A firewall is a set of related programs, located at a network gateway server, that protects the resources of a private network from

users from other networks. (The term also implies the security policy that is used with the programs.) An enterprise with anintranet that allows its workers access to the wider Internet installs a firewall to prevent outsiders from accessing its own private data resources and for controlling what outside resources its own users have access to. Basically, a firewall, working closely with a router program, examines each networkpacket to determine whether to forward it toward its destination. A firewall also includes or works with a proxy server that makes network requests on behalf of workstation users. A firewall is often installed in a specially designated computer separate from the rest of the network so that no incoming request can get directly at private network resources. There are a number of firewall screening methods. A simple one is to screen requests to make sure they come from acceptable (previously identified) domain name andInternet Protocol addresses. For mobile users, firewalls allow remote access in to the private network by the use of secure logon procedures and authentication certificates. A number of companies make firewall products. Features include logging and reporting, automatic alarms at given thresholds of attack, and a graphical user interface for controlling the firewall. Computer security borrows this term from firefighting, where it originated. In firefighting, a firewall is a barrier established to prevent the spread of fire.

Location, Location, Location

The most important aspect of a firewall is that it is at the entry point of the networked system it protects. In the case of Packet Filtering, it is at the lowest level, or "layer" in the hierarchy (stack) of network processes, called the Network Layer or the Internet Layer. This means essentially that the firewall is the first program or process that receives and handles incoming network traffic, and it is the last to handle outgoing traffic.

The logic is simple: a firewall must be positioned to control all incoming and outgoing traffic. If some other program has that control, there is no firewall. So -- what do firewalls do?

The most basic type firewall performs Packet Filtering. A second type of firewall, which provides additional security, is called a Circuit Relay. Another and still more involved approach is the Application Level Gateway.

Packet Filtering
All Internet traffic travels in the form of packets. A packet is a quantity of data of limited size, kept small for easy handling. When larger amounts of continuous data must be sent, it is broken up into numbered packets for transmission and reassembled at the receiving end. All your file downloads, Web page retrievals, emails -- all these Internet communications always occur in packets. A packet is a series of digital numbers basically, which conveys these things:

The data, acknowledgment, request or command from the originating system The source IP address and port The destination IP address and port Information about the protocol (set of rules) by which the packet is to be handled Error checking information Usually, some sort of information about the type and status of the data being sent Often, a few other things too - which don't matter for our purposes here.

In packet filtering, only the protocol and the address information of each packet is examined. Its contents and context (its relation to other packets and to the intended application) are ignored. The firewall pays no attention to applications on the host or local network and it "knows" nothing about the sources of incoming data. Filtering consists of examining incoming or outgoing packets and allowing or disallowing their transmission or acceptance on the basis of a set of configurable rules, called policies.

Packet filtering policies may be based upon any of the following:

Allowing or disallowing packets on the basis of the source IP address Allowing or disallowing packets on the basis of their destination port Allowing or disallowing packets according to protocol.

This is the original and most basic type of firewall. Packet filtering alone is very effective as far as it goes but it is not foolproof security. It can potentially block all traffic, which in a sense is absolute security. But for any useful networking to occur, it must of course allow some packets to pass. Its weaknesses are:

Address information in a packet can potentially be falsified or "spoofed" by the sender The data or requests contained in allowed packets may ultimately cause unwanted things to happen, as where a hacker may exploit a known bug in a targeted Web server program to make it do his bidding, or use an illgotten password to gain control or access.

An advantage of packet filtering is its relative simplicity and ease of implementation.

Circuit Relay
Also called a "Circuit Level Gateway," this is a firewall approach that validates connections before allowing data to be exchanged. What this means is that the firewall doesn't simply allow or disallow packets but also determines whether the connection between both ends is valid according to configurable rules, then opens a session and permits traffic only from the allowed source and possibly only for a limited period of time. Whether a connection is valid may for examples be based upon:

destination IP address and/or port source IP address and/or port time of day protocol user password

Every session of data exchange is validated and monitored and all traffic is disallowed unless a session is open. Circuit Level Filtering takes control a step further than a Packet Filter. Among the advantages of a circuit relay is that it can make up for the shortcomings of the ultra-simple and exploitable UDP protocol, wherein the source address is never validated as a function of the protocol. IP spoofing can be rendered much more difficult. A disadvantage is that Circuit Level Filtering operates at the Transport Layer and may require substantial modification of the programming which normally provides transport functions (e.g. Winsock).

