in greater detail

Options - Click Options on the Tools and Settings menu to enable you to configure the default behavior of Windows Defender You can configure the following options

bull Automatic Scanning - You can configure Windows Defender to scan automatically how often automatic scans should occur the time that scans will occur and the type of scan to perform

You can also configure whether definitions should be updated before scanning and whether the default actions should be taken on any spyware that is found

25


Default Actions You can configure the actions Windows Defender should take on High Medium and Low Alert items You can set each level so that Windows Defender can take the default action for that level always remove the item or always ignore the item

Real-Time Protection You can configure whether real-time protection is enabled which security agents you want to run how you should be notified about threats and whether a Windows Defender icon is displayed in the notification area

Excluded Files And Folders You can set up files and folders that are to be excluded during a scan

Excluded File Types You can specify certain file types that will be excluded from a scan as shown in Figure 924 For example you can exclude all doc files if needed

Advanced These options let you configure whether to

Archived files and folders are scanned Email is scanned Removable drives Heuristics are used to detect unanalyzed software A restore point is created before removing spyware You can also specify file locations that are

exempt from scanning

Windows Defender Tools and Settings menu

26


Administrator These options let you configure whether Windows Defender is enabled and whether you display items from all users on this computer

Excluded File Types

The next option that we look at from the Windows Defenders Tools is Microsoft SpyNet

Microsoft SpyNet

Microsoft SpyNet is an online community that can help you know how others respond to software that has not yet been classified by Microsoft Participation in SpyNet is voluntary as shown in Figure 925 and subscription to SpyNet is free If you choose to volunteer your choices will be added to the community so that others can learn from your experiences

To join the SpyNet community click Microsoft SpyNet on the Tools menu and then choose either a basic or advanced membership The level of membership will specify how much information is sent to Microsoft when potentially unwanted software is found on your computer

27


By default I Do Not Want To join Microsoft SpyNet At This Time is selected but you can choose to participate in SpyNet by selecting the appropriate radio button If you choose not to participate no information is sent to Microsoft and Windows Defender does not alert you regarding unanalyzed software

Quarantined Items

Software that has been quarantined by Windows Defender is placed in Quarantined Items Quarantined software will remain here until you remove it If you find that a legitimate application is accidentally removed by Windows Defender you can restore the application from Quarantined Items

Microsoft SpyNet participation options

Allowed Items

28


Software that has been marked as allowed is added to the Allowed Items list Only trusted software should be added to this list Windows Defender will not alert you regarding any software found on the Allowed Items list If you find that a potentially dangerous application has been added to the Allowed Items list you can remove it from the list so that Windows Defender can detect it

Windows Defender Website

Clicking Windows Defender Website opens Internet Explorer and takes you to the Windows Defender website Here you can find information on Windows Defender spyware and security

Microsoft Malware Protection Center

Clicking Microsoft Malware Protection Center opens Internet Explorer and takes you to the Malware Protection Center website Here you can find information on antimalware research and responses

History Menu Option

There is also a History menu option next to the tools option You can use the History menu option to see what actions have been taken by Windows Defender Information is included about each application the alert level the action taken the date and the status Information is retained until you click the Clear History button

References

[1] Microsoft Corporation Configuring Firewall Rules for Specific Connections 28 March 2005 [Online] Available httpstechnetmicrosoftcomen-uslibrarycc78701528v=ws1029aspx

[2] R Blair and A Durai Types of Firewalls Network World 21 May 2009 [Online] Available httpwwwnetworkworldcomarticle2255950lan-wanchapter-1--types-of-firewallshtml [Accessed 10 October 2015]

[3] Firewalls CX Firewall DMZ Zone 5 April 2012 [Online] Available httpwwwfirewallcxnetworking-topicsfirewalls210-firewall-dmz-zonehtml [Accessed 12 October 2015]

[4] T Northrup Network Security Firewalls Microsot TechNet 10 October 2015 [Online] Available httpstechnetmicrosoftcomen-uslibrarycc700820aspxXSLTsection125121120120 [Accessed 11 October 2015]

29


[5] V Cerf Y Dalal and C Sunshine Specification of the Internet Trasnmission Control Program Network Working Group vol 1 no 1 p 70 1974

[6] o2 Micro Inc Firewall For The Next Generation SifoWorks Santa Clara 2015

[7] The TCPIP Guide IPSec Encapsulating Security Payload (ESP) The TCIPIP Guide 20 September 2005 [Online] Available httpwwwtcpipguidecomfreet_IPSecEncapsulatingSecurityPayloadESPhtm [Accessed 10 October 2015]

30

Introduction to Firewalls

Why Firewalls

Location of Firewalls


Types of Firewalls

Packet Filtering [2]

Stateful Inspection Filtering Example [4]

Application amp Proxy

Unified Threat Management (UTM) and Next-generation Firewalls (NGFWs)

Network Location Awareness

Public Network

Private Network

Domain Network


Allowing Programs


Configuring the Action Center

Using Windows Defender

Configuring Windows Defender

References


Protected a network by identifying and removing unwanted network traffic from passing through it Firewalls are bidirectional in that they can prevent unwanted traffic from either leaving or entering the network These are called inbound and outbound rules respectively

Further some firewalls support connection-specific rules These rules are applied to specific types of connections This allows you to enable specific TCP2 or UDP3 ports Windows offers this functionality through Windows Firewall with Advanced Security (WFAS) [1]

Why FirewallsWhen most people think of hackers they think of someone sitting at a computer attempting to steal information from a computer system However this represents a very small portion of the total network attacks [2] In fact the majority of network attacks are the result of automated software called worms and viruses They are opportunistic in nature (preferring systems with lack of security or easily exploitable vulnerabilities) and find targets at random If a worm or virus does not find a security vulnerability on a system it will instead look for other systems to attack and spread In this case you would become one of the ldquobad guysrdquo A firewall is a tool that can be used to reduce the chances of infection and hinder the ability of a virus or worm to spread

Location of FirewallsIn a typical corporate network architecture firewalls are located at the border perimeter and internal networks

1 The perimeter firewall faces between the internet and the DMZ of a corporate network It provides the initial layer of protection These firewalls are typically high performance and provide basic packet filtering

2 The internal firewall provides protection between internet facing services of a corporate network such as email and web servers and the internal network This firewall provides deep filtering of packets prevents information from leaking and can provide proxy services

Typical Properties of Internal Firewalls1 Management and control of network traffic using stateful packet inspection This firewall

recognizes connections between clients and servers2 Provide additional services such as caching single sign-on authenticated and encrypted

communications (IPSec) and NAT For example the Microsoft Internet Security and Acceleration (ISA) server

2 TCP or Transmission Control Protocol [5] is a core protocol of IP which provides reliable in-order and error-checked delivery of a data stream TCP exists in the Transport (5th) Layer of the OSI model3 UDP or User Datagram Protocol is a core protocol of IP which provides simple port-specific communication UDP provides no guarantee on the in order delivery of packets UDP does support trivial checksums UDP like TCP exists in the Transport (5th) Layer of the OSI model

2







3


Types of Firewalls





4











5









6



Domain Network



7





8


Allowing Programs



9




10






11


Creating Rules




12



13



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References







3


Types of Firewalls





4











5









6



Domain Network



7





8


Allowing Programs



9




10






11


Creating Rules




12



13



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References


Types of Firewalls





4











5









6



Domain Network



7





8


Allowing Programs



9




10






11


Creating Rules




12



13



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References










5









6



Domain Network



7





8


Allowing Programs



9




10






11


Creating Rules




12



13



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References









6



Domain Network



7





8


Allowing Programs



9




10






11


Creating Rules




12



13



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References



Domain Network



7





8


Allowing Programs



9




10






11


Creating Rules




12



13



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References





8


Allowing Programs



9




10






11


Creating Rules




12



13



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References


Allowing Programs



9




10






11


Creating Rules




12



13



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References




10






11


Creating Rules




12



13



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References






11


Creating Rules




12



13



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References


Creating Rules




12



13



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References



13



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References



14



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References



15



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References



16



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References



17



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References



18



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References



19





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References





Import and Export

20



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References



21







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References







22







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References







23








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References








Options

24







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References







25










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References










26



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References



Excluded File Types


Microsoft SpyNet



27



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References



Quarantined Items



Allowed Items

28







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References







History Menu Option


References





29





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References





30


Why Firewalls



Types of Firewalls






Public Network

Private Network

Domain Network


Allowing Programs





References

Introduction to Firewalls - University of Texas at Dallas€¦ · Web viewAllow a program or...

Documents

Transcript of Introduction to Firewalls - University of Texas at Dallas€¦ · Web viewAllow a program or...