2. Introduction
FireWall is device that provides secure connectivity between
networks..
A firewall may be a hardware, software, or a combination of
both that is used to prevent unauthorized programs or Internet
users from accessing a private network and/or a single computer.
2
3. Hardware vs. Software Firewalls
3
Hardware Firewalls
Protect an entire network
Implemented on the router level
Usually more expensive, harder to configure
Software Firewalls
Protect a single computer
Usually less expensive, easier to configure
4. How does a software firewall work?
4
Inspects each individual “packet” of data as it arrives at either
side of the firewall
Determines whether it should be allowed to pass through or if it
should be blocked
5. Types of Firewalls
Common types of Firewalls:
1. Packet-filtering routers
2. Application-level gateways1
3. Circuit-level gateways1
5
6. 6
◦ Packet-filtering Router
• Applies a set of rules to each incoming IP packet
and then forwards or discards the packet
◦ Filter packets going in both directions
◦ The packet filter is typically set up as a list of
rules based on matches to fields in the IP or TCP
header
◦ Two default policies (discard or forward)
8. 8
Packet Filtering Firewall
A packet filtering firewall is often called a network layer firewall
because the filtering is primarily done at the network layer (layer
three) or the transport layer (layer four) of the OSI reference
model.
9. 9
Application-level Gateway
Gateway sits between user on inside and server on outside. Instead of
talking directly, user and server talk through proxy.
Allows more fine grained and sophisticated control than packet
filtering. For example, ftp server may not allow files greater than a set
size.
A mail server is an example of an application gateway
◦ Can’t deposit mail in recipient’s mail server without passing through
sender’s mail server
host-to-gateway
ftp session
gateway-to-remote
host ftp session
application
gateway
11. 11
Circuit-level Gateway
1. Stand-alone system
2. Specialized function performed by an Application-level Gateway
3. Sets up two TCP connections
4. The security function consists of determining which connections
will be allowed
5. Typically use is a situation in which the system administrator
trusts the internal users
13. Firewall Rules
13
Allow – traffic that flows automatically because it has been
deemed
Block – traffic that is blocked because it has been deemed
dangerous to your computer
Ask – asks the user whether or not the traffic is allowed to pass
through
17. 17
What a personal firewall can do ?
• Stop hackers from accessing your computer.
• Protects your personal information.
• Blocks “pop up” ads and certain cookies.
• Determines which programs can access the Internet.
• Block invalid packets.
18. 18
• What a personal firewall cannot do ?
• Cannot prevent e-mail
viruses
– Only an antivirus product
with updated definitions can
prevent e-mail viruses.
• After setting it initially, you cannot forget about it
– The firewall will require periodic updates to the rulesets
and the software itself.