ppt consists of history, generations of firewalls, types, architectures, advantages & disadvantages. very basic ppt- can be used for college & paper presentation seminars.

1. FIREWALLSFIREWALLS
A Paper Presentation

2. INTRODUCTIONINTRODUCTION
Firewall is a software or hardware
application that is used to protect a device
from external harmful data packets.
The operating systems such as Windows7,
Ubuntu, etc have software based firewalls.
The hardware based firewalls are in routers.

3. HISTORYHISTORY
The term ‘firewall’ originally referred to a
wall intended to confine a fire or a
potential fire within a building.
Firewall technology came up in 1980’s
when the internet was emerging and a
fairly new concept.
Routers used in late 1980’s were the
predecessors to firewalls being used
today.

4. GENERATIONS OFGENERATIONS OF
FIREWALLSFIREWALLS
There are three generations of firewalls:
First generation: Packet Filters
The engineers from Digital Equipment Co-
operation introduced packet filter firewalls
first in 1980.
Packet filters act by inspecting “packets”
which transfer between computers to the
internet.
If the packet don’t match with the packet
filters rules, it simply discards the packet or
gives error responses to the source.

5. The disadvantage of packet filtering: It pays
no attention to whether the packet is a part
of existing traffic stream or not.
Instead, it filters each packet based on the
information contained in the packet such as
source & destination, address and port no.,
etc.

6. Second generation: Stateful filters
In 1989-1990, Dave Presetto, Jarnardhan
Sharma and Kshitij Nigam from AT&T
Bell Laboratories developed the second
generation of firewalls and named it
circuit level firewalls.
Stateful packet inspection records all
connections passing through and
determines whether the packet is the
start of a new connection, part of an
existing one or not part of any
connection.

7. The disadvantage of stateful filters: It faces
denial-of–service attack threat. The firewall
can be bombarded with thousands of fake
connection packets to overwhelm it by filling
its connection state memory.

8. Third Generation: Application layer
Marcus Raman, Wei Xin and Peter
Churchyard developed the first
Application layer firewall named Toolkit.
The key benefit of Application firewall is
it can understand certain applications and
protocols such as the FTP, DNS and
HTTP.
Advantage: able to detect unwanted
protocols passing through an allowed
port or if any protocol is being harmed.

10. TYPESTYPES
Network layer:
Network layer operate on a relatively
low-level TCP/IP protocol stack, not
allowing packets to pass through the
firewall until they match established the
rule set.
Network firewalls are of two types:
(1)Stateful
(2)Stateless

11. Stateful: Stateful firewalls maintain
context about active sessions and use
that “state information” to speed up
packet processing.
Any existing network connection can be
described by several properties, including
source and destination IP address, UDP
or TCP ports, and the current stage of
the connections lifetime.
• Stateless: Stateless firewalls require less
memory and can be faster for simple
filters that require less time to filter than
to look up a session.

12. They can’t make complex decisions
based on what stage communications
between hosts have reached.

13. Application layer:
 Application layer firewalls work on the
application layer of the TCP/IP stack and
may intercept all packets traveling to or
from on application. They block other
packets.
 Application firewalls function by
determining whether a process should
accept any connection.
 Application firewalls accomplish their
function by hooking into socket calls to
filter the connection between the
application layer and other lower layers.

15. Proxies:
A proxy server, running either a
dedicated hardware or software or a
general-purpose machine, may act as a
firewall by responding to input packets in
the manner of an application, while
blocking other packets.
Proxies make tampering with an internal
system from the external network,
making security breach more difficult.

17. FIREWALL ARCHITECTURESFIREWALL ARCHITECTURES
There are five basic common firewall
architectures present:
Screening routers
Screened host gateways
Dual homed gateways
Screened subnets
Belt and suspenders approach

18. SCREENING ROUTERSSCREENING ROUTERS
This is the simplest of firewalls as it
places packet filters in the router itself.
This is a completely transparent to all the
parties involved in it, but the screening
routers leave a chance of leak of
network.
It merely passes the traffic from source
to destination rather from point to point.
Hence, this makes screening routers
inadequate.

20. SCREENED HOST GATEWAYSSCREENED HOST GATEWAYS
Hosts and routers are used together for
firewall architecture.
Most commonly used firewalls today
All packet filtering and access control is
performed at the router.
The router permits only that traffic that
the policy permits.
Performs number of functions as well
such as act as gateway for external
network to communicate with internal
network.

22. DUAL HOMED GATEWAYDUAL HOMED GATEWAY
Dual homed gateways places a single
machine with two networks.
All users must log into the machine
before proceeding to the network, or as
a host for proxy servers, in which user
accounts are not required.
The passing of packets can be done only
after configuring the host making it
complex.
The failure rate is much higher than
screening routers

24. SCREENED SUBNETSCREENED SUBNET
Screened subnet is similar to screened
host gateway, only one step further.
The screening router is still present at
the first point of entry and screens the
incoming traffic between Internet and the
public hosts.
The functions of that gateway are spread
among multiple hosts. E.g. the host can be
web server or another acts as FTP
server, etc.

26. BELT AND SUSPENDERSBELT AND SUSPENDERS
APPROACHAPPROACH
It uses screened subnet and takes it one
step further by protecting public
machines from the Internet.
There is a major difference between belt
and suspenders approach and screened
subnet: In screened subnet, proxy
servers perform the entire access control
while in belt and suspenders, proxy
server acts as first line of control. And
internal router back ups the server.

28. ADVANTAGES ANDADVANTAGES AND
DISADVANTAGESDISADVANTAGES
ADVANTAGES:
 Protect the computer from “bad”
network and give a steady interface.
 Protect the system from external attack
of worms and viruses.
 Help in recognition of threats and
disturbances easily.

29. DISADVANTAGES:
 Cannot protect from internal attacks,
such as a malicious code being executed.
 Unaffected on organizations with greater
insider threats such as Banks and Military.
 Protection is supposed to be present in
every layer and assess the threat too,
firewall doesn’t give protection in every
layer.
 Cannot protect against transfer of virus
infected programs or files because of
huge range of operating systems and file
types.

30. CONCLUSIONCONCLUSION
Firewalls in today’s generation of networks
and computer are necessary.
Every computer and router is provided
with the software or hardware form of
firewalls for protection
Firewalls are of various types and each
type is implemented based upon the
security required for network or
computer.
The disadvantages of firewalls need to be
countered and better them for higher
protection of our systems and servers.

31. REFERENCESREFERENCES
Firewalls (computing), Wikipedia.
Firewalls and Internet Security, Second
Edition; William.R.Cheswick,
Steven.M.Bellovin, Aviel.R.Rublin;
Eastman Publications.
Firewall Architecture, Indonesian Virtual
Company (InVirCom).

32. THANK YOU