Idris Shah, profile picture
Uploaded byIdris Shah
PPTX, PDF1,140 views

Firewall

This document discusses firewalls, including what they are, their purposes, types, configurations, and limitations. A firewall is a program or device that filters network traffic and blocks unauthorized access. Firewalls protect systems and networks from threats, provide controlled access to and from the internet, and ensure only approved traffic passes through. There are different types of firewalls that use packet filtering, application proxies, or circuit gateways to screen for threats. Firewalls can be configured as single hosts, dual-hosted, or in screened subnets for increased security. However, firewalls cannot protect from all attacks and internal/virus threats.

Downloaded 27 times
FIREWALL IDRIS SHAH CIT/20/12
What is a Firewall? • A firewall is simply a program or hardware device that filters the information coming through the Internet connection into your private network or computer system. If an incoming packet of information is flagged by the filters, it is not allowed through
Why firewalls • Protect local systems • Protect network based security threats • Provide secured and controlled access to internet • Provide restricted and controlled access from internet to local servers Firewall characteristics • All traffic from outside to inside and vice versa must pass through firewall • Only authorised traffic allowed to pass • Firewall itself immune to penetration
Types of firewall • Packet filtering firewall  applies set of rules to each incoming IP packet and then forwards or discards it.  Typically based on ip addresses and port numbers
 Filter packets going in both directions  Packet filter set up as list of rules based on matches to fields in TCP or IP header  Two default policies( discard or forward). Attacks • IP spoofing • Source routing attack • Tiny fragment attack-first fragment of packet must have predefined amount of transport header.
advantages • Simplicity • Transparency-need not know about presence of firewall • High speed Disadvantages 1.Difficulty of setting up packet filter rules-large routing tables 2. Lack of authentication
Application level gateway • Also called proxy server-typically a computer • It is service specific • Acts as a relay of application level traffic
Advantages • Higher security than packet filters • Only need to scrutinise few allowable applications • Easy to log and audit all incoming traffic- bactracking Disadvantages Additional processing overhead on each connection Slower as computers not routers
Circuit level gateway
• More like tunelling • Standalone system, or specialised function performed by application level gateway • Does not permit end-to-end TCP connection , rather gateway sets up two TCP connections • Security function consists of determining which connections will be allowed
Bastion Host • It is a system identified by firewall administrator as critical point in network security • Executes secure version of its OS and is trusted • Consists of services which are essential • Requires additional authentication before access is allowed
Firewall configurations • In addition to use of simple configuration of single system, more complex configurations are possible as:  Single homed host  Dual-homed host  Screened subnet
Single homed host • Only packets from and to bastion host allowed to pass through router • Bastion host performs authentication and proxy functions Greater security because: • Implements packet and application level filtering • Intruder has to penetrate two seperate systems
Dual homed host • Packet filtering router not completely compromised • Traffic between internet and hosts on private network has to flow through bastion host • DMZ-CONTAINS INFO WHICH CAN BE ACCESSED FROM OUTSIDE
Screened subnet • Most secure • Two packet filtering routers used • Creation of isolated subnetwork • Inside router accepts packets only from bastion host
Firewall Limitations • cannot protect from attacks bypassing it • cannot protect against internal threats – e.g. disgruntled employee-intrusion detection systems which looks for statistical anamoly. Install personal firewall on desktops • cannot protect against transfer of all virus infected programs or files – because of huge range of O/S & file types

More Related Content

PPTX
Seminar
byAbhinav Kushwah
 
PPTX
Cyber Security - Firewall and Packet Filters
byRadhika Talaviya
 
PPTX
Firewall and its types and function
byNisarg Amin
 
PPT
Lecture 4 firewalls
byrajakhurram
 
PDF
Firewalls
byJyoti Akhter
 
PPTX
Firewall Basing
byPina Parmar
 
PDF
Firewall fundamentals
byThang Man
 
PPT
Firewalls
byIGZ Software house
 
Seminar
byAbhinav Kushwah
 
Cyber Security - Firewall and Packet Filters
byRadhika Talaviya
 
Firewall and its types and function
byNisarg Amin
 
Lecture 4 firewalls
byrajakhurram
 
Firewalls
byJyoti Akhter
 
Firewall Basing
byPina Parmar
 
Firewall fundamentals
byThang Man
 
Firewalls
byIGZ Software house
 

What's hot

PPTX
Firewall in Network Security
bylalithambiga kamaraj
 
PPTX
Firewall Design and Implementation
byajeet singh
 
PPTX
Firewalls
byvaishnavi
 
PPT
Firewall & its configurations
byStudent
 
PPT
Firewalls
byUniversity of Central Punjab
 
PPT
firewalls
byahmedOday
 
PPTX
Firewall management introduction
byRaghava Sharma
 
PPTX
Firewall
bySaurabh Chauhan
 
PPSX
What is firewall
byHarshana Jayarathna
 
PPT
FireWall
byrubal_9
 
PDF
Network firewall function & benefits
byAnthony Daniel
 
PPT
Firewall
bylmbriscoe
 
PPT
Firewalls
byShreya Singireddy
 
PPT
Firewalls
byAkhil Sharma
 
PPS
Internetworking With Pix Firewall
bySouvik Santra
 
PPT
Firewall Architecture
byYovan Chandel
 
PDF
E firewalls
byAbhiroop Ghatak
 
PPTX
Firewall and its purpose
byRohit Phulsunge
 
PPTX
network security, group policy and firewalls
bySapna Kumari
 
DOC
Firewall
byApo
 
Firewall in Network Security
bylalithambiga kamaraj
 
Firewall Design and Implementation
byajeet singh
 
Firewalls
byvaishnavi
 
Firewall & its configurations
byStudent
 
Firewalls
byUniversity of Central Punjab
 
firewalls
byahmedOday
 
Firewall management introduction
byRaghava Sharma
 
Firewall
bySaurabh Chauhan
 
What is firewall
byHarshana Jayarathna
 
FireWall
byrubal_9
 
Network firewall function & benefits
byAnthony Daniel
 
Firewall
bylmbriscoe
 
Firewalls
byShreya Singireddy
 
Firewalls
byAkhil Sharma
 
Internetworking With Pix Firewall
bySouvik Santra
 
Firewall Architecture
byYovan Chandel
 
E firewalls
byAbhiroop Ghatak
 
Firewall and its purpose
byRohit Phulsunge
 
network security, group policy and firewalls
bySapna Kumari
 
Firewall
byApo
 

Similar to Firewall

PPTX
Firewall ( Cyber Security)
byJainam Shah
 
PPTX
Firewall
byTapan Khilar
 
PPTX
Firewall Design and Implementation
byajeet singh
 
PPT
Class 10 Cyber Security for engineering students
byDrVikasMahor
 
PDF
[9] Firewall.pdf
bylamtran367679
 
PPTX
Firewall presentation
bygaurav96raj
 
PPTX
Firewall
byNaga Dinesh
 
PDF
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
byFahmiOlayah
 
PPTX
firrewall and intrusion prevention system.pptx
byfatimagull32
 
PPTX
Firewall
byAravindharamanan S
 
PPTX
UNIT-4 network information security ID system
byagasyabutolia
 
PPT
Firewall protection
byVC Infotech
 
PPTX
Firewall
byreddivarihareesh
 
PPT
Firewall
byAmuthavalli Nachiyar
 
PPT
Firewall
byApo
 
PPT
Tech 101: Understanding Firewalls
byLikan Patra
 
PPT
Presentation, Firewalls
bykkkseld
 
PPT
Presentation, Firewalls
bykkkseld
 
PPTX
Firewall ppt
byRevanth71
 
PPTX
Firewall
byHasnain Ali
 
Firewall ( Cyber Security)
byJainam Shah
 
Firewall
byTapan Khilar
 
Firewall Design and Implementation
byajeet singh
 
Class 10 Cyber Security for engineering students
byDrVikasMahor
 
[9] Firewall.pdf
bylamtran367679
 
Firewall presentation
bygaurav96raj
 
Firewall
byNaga Dinesh
 
Firewalls.pdfdifferencesCalculate the number of moles of Mg(NO3)2 in 44.4 g o...
byFahmiOlayah
 
