Filtering in Firewall

1
Filtering in Firewall

• By Fantastic 5

2
Agenda

• What is Firewall?
• Types Of Firewall
• Pros and Cons Of Different Firewalls
• What Firewall can do?
• What Firewall can not do?
• Q A

3
What is Firewall?
Isolates organizations internal network from
larger Internet, allowing some packets to pass,
blocking others.
4
Types Of Firewall

• Packet Filtering Firewall
• Operate at network layer
• Circuit Level
• Operates at transport layer
• Application level Firewall
• Operates at Application layer

5
Packet Filter Firewall
Incoming Traffic
Allowed Outgoing Traffic
6
Packet Filtering Firewall

• Stateless Filters
• Stateful Filters
• Content Filters
• Dynamic Packet Filtering

7
Stateless Packet Filters

• Simple filters
• Makes decision on a packet by packet basis
• Every packet check

8
Stateless Packet Filtering

• Pros
• Very fast, no need to remember
• anything about the traffic
• Cons
• More Complex criteria decreases
• performance
• No protection against malicious code in
  
• upper layer
• Difficult to get the filtering rules right

9
Stateful Packet Filtering

• Each connection established is stored in
• saved in a table.
• The first packet of the connection is checked
• against pre-defined rules.

10
Stateful Packet Filtering

• Pros
• Scalable
• More Secure, as maintain connection
• state
• Cons
• Connection maintain even for
• connectionless protocols
• Takes more CPU time.

11
Content Filtering

• Check the content of the packet
• It looks for the packet contents at the network
  layer

12
Circuit level Firewall
Incoming Traffic
Allowed Outgoing Traffic
13
Application Level Firewall
Incoming Traffic
Allowed Outgoing Traffic
14
Circuit Level Firewall

• Pros
• Improved security
• When network packets are
• readdressed, information about
• protected network is hidden
• Cons
• No application Level Security

15
Dynamic Packet Filtering

• Monitor state of active connection
• Record session information such as IP, Port no.
• Determines whether packets are allowed or not, by
  comparing state of that connection.
• Much secure than static packet filter
• e.g. only replies to users data
  requests are
• let back in.

16
What Firewalls can do?

• Deny unauthorized access
• Control access to authorized services
• Monitor traffic
• Raise alarm if suspicious activity occurs
• Enforce Policy

17
What Firewalls can not do?

• Protect against threats inside your network
• Protect against services allowed through
• the firewall
• Set themselves up misconfiguration
• Only Firewalls can not be used to make
• the secure network

18
Conclusion

• The Firewall alone can not make the network
  secure from the public network like internet

19
References

• Firewall(networking). 2 March 2007. Wikimedia
  Foundation Inc. 2 March 2007. lthttp//en.wikipedia
  .org/wiki/Firewallgt
• Dynamic packet Filtering (DPF). September 2002.
  Netmaster Digital security, Inc. 11 March 2007.
  lthttp//www.netmaster.com/products/ggoss-dbf.pdf
• Firewall QA. 2007. Vicomsoft Ltd. 26
  Febraury2007. lthttp//www.vicomsoft.com/knowledge/
  reference/firewalls1.html1gt
• Introduction to Firewalls. 3 Sep 2004. Addison
  Wesley Professional, Inc. 12 March 2007.
  lthttp//www.awprofessional.com/articles/article.as
  p?p170452seqNum2rl1gt
• Evolution of Firewall Industry. 28 Sep 2002.
  Cisco Systems, Inc. 22 March 2007.
  lthttp//www.cisco.com/univercd/cc/td/doc/product/i
  aabu/centri4/user/scf4ch3.htmxtocid0gt
• IP Packet Filtering. April 2007. IBM. 26 March
  2007. lthttp//publib.boulder.ibm.com/infocenter/es
  erver/v1r3s/index.jsp?topic/ipha5/packetfilterfir
  ewall.htmgt
• NVIDIA Firewall. 2004. NVIDIA Corporation. 26
  March 2007. lthttp//www.alienwaresystems.com.au/d
  nn2/Portals/0/nForce20420Firewall.pdfgt

20

• Questions?

21

• Thank U !