Application Gateway
In this approach, the firewall goes still further in its regulation of traffic. The Application Level Gateway acts as a proxy for applications, performing all data exchanges with the remote system in their behalf. This can render a computer behind the firewall all but invisible to the remote system. It can allow or disallow traffic according to very specific rules, for instance permitting some commands to a server but not others, limiting file access to certain types, varying rules according to authenticated users and so forth. This type of firewall may also perform very detailed logging of traffic and monitoring of events on the host system, and can often be instructed to sound alarms or notify an operator under defined conditions. Application-level gateways are generally regarded as the most secure type of firewall. They certainly have the most sophisticated capabilities. A disadvantage is that setup may be very complex, requiring detailed attention to the individual applications that use the gateway. An application gateway is normally implemented on a separate computer on the network whose primary function is to provide proxy service. As you can see, all firewalls regardless of type have one very important thing in common: they receive, inspect and make decisions about all incoming data before it reaches other parts of the system or network. That means they handle packets and they are strategically placed at the entry point to the

system or network the firewall is intended to protect. They usually regulate outgoing data as well. The types and capabilities of firewalls are defined essentially by:

Where they reside in the network hierarchy (stack); how they analyze and how they regulate the flow of data (packets); and additional security-related and utilitarian functions they may perform. Some of those additional functions: o data may be encrypted/decrypted by the firewall for secure communication with a distant network o Scripting may allow the operator to program-in any number of specialized capabilities o The firewall may facilitate communications between otherwise incompatible networks.

PROXY SERVER
In computer networks, a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server. The proxy server evaluates the request as a way to simplify and control their complexity. Today, most proxies are web proxies, facilitating access to content on the World Wide Web.

Uses
A proxy server has a large variety of potential purposes, including: To keep machines behind it anonymous, mainly for security.[1] To speed up access to resources (using caching). Web proxies are commonly used to cache web pages from a web server.[2] To apply access policy to network services or content, e.g. to block undesired sites. To access sites prohibited or filtered by your ISP or institution. To log / audit usage, i.e. to provide company employee Internet usage reporting. To bypass security / parental controls. To circumvent Internet filtering to access content otherwise blocked by governments.[3] To scan transmitted content for malware before delivery. To scan outbound content, e.g., for data loss prevention. To allow a web site to make web requests to externally hosted resources (e.g. images, music files, etc.) when cross-domain restrictions prohibit the web site from linking directly to the outside domains.

A proxy server that passes requests and responses unmodified is usually called a gateway or sometimes tunneling proxy. A proxy server can be placed in the user's local computer or at various points between the user and the destination servers on the Internet. A reverse proxy is (usually) an Internet-facing proxy used as a front-end to control and protect access to a server on a private network, commonly also performing tasks such as load-balancing, authentication, decryption or caching.

Types of proxy Forward proxies are proxies where the client server
names the target server to connect to.[4] Forward proxies are able to retrieve from a wide range of sources (in most cases anywhere on the Internet).

The terms "forward proxy" and "forwarding proxy" are a general description of behavior (forwarding traffic) and thus ambiguous. Except for Reverse proxy, the types of proxies described in this article are more specialized sub-types of the general forward proxy concept.

Open proxies

An open proxy forwarding requests from and to anywhere on the Internet. An open proxy is a forwarding proxy server that is accessible by any Internet user. Gordon Lyon estimates there are "hundreds of thousands" of open proxies on the Internet.[5] An anonymous open proxy allows users to conceal their IP address while browsing the Web or using other Internet services. There are varying degrees of anonymity however, as well as a number of methods of 'tricking' the client into revealing itself regardless of the proxy being used.

