SlideShare a Scribd company logo

What is firewall

•
•
Harshana Jayarathna
Harshana Jayarathna

The document discusses firewalls, which were officially invented in the early 1990s. A firewall protects networked computers from unauthorized access and sits at the gateway between private and public networks like the Internet. Firewalls can be hardware devices or software programs and examine incoming and outgoing network traffic to filter it based on various criteria. There are different types of firewalls that operate at different layers of the network model, including packet filters, circuit gateways, application proxies, and stateful multilayer inspection firewalls.

EducationTechnology
1 of 30
Firewall Officially invented in early 1990s H.M.H.R.JAYARATHNA 1 E091040028
What is a firewall? • A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service • It may be a hardware device(fig.1) or a software program(fig.2) running on a secure host computer. H.M.H.R.JAYARATHNA 2 E091040028
• A firewall sits at the junction point or gateway between the two networks, usually a private network and a public network such as the Internet. • The earliest firewalls were simply routers H.M.H.R.JAYARATHNA 3 E091040028
Fig.1 Hardware firewall providing protection to a Local Network. H.M.H.R.JAYARATHNA 4 E091040028
Fig.2 Computer running firewall software to provide protection H.M.H.R.JAYARATHNA 5 E091040028
What does a firewall do? • examines all traffic routed between the two networks to see if it meets certain criteria • firewall filters both inbound and outbound traffic. • can filter packets based on their source and destination addresses and port numbers. known as address filtering. H.M.H.R.JAYARATHNA 6 E091040028
• can also filter specific types of network traffic. known as protocol filtering (Eg: HTTP, ftp or telnet.) • can also filter traffic by packet attribute or state. H.M.H.R.JAYARATHNA 7 E091040028
What can't a firewall do? • cannot prevent individual users with modems from dialling into or out of the network, bypassing the firewall altogether. • Cannot control employee misconduct or carelessness H.M.H.R.JAYARATHNA 8 E091040028
Who needs a firewall? • Anyone who is responsible for a single computer/private network that is connected to Internet via modem/a public network needs firewall H.M.H.R.JAYARATHNA 9 E091040028
How does a firewall work? • There are two access denial methodologies used – firewall may allow all traffic through unless it meets certain criteria – it may deny all traffic unless it meets certain criteria • Firewalls may be concerned with the type of traffic, or with source or destination addresses and ports. H.M.H.R.JAYARATHNA 10 E091040028
Fig.3 Basic Firewall Operation. H.M.H.R.JAYARATHNA 11 E091040028
What different types of firewalls are there? • four broad categories – packet filters – circuit level gateways – application level gateways – stateful multilayer inspection H.M.H.R.JAYARATHNA 12 E091040028
Packet filtering firewalls • work at the network level of the OSI model, or the IP layer of TCP/IP. • usually part of a router. • each packet is compared to a set of criteria before it is forwarded. • Depending on the packet and the criteria, the firewall can drop the packet, forward it or send a message to the originator. H.M.H.R.JAYARATHNA 13 E091040028
• Rules can include source and destination IP address, source and destination port number and protocol used. • Advantage: their low cost and low impact on network performance. • implementing packet filtering at the router level affords an initial degree of security at a low network layer. H.M.H.R.JAYARATHNA 14 E091040028
• This type of firewall only works at the network layer however and does not support sophisticated rule based models. • Network Address Translation (NAT) routers offer the advantages of packet filtering firewalls but can also hide the IP addresses of computers behind the firewall, and offer a level of circuit-based filtering. H.M.H.R.JAYARATHNA 15 E091040028
Packet Filtering Firewall H.M.H.R.JAYARATHNA 16 E091040028
circuit level gateways • work at the session layer of the OSI model, or the TCP layer of TCP/IP. • monitor TCP handshaking between packets to determine whether a requested session is legitimate. • Information passed to remote computer through a circuit level gateway appears to have originated from the gateway. H.M.H.R.JAYARATHNA 17 E091040028
• useful for hiding information about protected networks. • Circuit level gateways are relatively inexpensive • They do not filter individual packets. • Advantage: hiding information about private protect networks. H.M.H.R.JAYARATHNA 18 E091040028
Circuit level Gateway H.M.H.R.JAYARATHNA 19 E091040028
Application level gateways • also called proxies • similar to circuit-level gateways except that they are application specific. • can filter packets at the application layer of the OSI model. • Incoming or outgoing packets cannot access services for which there is no proxy. H.M.H.R.JAYARATHNA 20 E091040028
• an application level gateway that is configured to be a web proxy will not allow any FTP, gopher, telnet or other traffic through. • can filter application specific commands such as http:post and get, etc. • can also be used to log user activity and logins. H.M.H.R.JAYARATHNA 21 E091040028
• offer a high level of security, but have a significant impact on network performance. • This is because of context switches that slow down network access dramatically. • They are not transparent to end users and require manual configuration of each client computer. H.M.H.R.JAYARATHNA 22 E091040028
Application level Gateway H.M.H.R.JAYARATHNA 23 E091040028
Stateful Multilayer Inspection Firewall • filter packets at the network layer, determine whether session packets are legitimate and evaluate contents of packets at the application layer. • allow direct connection between client and host, alleviating the problem caused by the lack of transparency of application level gateways. H.M.H.R.JAYARATHNA 24 E091040028
• rely on algorithms to recognize and process application layer data instead of running application specific proxies. • offer a high level of security, good performance and transparency to end users. • are expensive • Due to their complexity are potentially less secure than simpler types of firewalls if not administered by highly competent personnel. H.M.H.R.JAYARATHNA 25 E091040028
Stateful Multilayer Inspection Firewall H.M.H.R.JAYARATHNA 26 E091040028
How do I implement a firewall? • Steps of implementing a firewall 1. Determine the access denial methodology to use. 2. Determine inbound access policy. 3. Determine outbound access policy 4. Determine if dial-in or dial-out access is required. 5. Decide whether to buy a complete firewall product, have one implemented by a systems integrator or implement one yourself. H.M.H.R.JAYARATHNA 27 E091040028
Firewall related problems • Firewalls restrict access to certain worthful services because those are not yet identified by firewall H.M.H.R.JAYARATHNA 28 E091040028
Benefits of a firewall • protect private local area networks from hostile intrusion from the Internet. • Firewalls allow network administrators to offer access to specific types of Internet services to selected LAN users. • Can control the access of outsiders(unidentifiers) to our network or a single machine H.M.H.R.JAYARATHNA 29 E091040028
• References – http://www.vicomsoft.com/learning-center/firewalls/ – A definition of Firewall Security from searchSecurity.com. – A definition of Firewalls from the FreeBSD Handbook – Network Security Tutorial from About.com. – Firewall.com - The Complete Security Portal – Security in Computing, 4th Edition, by Pfleeger & Pfleeger H.M.H.R.JAYARATHNA 30 E091040028

