Scribd
Upload
30 views30 pages

Chapter 03 - Fundamentals of Firewall 1

The document discusses the fundamentals of firewalls including how they work, types of firewalls such as packet filtering and application gateways, and ways to implement firewalls like network host-based and router-based firewalls.

Uploaded by

Muhammad Hazlami
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
30 views30 pages

Chapter 03 - Fundamentals of Firewall 1

The document discusses the fundamentals of firewalls including how they work, types of firewalls such as packet filtering and application gateways, and ways to implement firewalls like network host-based and router-based firewalls.

Uploaded by

Muhammad Hazlami
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 30

Chapter 3:

FUNDAMENTALS of
Firewall (1)

ITT320 Introduction To Computer Security


Objectives

 Explain how firewalls work


 Evaluate firewall solutions
 Differentiate between packet filtering and
stateful packet filtering
 Differentiate between application
gateway
and circuit gateway
 Understand host-based firewalls and router-
based firewalls
© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 2
Inc.
Introduction

Firewalls are one of the fundamental devices


used to secure a network. This chapter
explores the basics of firewalls and how they
work.

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 3


Inc.
What is a Firewall?

 A barrier between the world and your network


 Can provide this barrier via:
 Packet filtering
 Stateful packet filtering
 User authentication
 Client application authentication
Filtered Packets
Continue into Network Firewall Incoming Packets

Packet Accepted or
Reject Based on firewall
configuration

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 4


Inc.
What is a Firewall?

Block ip > www.youtube.com


Source or Destination address

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 5


Inc.
Types of Firewalls

 Packet filter
 Application gateway
 Circuit level gateway
 Stateful packet inspection

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 6


Inc.
Packet Filter Firewall
 Very basic type of firewall
 Also referred to as “screening” firewalls
 Packet Filtering Firewall mechanisms work
in the network layer of the OSI layer model
 Works by examining a packet’s:
 Source address
 Destination address
 Source port
 Destination port
 Protocol type

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 7


Inc.
Packet Filter Firewall cont.

 Summary of common packet filtering


products:
 Firestarter
 Norton personal firewall
 McAfee personal firewall
 Outpost firewall

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 8


Inc.
Packet Filter Firewall cont.

 Disadvantages:
 No authentication
 Does not track packets
 Does not look at the packet data just the header

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 9


Inc.
Packet Filter Firewall cont.

 Rules should cover the following:


 What types of protocols to allow (HTTP,FTP,
SMTP,POP3)
 What source ports to allow
 What destination ports to allow
 What source IP addresses to allow

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 10


Inc.
Application Gateway

 Also known as Application proxy or


application-level proxy
 Examines the connection between the client
and the server applications
 Enables administrators to specify what
applications are allowed
 Allows for user authentication

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 11


Inc.
Application Gateway cont.

 Disadvantages:
 Requires more system resources
 Due to time it takes to authenticate user
 Once connection is made, packets are not checked
 Not the most secure firewall
 Need to purchase special device / software to
control authentication process.
 Not the most secure firewall

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 12


Inc.
Application Gateway cont.

 Product examples:
 Teros provides an AG for web servers
 The Firebox from Watchguard Technologies

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 13


Inc.
© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 14
Inc.
Circuit Level Gateway
 More secure than application gateways
 Typically implemented on high-end
equipment
 Authenticates the user first, same like application
gateways
 Virtual circuit is used to pass bytes between
client and proxy server
 External users only see the proxy IP not the
internal client IP address

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 16


Inc.
Circuit Level Gateway cont.
Proxy Outside World

User 1
192.XX.XX.XX

User 2 192.XX.XX.XX

User 3
192.XX.XX.XX

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 17


Inc.
Stateful Packet Inspection

 Aware of context of packets makes them less


susceptible to flood attacks
 Knows if packet is part of a larger stream
 Recognizes whether source IP is within the
firewall
 Can look at the contents of the packet
 Whenever possible, it will trigger the firewall
to block those suspect packet

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 19


Inc.
Hybrid Firewalls

 Becoming more popular, these configurations


take multiple approaches to their firewall
implementations
 SP and circuit level gateways might be used
together

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 21


Inc.
Implementing Firewalls

 Need to understand the firewall’s relationship


to the network it is protecting
 Most common solutions:
 Network host-based
 Dual-homed host
 Router-based firewall
 Screened host

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 22


Inc.
Network Host-Based
 Software-based solution runs on top of
operating system
 Must harden the operating system in the
following ways:
 Ensure all patches are updated
 Uninstall unneeded applications or utilities
 Close unused ports
 Turn off all unused services
 Cheap solution
 Example application is Windows Firewall
© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 23
Inc.
Screened Host

 They are 2 type of Screened Host firewall


I. Single homed bastion host
II. Dual homed bastion host

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 25


Inc.
Single homed bastion host cont.
 A bastion host is basically a single computer with high
security configuration, which has the following
characteristics:

 Traffic from the Internet can only reach the bastion host;
they cannot reach the internal network.

 Traffic having the IP address of the bastion host can only go


to the Internet. No traffic from the internal network can go
to the Internet.

 The main problem with the single homed bastion host is that
if the packet filter route gets compromised then the entire
network will be compromised.
© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 26
Inc.
Dual homed bastion host
 Bastion host has two network cards- one is used for internal
connection and the second one is used for connection with
the router.

 In this case, even if, the router got compromised, the internal
network will remain unaffected since it is in the separate
network zone.

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 27


Inc.
Single Home vs Dual homed bastion host

Internal NIC

External NIC
Router-Based Firewall

 Usually the first line of defense


 Uses simple packet filtering
 Ideal for novice administrators
 Can be preconfigured by vendor for specific
needs of user
 Can be placed between segments of a
network

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 29


Inc.
In Practice: Utmost Security

 Organizations want the


best security setup they
can get to ensure the
protection of
information
 The graphic shows
one setup beyond just
a simple firewall

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 30


Inc.
Selection and Using a Firewall

 Using a Firewall:
 Configure it properly
 Consider a consultant for initial setup
 Review logs periodically for anomalies
 Utilize statistics for baseline performance

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 31


Inc.
Summary

 Firewalls and proxy servers are critical for


network security solutions
 There are many solutions that can be
considered
 Solutions range in price and features
 Should use most secure solution that budgets
allow

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 35


Inc.
Summary cont.

 Various types have been discussed:


 Packet filter
 Application gateway
 Circuit level gateway
 Stateful packet inspection
 Implementations include:
 Network host-based
 Router-based
 Dual-homed and Screened host

© 2006 by Pearson Education, Chapter 3 Fundamentals of Firewalls 36


Inc.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy