Security Management: Fire Wall

Download as pdf or txt
Download as pdf or txt
You are on page 1of 4

CS65-Computer Networks Dept of EEE

1 2
ISSUES …….
• Identify what you are trying to protect..
• Determine what you are trying to protect it from..
• Determine how likely the threats are..
• Implement measures that will protect your assets in a cost
effective manner..
SECURITY MANAGEMENT • Review the process continuously and make improvements if
weakness are found...

3 4

Fire wall
• Who needs a firewall?

– Anyone who is responsible for a private network that is connected


to a public network needs firewall protection.

FIREWALL – Furthermore, anyone who connects so much as a single computer


to the Internet via modem should have personal firewall software.

• A firewall is hardware, software, or a combination of both that


is used to prevent unauthorized programs or Internet users
from accessing a private network and/or a single computer
providing more control over the data on your computer.
• Also it provides a line of defense against people or programs
(including viruses and worms) that try to connect to your
computer without invitation.

S.Muralidharan 1
CS65-Computer Networks Dept of EEE

5 6

Rules Determine

• Isolates a computer or network from the “outside” based on


a defined set of rules WHO ? WHEN ?
WHAT ? HOW ?
– Inspects each individual "packet" of data as it arrives at either side of
the firewall

– Maintains a state table INTERNET


My
PC

– Determine whether traffic should be allowed to pass or be blocked

Protected
Firewall Network

How does a firewall work?


7 8

Blocks packets based on: Hardware vs. Software Firewalls


– Source IP Address or range of addresses.
– Source IP Port Address
Filtering
• Hardware Firewalls
– Destination IP Address or range of addresses.
– Protect an entire network
– Destination IP Port
– Firewalls can also filter specific types of network traffic. This is also – Implemented on the router level
known as protocol filtering because the decision to forward or reject – Usually more expensive, harder to configure
traffic is dependant upon the protocol used, for example HTTP, ftp or
telnet. Firewalls can also filter traffic by packet attribute or state. • Software Firewalls
– Protect a single computer
– Usually less expensive, easier to configure

S.Muralidharan 2
CS65-Computer Networks Dept of EEE

Hardware Firewall
9 10
SOFTWARE FIREWALL
How does a software firewall work?
• Inspects each individual “packet” of data as it
arrives at either side of the firewall
• Inbound to or outbound from your computer
• Determines whether it should be allowed to pass
through or if it should be blocked

11 12
FIREWALL RULES PERSONAL FIREWALL
• Firewall implementation What a personal firewall can do…
– Works only when rules implemented are simple. • Stop hackers from accessing your computer
– More rules introduced, more difficult it is to implement. • Protects your personal information
– Rules should be implemented in correct order or it will • Blocks “pop up” ads and certain cookies
produce adverse effects • Determines which programs can access the Internet
– Testing and debugging is difficult. • Help block computer viruses and worms from reaching
• Rules like your computer
– Allow – traffic that flows automatically because it has • Ask for your permission to block or unblock certain
been deemed as “safe” (Ex. Meeting Maker, Eudora, etc.) connection requests.
– Block – traffic that is blocked because it has been • Create a record (a security log), if you want one, that
deemed dangerous to your computer records successful and unsuccessful attempts to
– Ask – asks the user whether or not the traffic is allowed connect to your computer. This can be useful as a
to pass through troubleshooting tool.

S.Muralidharan 3
CS65-Computer Networks Dept of EEE

13 14
FIREWALL CANNOT………
What a personal firewall cannot do… • Detect or disable computer viruses and worms if
• Cannot prevent e-mail viruses they are already on your computer. For that reason,
– Only an antivirus product with updated definitions can you should also install antivirus software and keep it
prevent e-mail viruses updated to help prevent viruses, worms, and other
• After setting it initially, security threats from damaging your computer or
– The firewall will require periodic updates to the rulesets using your computer to spread viruses to others.
and the software itself • Block spam or unsolicited e-mail from appearing
in your inbox. However, some e-mail programs can
help you do this.

15 16

Examples of personal firewall What’s a DMZ?


•A DMZ is a “Demilitarized Zone”. The DMZ is where
software corporate servers reside, protected from both external and
internal attacks.
• ZoneAlarm <www.zonelabs.com>
• BlackICE Defender <http://blackice.iss.net> Firewall without a DMZ

• Tiny Personal Firewall <www.tinysoftware.com>


• Norton Personal Firewall <www.symantec.com>

Firewall with a DMZ

S.Muralidharan 4

You might also like