Вы находитесь на странице: 1из 32

FIREWALL

Kriptografi & Keamanan Jaringan

Introduction to Firewalls
A firewall is a security mechanism to protect a local network from the threats that the network might face while interacting with other networks. A firewall can be a hardware component, a software component, or a combination of both. It prevents the computers within one network domain from communicating directly with the computers in another network domain.

Functions of a Firewall
The main purpose of a firewall is to protect the computers of an organization from unauthorized access. It allows the authorized users of the local network full access to the Internet. The basic functions that are performed by firewalls are:
Security Auditing User authentication Network Address Translation (NAT) IP masquerading

Functions of a Firewall (Contd.)


Security
Firewalls prevent unwanted data from getting into the local network from the Internet or from any other external networks. It examines the incoming data packets and allows them to enter the local network only if certain conditions are met.

Auditing
Firewalls can be used to log the network traffic passing through it. This function is useful to track and filter unwanted information from entering the network.

Functions of a Firewall (Contd.)


User authentication
In order to provide security to a network, it is essential for a firewall system to ensure that the users who access the internal network are authorized. A firewall system can implement user authentication process in various ways such as using the user id and password mechanism.

Network Address Translation (NAT)


A firewall can be used for hiding the structure and contents of a local network from external users. NAT protects the internal private network of an organization from the Internet by concealing the internal network addresses.

Functions of a Firewall (Contd.)

NAT Implementation by a Firewall

Functions of a Firewall (Contd.)


IP masquerading is the feature in which the client network uses a single network interface to interact with the server.

Implementation of IP Masquerading

Working Principle of Firewalls


The working of a firewall is based on a filtering mechanism. The filtering mechanism of firewalls keeps track of the following details:
The source address of the data The destination address of the data The data contents

The filtering mechanism allows information to be passed to the Internet from a local network without requiring any authentication. It makes sure that the downloading of information from the Internet to a local network happens based only on a request made by an authorized user.

Working Principle of Firewalls (Contd.)

Firewall in a Local Network

Firewall Terminology
Before using a firewall, the user should know some of the following basic terms associated with a firewall:
Gateway
Proxy servers Screening routers Application-level gateway Demilitarized zone Bastion host

Firewall Terminology (Contd.)


Gateway
The computer that helps to establish a connection between two networks is known as a gateway. A firewall gateway can be used for exchanging information between an internal network and the Internet.

Proxy servers
A proxy server masks the networks IP address with the proxy servers IP address

Firewall Terminology (Contd.)


Screening routers
A screening router is one of the simplest and most effective defensive mechanisms used in the creation of a firewall system. They are a special type of routers with filters, which are used along with various firewalls.

Application-level gateway
This type of gateway uses a more complex policy than a packet filtering technique that involves selectively restricting the data that is allowed through the firewall.

Firewall Terminology (Contd.)

Application Gateway Between Destination and Source Host

Firewall Terminology (Contd.)


A demilitarized zone is a subnet between the Internet and the internal network.

An Application Server in a Demilitarized Zone

Firewall Terminology (Contd.)


Bastion host
A bastion host is a publicly accessible server that is hosted on the DMZ. The bastion host is configured to serve a specific role of disabling or removing all the protocols, files, and applications that are not essential to the system.

Firewall Architecture
Firewall architecture deals with the design of the firewall system and its components and is implemented in a network. The following are the different types of firewall architectures:
Dial-up architecture Single router architecture Firewall with proxy server

Firewall Architecture (Contd.)


Dial-up architecture
It uses a dial-up service, such as an ISDN line. A firewall system is used to separate the Internet from the local network.

Dial-up Architecture

Firewall Architecture (Contd.)


Single router architecture
You use a router to access the Internet.

Single Router Architecture

Firewall Architecture (Contd.)


A firewall with a proxy server
Firewalls with a proxy server are used in a small network. Here, the firewall system is integrated with your proxy server. These Firewalls can be implemented in two ways:
A firewall with built-in proxy services A firewall with a proxy server product installed separately

Firewall Architecture (Contd.)


Firewall with proxy server

Firewall with Built-in Proxy Services

Firewall Architecture (Contd.)


Firewall with proxy server

Firewall with a Proxy Server Product Installed Separately

Types of Firewalls
The type of firewall used might vary from network to network. The following are the various types of firewalls generally used:
Packet filter firewall Circuit-level firewall Proxy firewall Network Address Translation (NAT) firewall

Types of Firewalls (Contd.)


Packet filter firewall
Are usually deployed on routers. Is the simplest and the primary defensive mechanism used in firewall protection. Are implemented at the network level to check all incoming and outgoing packets of information.

Types of Firewalls (Contd.)


Circuit-level firewall
Provides more protection than packet filtering firewalls. Also known as a stateful inspection firewalls. Checks for all the connections made to the local network.

Types of Firewalls (Contd.)


Proxy firewall
Protects all the client applications running on a network from the Internet by using the firewall itself as a gateway. Automatically segregates the data packets depending upon the protocols used by them. Must support various protocols.

Types of Firewalls (Contd.)


Network Address Translation firewall
Use a single IP address to represent the network. All packets going outside the network have their internal IP addresses hidden from the outside to increase security. Any incoming packets are delivered only to the networks public IP address.

Role of Firewalls in Application Security


A firewall can be used for securing the applications running on a local network from the Internet. It allows to use Internet services such as e-mail and messengers from inside the protected network. The idea behind the use of firewalls is to allow only secured applications or services to pass through the network and stop unsecured applications from entering the network.

Role of Firewalls in Application Security (Contd.)


Using Firewalls in VPNs
VPN guarantees private secured network traffic to organizations. Firewalls can be used with VPNs to enhance network security. The following figure shows the implementation of firewalls with VPNs:

Firewall Solutions
An organization can use a software firewall or a hardware firewall or a mixture of both for network security. The firewalls solutions are:
Software firewall Hardware firewall

Firewall Solutions (Contd.)


Software firewall
Works on a computer system. Software firewalls provide the following benefits:
They are inexpensive. They can be easily configured.

Has the following disadvantages:


The software firewall consumes disk, memory, and CPU resources on your computer. Software firewalls may affect the performance of the operating system. The security threats to an operating system can affect the performance of the software firewalls.

Examples include the DoorStop firewall and SINUS.

Firewall Solutions (Contd.)


Hardware firewall
Are devices that are placed between the Internet and the internal network.

Implementing a Hardware Firewall

Firewall Solutions (Contd.)


Has the following advantages:
The level of network protection is high. They can support more network interfaces than most software firewalls. The performance of a hardware firewall exceeds software firewalls because it does not have any additional overhead found in operating systems.

Has the following disadvantage:


Are very expensive compared to software firewalls.

Example includes SonicWall.