firrewall and intrusion prevention system.pptx
byfatimagull32
 
Firewall
byAravindharamanan S
 
UNIT-4 network information security ID system
byagasyabutolia
 
Firewall protection
byVC Infotech
 
Firewall
byreddivarihareesh
 
Firewall
byAmuthavalli Nachiyar
 
Firewall
byApo
 
Tech 101: Understanding Firewalls
byLikan Patra
 
Presentation, Firewalls
bykkkseld
 
Presentation, Firewalls
bykkkseld
 
Firewall ppt
byRevanth71
 
Firewall
byHasnain Ali
 

Recently uploaded

PPTX
Enhancing Web Security: Key Concepts & Strategies.pptx
byParham Abolghasemi
 
PDF
The Complete Crypto Airdrop Playbook: Strategies, Scams & Success Stories | 3...
by3verseTV
 
PPSX
AppSec Role Based Training OWASP Global AppSec USA 2025-11-06
byRobert Grupe, CSSLP CISSP PE PMP
 
PDF
Unveiling the Basics of Agentic AI - OSUG Mumbai
bythesubuiyer
 
PDF
Analyze and Store Logs - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
PDF Security Intelligence Platform | Cybersecurity Project by Ashish Patil
byAshishPatil495087
 
PDF
Cybersecurity in ASEAN and Singapore Columbia SIPA 2025.pdf
byBenjamin Ang
 
PDF
Database Performance at Scale: The TL;DR
byScyllaDB
 
PDF
ENTSO-E's Response to the European Commission Call for Evidence on the Strate...
byReynir Orn Bachmann Gudmundsson
 
PPTX
Odoo_by_Infinys_All_in_One_Business_Solution_for_Small_Companies.pptx
byAgusto Sipahutar
 
PDF
Install and Update Software - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Q3'25 Financial Results and Earnings Presentation
byDropbox
 
PDF
Access Linux File System in RHEL - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Private Governance: How Decentralized Mechanisms Can Regulate the Crypto Economy
byFederico Ast
 
PDF
Create, View and Edit Text Files - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Career Blueprint: Mentor Tracks & Career Clinic - Part 2
byDianaGray10
 
PDF
Sylvester Konadu Worcester MA - An Accomplished IT Analyst
bySylvester Konadu Worcester
 
PPTX
AI and Linux in 2025 - Jay LaCroix, Learn Linux TV
byAll Things Open
 
PDF
Inclusive India_Samir_Dash_10 NOV_FINAL 2025.pdf
bySamir Dash
 
PPTX
Bulwark Pokemon League Top 8 graphic archive
byGc Howard
 
Enhancing Web Security: Key Concepts & Strategies.pptx
byParham Abolghasemi
 
The Complete Crypto Airdrop Playbook: Strategies, Scams & Success Stories | 3...
by3verseTV
 
AppSec Role Based Training OWASP Global AppSec USA 2025-11-06
byRobert Grupe, CSSLP CISSP PE PMP
 
Unveiling the Basics of Agentic AI - OSUG Mumbai
bythesubuiyer
 
Analyze and Store Logs - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF Security Intelligence Platform | Cybersecurity Project by Ashish Patil
byAshishPatil495087
 
Cybersecurity in ASEAN and Singapore Columbia SIPA 2025.pdf
byBenjamin Ang
 
Database Performance at Scale: The TL;DR
byScyllaDB
 
ENTSO-E's Response to the European Commission Call for Evidence on the Strate...
byReynir Orn Bachmann Gudmundsson
 
Odoo_by_Infinys_All_in_One_Business_Solution_for_Small_Companies.pptx
byAgusto Sipahutar
 
