Firewall Abstract

Firewalls form a fundamental part of current network security practice by providing the demarcation point between networks with differing levels of trust. Owing to cost, a firewall is the only effective security measure in place in smaller networks, and is relied upon to implement the entire security policy for that network. Implementation is the stage of the project when the theoretical design is turned out into a working system. Thus it can be considered to be the most critical stage in achieving a successful new system and in giving the user, confidence that the new system will work and be effective. The implementation stage involves careful planning, investigation of the existing system and it s constraints on implementation, designing of methods to achieve changeover and evaluation of changeover methods.

Existing System:
By forcing all network traffic to pass through the firewall, there is a greater chance that the network will. Become congested. In most configurations where firewalls are the only link between networks, if they are not configured correctly or are unavailable, no traffic will be allowed through.

Proposed System:
Firewalls can be configured to re!uire ud"ser authentication. This allows network administrators to control,

track specific user activity $etecting when the source of the network traffic is being %spoofed&, i.e., when an individual attempting to access a blocked service alters the source address in the message so the traffic is allowed.

Main Modules:Module Description:

Packet filtering inspects each packet that traverses the firewall, determining whether to forward or discard the packet based on the contents of the protocol headers. It is extremely fast, applies e!ually to different high'level protocols and has a minimal memory overhead, but is capable only of simple decisions and lacks fine'grained control. Further, it takes no account of the contents of the packet. Stateful Packet Inspection: (s packets pass through the firewall, packet header information is examined and fed into a dynamic state table where it is stored. The packets are compared to pre'configured rules or filters and allow or deny decisions are made based on the results of the comparison Application ateways!proxies: The application gateway)proxy acts as an intermediary between the two endpoints. This packet screening method actually breaks the client)server model in that two connections are re!uired* "ircuit #e$el ateway: Once a session has been established, it leaves the port open to allow all other packets belonging to that session to pass.The port is closed when the session is terminated.

System Specification
System Requirements: %ardware &e'uirements:
, , , , , , -ystem 2ard $isk 6onitor 6ouse :am * .entium I/ +.0 123. * 04 15. * #7 /1( 8olour. * 9ogitech. * 7#+ 6b.

Floppy $rive * #.00 6b.

Software &e'uirements:
, , , Operating system 8oding 9anguage $ata 5ase * ' ;indows <.. * (-..=et with 8>. * -?9 -erver +44(