Firewall ITAM

8/4/2019 Firewall ITAM

http://slidepdf.com/reader/full/firewall-itam 1/36



Brief History

The idea came from constructionindustry in 19th century.

•Structure of metal sheets in

houses, flights etc were the first

physical firewall.

•Metal sheets protected from fire.



People who made it important.

Clifford Stoll a US astronomer and

computer expert, discovered that

German spies accessing his system .

After this incident US started to

implement firewall security in the

government networks.



Bill Cheswick the author of the

famous security book “Firewalls and

Internet Security ” set up a simpleelectronic jail to observe an attacker.

He devoted himself and brought a

huge impact on awareness of firewall

and internet and network security.




Robert Tappan Morris created Morris Worm

which was the virus that awakened all the

network administrators and made themthink of the importance of firewall. The

networks administrators weren’t expecting

anything like this. The worm spread around

networks around the world. 10% of the

internet was infected.




What is a Firewall?

• A firewall is hardware,

software, or a combination of

both that is used to prevent

unauthorized programs orInternet users from accessing a

private network and/or a

single computer.



What do Firewalls Protect?

• Data – Proprietary corporate information

– Financial information

– Sensitive employee or customer data

• Resources – Computing resources

– Time resources

• Reputation – Loss of confidence in an organization

– Intruder uses an organization’s networkto attack other sites



Who do Firewalls Guard

Against?

• Internal Users

•

Hackers

• CorporateEspionage

• Terrorists

• Common

Thieves



Classification of Firewall

Characterized by protocol level itcontrols in

• Packet filtering

•

Circuit gateways• Application gateways

Combination of above is dynamic

packet filter.



Firewalls – Packet Filters



• Simplest of components• Uses transport-layer information only

– IP Source Address, Destination Address

– Protocol/Next Header (TCP, UDP, ICMP, etc) – TCP or UDP source & destination ports

– TCP Flags (SYN, ACK, FIN, RST, PSH, etc)

–ICMP message type

• Examples

– DNS uses port 53

•

No incoming port 53 packets except known trusted servers

Firewalls – Packet Filters



Firewall Gateways

• Firewall runs set of proxy programs

– Proxies filter incoming, outgoing packets

– All incoming traffic directed to firewall

– All outgoing traffic appears to come from firewall

• Policy embedded in proxy programs

• Two kinds of proxies

– Application-level gateways/proxies

• Tailored to http, ftp, smtp, etc.

– Circuit-level gateways/proxies

• Working on TCP level



Firewalls - Circuit Level

Gateway



Basic Firewall Components

• Software

• Hardware

• Purpose Built/Appliance

based



Hardware vs. Software

Firewalls

• Hardware Firewalls

– Protect an entire network

–

Implemented on the router level – Usually more expensive, harder

to configure

• Software Firewalls

– Protect a single computer

– Usually less expensive, easier to

configure



Some Known Hardware

FirewallsD-Link: D-Link DIR-655 Xtreme N

Gigabit Router

•Has fast performance.

•

A combination of latest in builtwireless security and intergraded

wireless security wizard is used.

Controlled very easily.

Some Known Hardware



• Cisco: ASA 5550 Firewall – Delivers advanced threat defense

service.

–

Network and application trafficwill be protected.

– Defensive from worms, virus and

network attacks such as denial of

services or DDOS.

– Spyware and adware protection.

Some Known Hardware

Firewalls



How does a software firewall

work?

• Inspects each individual

“packet” of data as it arrives at

either side of the firewall

• Inbound to or outbound from

your computer

• Determines whether it shouldbe allowed to pass through or if

it should be blocked



Firewall Rules

• Allow – traffic that flowsautomatically because it has been

deemed as “safe”.

• Block – traffic that is blocked becauseit has been deemed dangerous to

your computer

• Ask – asks the user whether or notthe traffic is allowed to pass through



Some Known Software Firewalls

• Kaspersky Internet Security: – Provides a comprehensive

security tool kit.

–

A nicely organized interface. – Protects from malware, dos

attacks etc. Has a powerful

firewall.



• Norton 360: – Has the best value for easy use

of tools offered, and

overall system performance. – Uses multiple tools to control

the firewall.




What a personal firewall can

do?

• Stop hackers from accessing

your computer

• Protects your personal

information

• Blocks “pop up” ads and certai

cookies

• Determines which programs

can access the Internet



What a personal firewall

cannot do??

• Cannot prevent e-mail viruses

– Only an antivirus product with

updated definitions can prevent

e-mail viruses

• After setting it initially, you

can forget about it

– The firewall will require periodic

updates to the rulesets and the

software itself



Examples of personal firewall

software• ZoneAlarm <www.zonelabs.com>

• BlackICE Defender <http://blackice.iss.net>

• Tiny Personal Firewall <www.tinysoftware.co

• Norton Personal Firewall www.symantec.com



Windows XP firewall



Mac OS X firewall

• *Not* enabled by default



Windows Firewall

Windows Firewall helps protecting

your computer by preventing

unauthorized users from gaining

access to your computer through anetwork or internet.



What does it do??

• Help block computer viruses

and worms from reaching your

computer.• Ask for your permission to

block or unblock certain

connection requests.• Create a record (a security log)



Router Firewall

Hardware firewall

Difference between Hardware firewall anD Software firewall:

– Configuring for maximum security – Strengthening Home router firewalls

Block 'stealth' mode :

– Disable remote administration

Attack detection : – Disable file and printer sharing



Firewall in Business

Organizations

Security



Other than the mentioned benefits,

firewall installation offers many other

benefits.

One of the most important is the blocking

of useless web pages, saving the

resources of the organization and time of

the employees.



Other benefits of a

firewall in the office

include themonitoring of an

employees usage of

the system.



Providing the

organization,

just what isimportant for its

functioning andno crap.



Reducing Distractions

due to unproductiveactivities on the

internet.

Firewall ITAM

Documents

Transcript of Firewall ITAM