FireWalls in Computer Networks

1
introducingFIREWALLS
GROUP 21

• NETWORK SECURITY

GROUP 21
2
Firewalls in Network Security
FIREWALLS

3
Defining a FIREWALL
1
A firewall is a device (or software ) designed to
control the flow of traffic into and out-of a
network. In general, firewalls are installed to
prevent attacks.

• According to Microsoft, a firewall is a software
  program or piece of hardware that helps screen
  out hackers, viruses, and worms that try to reach
  your computer over the Internet. 
• A firewall is a security policy enforcement point
  that regulates access between computer networks.
• It is designed to forward some packets and filter
  (not forward) others.

4
Benefits of FIREWALLS

• On the outbound side, firewalls can be configured
  to prevent employees from sending certain types
  of emails or transmitting sensitive data outside
  of the network.
• On the inbound side, firewalls can be programmed
  to prevent access to certain websites (like
  social networking sites).
• Firewalls can prevent outside computers from
  accessing computers inside the network.
• A company might choose to designate a single
  computer on the network for file sharing and all
  other computers could be restricted.
• The main goal of a personal firewall  is to
  protect your personal computer and private
  network from malicious mischief , such as hack
  attempts, virus attacks

5
How does a firewall work?

• At their most basic, firewalls work like a filter
  between your computer/network and the Internet.
  You can program what you want to get out and what
  you want to get in.
• Everything else is not allowed.
• Blocks packets based on the criteria below
• Source IP Address or range of addresses.
• Source IP Port
• Destination IP Address or range of addresses.
• Destination IP Port
• Common ports
• 80 HTTP
• 20 21 FTP

How a FIREWALL works
6
An illustration of a Firewall
FIREWALLS Illustration
For example, a firewall may filter all incoming
packets destined for a specific host or a
specific server such as HTTP. A firewall can be
used to deny access to a specific host or a
specific service in the organization. A firewall
is usually classified as a packet-filter firewall
or a proxy-based firewall.
7
Some common protocols that you can set firewall
filters for include
IP (Internet Protocol) - the main delivery system
for information over the Internet using IPv4 and
IPv6 addresses. TCP (Transmission Control
Protocol) - used to break apart and rebuild
information that travels over the Internet
block based on messages being transmitted HTTP (H
yper Text Transfer Protocol) - used for Web
pages FTP (File Transfer Protocol) - used to
download and upload files UDP (User Datagram
Protocol) - used for information that requires no
response, such as streaming audio and video e .g
YouTube SMTP (Simple Mail Transport Protocol) -
used to send text-based information
(e-mail) Telnet - used to perform commands on a
remote computer
Protocols
8
Classification of FIREWALLS
1. Packet-Filter Firewall
2. Proxy Firewall
9
1. Packet-Filter Firewall
2


A firewall can be used as a packet filter. It can
forward or block packets based on the information
in the network layer and transport layer headers
source and destination IP addresses, source and
destination port addresses, and type of protocol
(TCP or UDP). A packet-filter firewall is a
router that uses a filtering table to decide
which packets must be discarded (not forwarded).

• A packet filter firewall filters at the network
  or transport layer.

10
Illustration A PACKET FILTER FIREWALL
According to figure, the following packets are
filtered 1. Incoming packets from network
131.34.0.0 are blocked (security precaution).
Note that the (asterisk) means "any." 2.
Incoming packets destined for any internal TELNET
server (port 23) are blocked. 3. Incoming packets
destined for internal host 194.78.20.8 are
blocked. The organization wants this host for
internal use only. 4. Outgoing packets destined
for an HTTP server (port 80) are blocked. The
organization does not want employees to browse
the Internet.
11
2. Proxy Firewall
2


Filters a message based on the information
available in the message itself (at the
application layer). Example, assume that an
organization wants to implement the
following policies regarding its web pages only
those internet users who have previously
established business relations with the company
can have access access to other users must be
blocked.

• A proxy firewall filters at the application layer.

12
Illustration A PROXY FIREWALL
When the user client process sends a message, the
proxy firewall runs a server process to receive
the request. The server opens the packet at the
application level and finds out if the request is
legitimate. If it is, the server acts as a client
process and sends the message to the real server
in the corporation. If it is not, the message is
dropped and an error message is sent to the
external user. In this way, the requests of the
external users are filtered based on the contents
at the application layer..
13
PACKET FILTER
PROXY FIREWALL
ADVANTAGES
ADVANTAGES

• Low cost
• Low impact on network performance
• Lower Resource Usage
• Best suited for Smaller Networks.

• Can prevent more kinds of attacks
• The topology of the internal protected network is
  hidden by proxy firewalls.

DISADVANTAGES
DISADVANTAGES

• Vulnerable to Spoofing
• Not suitable for Complex rule based models

• Aren't compatible with all network standards
• It may be difficult to correctly configure and
  install.

14
FIREWALLSTHE END
GROUP 21

• NETWORK SECURITY

GROUP 21
15
Group members


NAME REG NO STUDENT NO
SENABULYA JOSEPH 14/U/14603/PS 214012316
KISEMBO RHITAH 14/U/8028/PS 214018882
LUTAAYA SHAFIQ 14/U/8759/PS 214002883
KAMANDA JAMES AMOS 14/X/22308/PS 214020676
KYAZZE SOLOMON 14/U/8484/PS 214005207