Recommended

Firewall
FirewallFirewall
Firewallreddivarihareesh
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationTayabaZahid
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)Jainam Shah
 
Firewall
FirewallFirewall
FirewallMuhammad Sohaib Afzaal
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 
Firewall
FirewallFirewall
FirewallNilkanth Shingala
 
Firewall
FirewallFirewall
Firewallnayakslideshare
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security DefinitionPatten John
 

Recommended

Firewall
FirewallFirewall
Firewallreddivarihareesh
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationTayabaZahid
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)Jainam Shah
 
Firewall
FirewallFirewall
FirewallMuhammad Sohaib Afzaal
 
Firewall and its purpose
Firewall and its purposeFirewall and its purpose
Firewall and its purposeRohit Phulsunge
 
Firewall
FirewallFirewall
FirewallNilkanth Shingala
 
Firewall
FirewallFirewall
Firewallnayakslideshare
 
Firewall Security Definition
Firewall Security DefinitionFirewall Security Definition
Firewall Security DefinitionPatten John
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
Firewalls
FirewallsFirewalls
Firewallsvaishnavi
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Firewall
Firewall Firewall
Firewall Amuthavalli Nachiyar
 
Firewall
FirewallFirewall
FirewallApo
 
Firewall & types of Firewall
Firewall & types of Firewall Firewall & types of Firewall
Firewall & types of Firewall BharathiKrishna6
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Assignment on windows firewall
Assignment on windows firewallAssignment on windows firewall
Assignment on windows firewallMd Shihab
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationyogendrasinghchahar
 
Firewall
FirewallFirewall
FirewallMudasser Afzal
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Firewalls
FirewallsFirewalls
FirewallsUniversity of Central Punjab
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
Firewalls
FirewallsFirewalls
FirewallsKalluri Madhuri
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Firewall
FirewallFirewall
FirewallSaurabh Chauhan
 
Firewall basics
Firewall basicsFirewall basics
Firewall basicsFredrick Hall
 
Firewalls in network security
Firewalls in network securityFirewalls in network security
Firewalls in network securityVikram Khanna
 
unified threat management by Nisha Menon K
unified threat management by Nisha Menon K unified threat management by Nisha Menon K
unified threat management by Nisha Menon KNisha Menon K
 