Reverse proxies
A reverse proxy (or surrogate) is a proxy server that appears to clients to be an ordinary server. Requests are forwarded to one or more origin servers which handle the request. The response is returned as if it came directly from the proxy server.

Uses of proxy servers

Filtering. Caching Bypassing filters Gateways to private networks..

A virtual private network (VPN) is a secure network that uses primarily public telecommunication infrastructures, such as the Internet, to provide remote offices or traveling users an access to a central organizational network. VPNs typically require remote users of the network to be authenticated, and often secure data with firewall and encryption technologies to prevent disclosure of private information to unauthorized parties. There are two types of VPNs; remote access VPNs and site to site VPNs. Remote access VPNs are for individual users who are not in a fixed location - remote or roaming users like salespeople. Site to site VPNs are for multiple users in a fixed location - like regional offices. VPNs may serve any network functionality that is found on any network, such as sharing of data and access to network resources, printers, databases, websites, etc. A VPN user typically experiences the central network in a manner that is identical to being connected directly to the central network. VPN technology via the public Internet has replaced the need to requisition and maintain expensive dedicated leased-line telecommunication circuits once typical in wide-area network installations. Virtual private network technology reduces costs because it does not need physical leased lines to connect remote users to anIntranet.[1]

The Secure Sockets Layer (SSL) is a commonly-used protocol for

managing the security of a message transmission on the Internet. SSL has recently been succeeded by Transport Layer Security (TLS), which is based on SSL. SSL uses a program layerlocated between the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP) layers. SSL is included as part of both the Microsoft and Netscape browsers and most Web server products. Developed by Netscape, SSL also gained the support of Microsoft and other Internet client/server developers as well and became the de facto standard until evolving into Transport Layer Security. The "sockets" part of the term refers to the sockets method of passing data back and forth between a client and a server program in a network or between program layers in the same computer. SSL uses the public-and-private key encryption system from RSA, which also includes the use of a digital certificate. TLS and SSL are an integral part of most Web browsers (clients) and Web servers. If aWeb site is on a server that supports SSL, SSL can be enabled and specific Web pages can be identified as requiring SSL access. Any Web server can be enabled by using Netscape's SSLRef program library which can be downloaded for noncommercial use or licensed for commercial use. TLS and SSL are not interoperable. However, a message sent with TLS can be handled by a client that handles SSL but not TLS.

A stored-value

card refers to monetary value on a card not in an externally recorded

account and differs from prepaid cards where money is on deposit with the issuer similar to a debit card.[1] One major difference between stored value cards and prepaid debit cards is that prepaid debit cards are usually issued in the name of individual account holders, while stored value cards are usually anonymous. The term stored-value card means the funds and or data are physically stored on the card. With prepaid cards the data is maintained on computers affiliated with the card issuer. The value associated with the card can be accessed using a magnetic stripe embedded in the card, on which the card number is encoded; using radio-frequency identification (RFID); or by entering a code number, printed on the card, into a telephone or other numeric keypad.

SEction ..D
WHAT IS MARKETING ? The essence of Marketing is a transaction -an exchange- intended to satisfy humanneeds and wants.There are three elements

inthe marketing process A) MARKETERS

(B) WHAT IS BEING MARKETED (C) TARGET MARKET

WHAT IS MARKETING ? Marketing is a social process by whichindividuals and groups obtain what they needand want through creating and exchangingproducts and value with others This definition includes following core concepts :NEEDS ,WANTS and DEMANDS ---PRODUCTS------VALUE & SATISFACTION--EXCHANGE & TRANSACTION---MARKETS &MARKETERS

 NEED : A state of felt deprivation of some basic satisfaction ( Food,Clothing, Shelter, Belonging etc. ) WANTS : Wants are desires for specificsatisfiers of the deeper needs. Needsare few and wants are many . DEMANDS : are wants backed by ------Ability to buy and Willingn ess to buy

NEEDS,WANTS AND DEMANDS