Академический Документы
Профессиональный Документы
Культура Документы
FIREWALL
Firewall
AGENDA
1.
2.
3. 4. 5. 6. 7. 8. 9. 10.
Overview of Firewall Types of Firewall Evolution of Firewall Consideration of Firewall Network architecture of Firewall Features of Firewall Advantages Disadvantages Conclusion Bibliography
2
4/13/2012
Firewall
1. WHAT IS FIREWALL ?
A
Internet
Usually between trusted and untrusted networks (such as between a Intranet network and the Internet)
Intranet 3
4/13/2012
Firewall
CONT.
A firewall : Acts as a security gateway between two networks Tracks and controls network communications Decides whether to pass, reject, encrypt, or log communications (Access Control)
Internet
Intranet 4
4/13/2012
Firewall
CONT.
Corporate Network Gateway Internal Segment Gateway Protect sensitive segments (Finance, HR) Provide second layer of defense Ensure protection against internal attacks and misuse
Internet
Corporate Site
5
4/13/2012
Firewall
CONT.
Internet
DMZ
Protect individual
application servers
Files protect
SAP Server
4/13/2012
Firewall
IP spoofing
password attacks man-in-the-middle attacks
7
4/13/2012
Firewall
Block, filter, or permit/allow traffic, based on source or destination address Block, filter, or permit/allow traffic, based on content within the traffic Extend the internal network to include remote users or destination address
8
4/13/2012
Firewall
Prevent attacks that are not trafficked through the firewall Prevent malicious code Monitor suspicious network activities
9
4/13/2012
Firewall
2. TYPE OF FIREWALLS
Firewall
3. EVOLUTION OF FIREWALLS
Stateful Filter
Application Layer
Packet Filter
11
4/13/2012
Firewall
Applications Presentations Sessions Transport Network Data Link Physical Applications Presentations Sessions Transport Network Data Link Physical Applications Presentations Sessions Transport Network Data Link Physical
12
4/13/2012
Firewall
Applications Presentations Sessions Transport Network Data Link Applications Presentations Sessions Applications Presentations Sessions Transport Network Data Link
Transport
Network Data Link
Physical
Physical
Physical
13
4/13/2012
Firewall
Applications Presentations Sessions Transport Network Data Link Physical Data Link Physical Presentations Sessions Transport Network Applications Presentations Sessions Transport Network Data Link Physical
INSPECT Engine
14
4/13/2012
Firewall
4. CONSIDERATION OF FIREWALL
15
4/13/2012
Firewall
16
4/13/2012
Firewall
Internal IP Addresses
Corporate LAN
219.22.165.1
Internet
Public IP Address(es)
Hides the true addresses of individual hosts, protecting them from attack Allows more devices to be connected to the network17
4/13/2012
Firewall
6.2 PROXIES
Hides internal users from the external network by hiding them behind the IP of the proxy Prevents low level network protocols from going through the firewall eliminating some of the problems with NAT Restricts traffic to only the application level protocols being proxied.
18
4/13/2012
Firewall
A feeling of increased security that your PC and content are being protected. Relatively in expensive or free for personal use. New releases are becoming user friendly.
19
4/13/2012
Firewall
Firewalls cannot protect you from internal sabotage within a network or from allowing other users access to your PC. A firewall protection is limited once you have an allowable connection open. This is where another program should be in place to catch Trojan horse viruses trying to enter your computers as unassuming normal traffic.
20
4/13/2012
Firewall
9. CONCLUSION
21
4/13/2012
Firewall
10. BIBLIOGRAPHY
Firewalls and Internet Security Repelling the Willy Hacker By William R. Cheswick and Steven M.Bellovin.
http://en.wikipedia.org/wiki/Firewall_(computing) http://technet.microsoft.com/en-us/library/cc700820.aspx
22
4/13/2012
http://www.freebsd.org/doc/en_US.ISO88591/books/handbook/
Firewall
Thank you!
Any Question
23
4/13/2012