Aws security with HIDS, OSSEC
Aws security with HIDS, OSSECAws security with HIDS, OSSEC
Aws security with HIDS, OSSECMayank Gaikwad
 
Introducao WAF Tchelinux 2012
Introducao WAF Tchelinux 2012Introducao WAF Tchelinux 2012
Introducao WAF Tchelinux 2012Jeronimo Zucco
 

More Related Content

What's hot

UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
Firewalls
FirewallsFirewalls
Firewallsvaishnavi
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Firewall
FirewallFirewall
FirewallApo
 
Firewall & types of Firewall
Firewall & types of Firewall Firewall & types of Firewall
Firewall & types of Firewall BharathiKrishna6
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Assignment on windows firewall
Assignment on windows firewallAssignment on windows firewall
Assignment on windows firewallMd Shihab
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Firewall basics
Firewall basicsFirewall basics
Firewall basicsFredrick Hall
 
Firewalls in network security
Firewalls in network securityFirewalls in network security
Firewalls in network securityVikram Khanna
 
unified threat management by Nisha Menon K
unified threat management by Nisha Menon K unified threat management by Nisha Menon K
unified threat management by Nisha Menon KNisha Menon K
 

What's hot (20)

UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
 
Firewall
Firewall Firewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Firewall & types of Firewall
Firewall & types of Firewall Firewall & types of Firewall
Firewall & types of Firewall
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Assignment on windows firewall
Assignment on windows firewallAssignment on windows firewall
Assignment on windows firewall
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Firewall
FirewallFirewall
Firewall
 
FireWall
FireWallFireWall
FireWall
 
Firewalls
FirewallsFirewalls
Firewalls
 
Network security
Network security Network security
Network security
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Firewall
FirewallFirewall
Firewall
 
Firewall basics
Firewall basicsFirewall basics
Firewall basics
 
Firewalls in network security
Firewalls in network securityFirewalls in network security
Firewalls in network security
 
unified threat management by Nisha Menon K
unified threat management by Nisha Menon K unified threat management by Nisha Menon K
unified threat management by Nisha Menon K
 

Viewers also liked

Aws security with HIDS, OSSEC
Aws security with HIDS, OSSECAws security with HIDS, OSSEC
Aws security with HIDS, OSSECMayank Gaikwad
 
Introducao WAF Tchelinux 2012
Introducao WAF Tchelinux 2012Introducao WAF Tchelinux 2012
Introducao WAF Tchelinux 2012Jeronimo Zucco
 
Securing Hadoop with OSSEC
Securing Hadoop with OSSECSecuring Hadoop with OSSEC
Securing Hadoop with OSSECVic Hargrave
 
Managing Your Security Logs with Elasticsearch
Managing Your Security Logs with ElasticsearchManaging Your Security Logs with Elasticsearch
Managing Your Security Logs with ElasticsearchVic Hargrave
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMAlienVault
 
Malware Detection with OSSEC HIDS - OSSECCON 2014
Malware Detection with OSSEC HIDS - OSSECCON 2014Malware Detection with OSSEC HIDS - OSSECCON 2014
Malware Detection with OSSEC HIDS - OSSECCON 2014Santiago Bassett
 
Implementing ossec
Implementing ossecImplementing ossec
Implementing ossecJeronimo Zucco
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)Papun Papun
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)k33a
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 

Viewers also liked (12)

Aws security with HIDS, OSSEC
Aws security with HIDS, OSSECAws security with HIDS, OSSEC
Aws security with HIDS, OSSEC
 
Introducao WAF Tchelinux 2012
Introducao WAF Tchelinux 2012Introducao WAF Tchelinux 2012
Introducao WAF Tchelinux 2012
 
Securing Hadoop with OSSEC
Securing Hadoop with OSSECSecuring Hadoop with OSSEC
Securing Hadoop with OSSEC
 
Managing Your Security Logs with Elasticsearch
Managing Your Security Logs with ElasticsearchManaging Your Security Logs with Elasticsearch
Managing Your Security Logs with Elasticsearch
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
 
Malware Detection with OSSEC HIDS - OSSECCON 2014
Malware Detection with OSSEC HIDS - OSSECCON 2014Malware Detection with OSSEC HIDS - OSSECCON 2014
Malware Detection with OSSEC HIDS - OSSECCON 2014
 
Implementing ossec
Implementing ossecImplementing ossec
Implementing ossec
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
 
HP ArcSight
HP ArcSight HP ArcSight
HP ArcSight
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 