Install and Update Software - RHCSA (RH124).pdf
byLinuxCert Guru
 
Q3'25 Financial Results and Earnings Presentation
byDropbox
 
Access Linux File System in RHEL - RHCSA (RH124).pdf
byLinuxCert Guru
 
Private Governance: How Decentralized Mechanisms Can Regulate the Crypto Economy
byFederico Ast
 
Create, View and Edit Text Files - RHCSA (RH124).pdf
byLinuxCert Guru
 
Career Blueprint: Mentor Tracks & Career Clinic - Part 2
byDianaGray10
 
Sylvester Konadu Worcester MA - An Accomplished IT Analyst
bySylvester Konadu Worcester
 
AI and Linux in 2025 - Jay LaCroix, Learn Linux TV
byAll Things Open
 
Inclusive India_Samir_Dash_10 NOV_FINAL 2025.pdf
bySamir Dash
 
Bulwark Pokemon League Top 8 graphic archive
byGc Howard
 

Firewall

  • 1.
  • 2.
    What is aFirewall? • A firewall is simply a program or hardware device that filters the information coming through the Internet connection into your private network or computer system. If an incoming packet of information is flagged by the filters, it is not allowed through
  • 3.
    Why firewalls • Protectlocal systems • Protect network based security threats • Provide secured and controlled access to internet • Provide restricted and controlled access from internet to local servers Firewall characteristics • All traffic from outside to inside and vice versa must pass through firewall • Only authorised traffic allowed to pass • Firewall itself immune to penetration
  • 4.
    Types of firewall •Packet filtering firewall  applies set of rules to each incoming IP packet and then forwards or discards it.  Typically based on ip addresses and port numbers
  • 5.
     Filter packetsgoing in both directions  Packet filter set up as list of rules based on matches to fields in TCP or IP header  Two default policies( discard or forward). Attacks • IP spoofing • Source routing attack • Tiny fragment attack-first fragment of packet must have predefined amount of transport header.
  • 6.
    advantages • Simplicity • Transparency-neednot know about presence of firewall • High speed Disadvantages 1.Difficulty of setting up packet filter rules-large routing tables 2. Lack of authentication
  • 7.
    Application level gateway •Also called proxy server-typically a computer • It is service specific • Acts as a relay of application level traffic
  • 8.
    Advantages • Higher securitythan packet filters • Only need to scrutinise few allowable applications • Easy to log and audit all incoming traffic- bactracking Disadvantages Additional processing overhead on each connection Slower as computers not routers
  • 9.
  • 10.
    • More liketunelling • Standalone system, or specialised function performed by application level gateway • Does not permit end-to-end TCP connection , rather gateway sets up two TCP connections • Security function consists of determining which connections will be allowed
  • 11.
    Bastion Host • Itis a system identified by firewall administrator as critical point in network security • Executes secure version of its OS and is trusted • Consists of services which are essential • Requires additional authentication before access is allowed
  • 12.
    Firewall configurations • Inaddition to use of simple configuration of single system, more complex configurations are possible as:  Single homed host  Dual-homed host  Screened subnet
  • 13.
    Single homed host •Only packets from and to bastion host allowed to pass through router • Bastion host performs authentication and proxy functions Greater security because: • Implements packet and application level filtering • Intruder has to penetrate two seperate systems
  • 14.
    Dual homed host •Packet filtering router not completely compromised • Traffic between internet and hosts on private network has to flow through bastion host • DMZ-CONTAINS INFO WHICH CAN BE ACCESSED FROM OUTSIDE
  • 15.
    Screened subnet • Mostsecure • Two packet filtering routers used • Creation of isolated subnetwork • Inside router accepts packets only from bastion host
  • 16.
    Firewall Limitations • cannotprotect from attacks bypassing it • cannot protect against internal threats – e.g. disgruntled employee-intrusion detection systems which looks for statistical anamoly. Install personal firewall on desktops • cannot protect against transfer of all virus infected programs or files – because of huge range of O/S & file types