Similar to What is firewall

firewall.ppt
firewall.pptfirewall.ppt
firewall.pptssuser530a07
 
Firewall (2)
Firewall (2)Firewall (2)
Firewall (2)marghali
 
[9] Firewall.pdf
[9] Firewall.pdf[9] Firewall.pdf
[9] Firewall.pdflamtran367679
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfDr. Shivashankar
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8limsh
 
Section c group2_firewall_ final
Section c group2_firewall_ finalSection c group2_firewall_ final
Section c group2_firewall_ finalpg13tarun_g
 
firewall.pdf
firewall.pdffirewall.pdf
firewall.pdfAnand992498
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and functionNisarg Amin
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Radhika Talaviya
 
201302057 lakshay it.pptx
201302057 lakshay it.pptx201302057 lakshay it.pptx
201302057 lakshay it.pptxLakshayYadav46
 
Information Security (Firewall)
Information Security (Firewall)Information Security (Firewall)
Information Security (Firewall)Zara Nawaz
 
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...ams1ams11
 
Network defenses
Network defensesNetwork defenses
Network defensesG Prachi
 
Firewall
FirewallFirewall
FirewallHusumihadi
 

Similar to What is firewall (20)

Seminar
SeminarSeminar
Seminar
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
 
Firewall (2)
Firewall (2)Firewall (2)
Firewall (2)
 
[9] Firewall.pdf
[9] Firewall.pdf[9] Firewall.pdf
[9] Firewall.pdf
 
Firewall and its Types
Firewall and its TypesFirewall and its Types
Firewall and its Types
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdf
 
Firewall
FirewallFirewall
Firewall
 
Divyanshu.pptx
Divyanshu.pptxDivyanshu.pptx
Divyanshu.pptx
 
BAIT1103 Chapter 8
BAIT1103 Chapter 8BAIT1103 Chapter 8
BAIT1103 Chapter 8
 
Section c group2_firewall_ final
Section c group2_firewall_ finalSection c group2_firewall_ final
Section c group2_firewall_ final
 
firewall.pdf
firewall.pdffirewall.pdf
firewall.pdf
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and function
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters
 
201302057 lakshay it.pptx
201302057 lakshay it.pptx201302057 lakshay it.pptx
201302057 lakshay it.pptx
 
Information Security (Firewall)
Information Security (Firewall)Information Security (Firewall)
Information Security (Firewall)
 
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [312-342...
 
Network defenses
Network defensesNetwork defenses
Network defenses
 
Firewall
FirewallFirewall
Firewall
 

Recently uploaded

Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Pooja Nehwal
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Dr. Mazin Mohamed alkathiri
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 

Recently uploaded (20)

Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 

What is firewall

  • 1. Firewall Officially invented in early 1990s H.M.H.R.JAYARATHNA 1 E091040028
  • 2. What is a firewall? • A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service • It may be a hardware device(fig.1) or a software program(fig.2) running on a secure host computer. H.M.H.R.JAYARATHNA 2 E091040028
  • 3. • A firewall sits at the junction point or gateway between the two networks, usually a private network and a public network such as the Internet. • The earliest firewalls were simply routers H.M.H.R.JAYARATHNA 3 E091040028
  • 4. Fig.1 Hardware firewall providing protection to a Local Network. H.M.H.R.JAYARATHNA 4 E091040028
  • 5. Fig.2 Computer running firewall software to provide protection H.M.H.R.JAYARATHNA 5 E091040028
  • 6. What does a firewall do? • examines all traffic routed between the two networks to see if it meets certain criteria • firewall filters both inbound and outbound traffic. • can filter packets based on their source and destination addresses and port numbers. known as address filtering. H.M.H.R.JAYARATHNA 6 E091040028
  • 7. • can also filter specific types of network traffic. known as protocol filtering (Eg: HTTP, ftp or telnet.) • can also filter traffic by packet attribute or state. H.M.H.R.JAYARATHNA 7 E091040028
  • 8. What can't a firewall do? • cannot prevent individual users with modems from dialling into or out of the network, bypassing the firewall altogether. • Cannot control employee misconduct or carelessness H.M.H.R.JAYARATHNA 8 E091040028
  • 9. Who needs a firewall? • Anyone who is responsible for a single computer/private network that is connected to Internet via modem/a public network needs firewall H.M.H.R.JAYARATHNA 9 E091040028
  • 10. How does a firewall work? • There are two access denial methodologies used – firewall may allow all traffic through unless it meets certain criteria – it may deny all traffic unless it meets certain criteria • Firewalls may be concerned with the type of traffic, or with source or destination addresses and ports. H.M.H.R.JAYARATHNA 10 E091040028
  • 11. Fig.3 Basic Firewall Operation. H.M.H.R.JAYARATHNA 11 E091040028
  • 12. What different types of firewalls are there? • four broad categories – packet filters – circuit level gateways – application level gateways – stateful multilayer inspection H.M.H.R.JAYARATHNA 12 E091040028
  • 13. Packet filtering firewalls • work at the network level of the OSI model, or the IP layer of TCP/IP. • usually part of a router. • each packet is compared to a set of criteria before it is forwarded. • Depending on the packet and the criteria, the firewall can drop the packet, forward it or send a message to the originator. H.M.H.R.JAYARATHNA 13 E091040028
  • 14. • Rules can include source and destination IP address, source and destination port number and protocol used. • Advantage: their low cost and low impact on network performance. • implementing packet filtering at the router level affords an initial degree of security at a low network layer. H.M.H.R.JAYARATHNA 14 E091040028
  • 15. • This type of firewall only works at the network layer however and does not support sophisticated rule based models. • Network Address Translation (NAT) routers offer the advantages of packet filtering firewalls but can also hide the IP addresses of computers behind the firewall, and offer a level of circuit-based filtering. H.M.H.R.JAYARATHNA 15 E091040028
  • 16. Packet Filtering Firewall H.M.H.R.JAYARATHNA 16 E091040028
  • 17. circuit level gateways • work at the session layer of the OSI model, or the TCP layer of TCP/IP. • monitor TCP handshaking between packets to determine whether a requested session is legitimate. • Information passed to remote computer through a circuit level gateway appears to have originated from the gateway. H.M.H.R.JAYARATHNA 17 E091040028
  • 18. • useful for hiding information about protected networks. • Circuit level gateways are relatively inexpensive • They do not filter individual packets. • Advantage: hiding information about private protect networks. H.M.H.R.JAYARATHNA 18 E091040028
  • 19. Circuit level Gateway H.M.H.R.JAYARATHNA 19 E091040028
  • 20. Application level gateways • also called proxies • similar to circuit-level gateways except that they are application specific. • can filter packets at the application layer of the OSI model. • Incoming or outgoing packets cannot access services for which there is no proxy. H.M.H.R.JAYARATHNA 20 E091040028
  • 21. • an application level gateway that is configured to be a web proxy will not allow any FTP, gopher, telnet or other traffic through. • can filter application specific commands such as http:post and get, etc. • can also be used to log user activity and logins. H.M.H.R.JAYARATHNA 21 E091040028
  • 22. • offer a high level of security, but have a significant impact on network performance. • This is because of context switches that slow down network access dramatically. • They are not transparent to end users and require manual configuration of each client computer. H.M.H.R.JAYARATHNA 22 E091040028
  • 23. Application level Gateway H.M.H.R.JAYARATHNA 23 E091040028
  • 24. Stateful Multilayer Inspection Firewall • filter packets at the network layer, determine whether session packets are legitimate and evaluate contents of packets at the application layer. • allow direct connection between client and host, alleviating the problem caused by the lack of transparency of application level gateways. H.M.H.R.JAYARATHNA 24 E091040028
  • 25. • rely on algorithms to recognize and process application layer data instead of running application specific proxies. • offer a high level of security, good performance and transparency to end users. • are expensive • Due to their complexity are potentially less secure than simpler types of firewalls if not administered by highly competent personnel. H.M.H.R.JAYARATHNA 25 E091040028
  • 26. Stateful Multilayer Inspection Firewall H.M.H.R.JAYARATHNA 26 E091040028
  • 27. How do I implement a firewall? • Steps of implementing a firewall 1. Determine the access denial methodology to use. 2. Determine inbound access policy. 3. Determine outbound access policy 4. Determine if dial-in or dial-out access is required. 5. Decide whether to buy a complete firewall product, have one implemented by a systems integrator or implement one yourself. H.M.H.R.JAYARATHNA 27 E091040028
  • 28. Firewall related problems • Firewalls restrict access to certain worthful services because those are not yet identified by firewall H.M.H.R.JAYARATHNA 28 E091040028
  • 29. Benefits of a firewall • protect private local area networks from hostile intrusion from the Internet. • Firewalls allow network administrators to offer access to specific types of Internet services to selected LAN users. • Can control the access of outsiders(unidentifiers) to our network or a single machine H.M.H.R.JAYARATHNA 29 E091040028
  • 30. • References – http://www.vicomsoft.com/learning-center/firewalls/ – A definition of Firewall Security from searchSecurity.com. – A definition of Firewalls from the FreeBSD Handbook – Network Security Tutorial from About.com. – Firewall.com - The Complete Security Portal – Security in Computing, 4th Edition, by Pfleeger & Pfleeger H.M.H.R.JAYARATHNA 30 E091040028