Information Security and Management 20' Firewalls - PowerPoint PPT Presentation

1 / 26
About This Presentation
Title:

Information Security and Management 20' Firewalls

Description:

Typically, the bastion host serves as a platform for an application-level or ... The bastion host performs authentication and proxy functions ... – PowerPoint PPT presentation

Number of Views:36
Avg rating:3.0/5.0
Slides: 27
Provided by: can73
Category:

less

Transcript and Presenter's Notes

Title: Information Security and Management 20' Firewalls


1
Information Security and Management 20.
Firewalls
Firewall CharacteristicsType of
FirewallsFirewall Configurations
  • Chih-Hung Wang
  • Sep. 2007

2
Firewall
  • Firewall characteristics
  • All traffic from inside to outside, and vice
    versa, must pass through the firewall
  • Only authorized traffic will be allowed to pass
  • The firewall itself is immune to penetration

3
General Techniques
  • Service control
  • Direction control
  • User control
  • Behavior control

4
Scope of a firewall
  • A single choke
  • Keeps unauthorized users out of the protected
    network
  • Prohibits potentially vulnerable services from
    entering or leaving the network
  • Provides protection from various kinds of IP
    spoofing and routing attacks
  • Provides a location for monitoring
    security-related events
  • A convenient platform for several Internet
    functions that are not security related
  • Serve as the platform for IPSec

5
Limitations
  • The firewall cannot protect against attacks that
    by pass the firewall
  • Dial-out to connect to an ISP
  • LAN supports the dial-in service
  • The firewall does not protect against internal
    threats
  • The firewall cannot protect against the transfer
    of virus-infected programs or files

6
Types of Firewalls
7
Packet-filtering router
  • Packet-filtering router
  • Applies a set of rules to each incoming IP packet
    and then forwards or discards the packet
  • Typically configured to filter packets going in
    both directions
  • Filtering rules are based on fields in the IP and
    transport (TCP or UDP) header
  • Source and destination IP address
  • IP protocol field
  • TCP or UDP port number

8
Packet-filtering router
9
Packet-filtering router
  • Rules example
  • Assume that the defaultdiscard policy in force
  • Ex (A)

10
Packet-filtering router
  • EX (B)
  • EX (C)

11
Packet-filtering router
  • EX (D)
  • EX (E)

12
Packet-filtering router
  • Advantages
  • Transparent to users
  • Very fast
  • Disadvantages
  • Difficultly of setting up packet filter rules
    correctly
  • Lack of authentication

13
Application-Level Gateway
  • Also called a proxy server
  • Acts as a relay of application-level traffic

14
Application-Level Gateway
  • Proxy Server
  • If the gateway does not implement the proxy code
    for a specific application, the service is not
    supported and cannot be forwarded across the
    firewall

15
Application-Level Gateway
  • Advantages
  • Tend to be more secure than packet filters
  • Deal with the numerous possible combinations that
    are to be allowed and forbidden at the TCP and IP
    level
  • Scrutinize a few allowable applications
  • Log and audit all incoming traffic at the
    application level
  • Disadvantages
  • Additional processing overhead on each connection
  • Drawbacks to using a proxy client

16
Bastion Host
  • A bastion host is a system identified by the
    firewall administrator as a critical strong point
    in the networks security
  • Typically, the bastion host serves as a platform
    for an application-level or circuit-level gateway

17
Firewall Configurations
  • Dual homed host
  • Screened-host
  • Single-homed bastion
  • Dual-homed bastion
  • Screened-subnet

18
Dual homed host
  • Two network interfaces
  • Complete block to IP traffic between two networks
  • All service are blocked except those for which
    proxies exists

19
Dual homed host
20
Screened Host
  • Single-homed bastion
  • The firewall consists of two systems a
    packet-filtering router and a bastion host
  • The bastion host performs authentication and
    proxy functions
  • This configuration has greater security than
    simply a packet-filtering router or an
    application-level gateway alone
  • Traffic from Internet sites to bastion host can
    be routed
  • Reject all traffic from inside unless it came
    from bastion host
  • Some ?trusted? service can go directly between
    two networks

21
Screened Host
  • Single-homed bastion
  • If the packet-filtering router is completely
    compromised, traffic could flow directly through
    the router between the Internet and other hosts
    on the private network

22
Screened Host
  • Dual-homed bastion

23
Screened-subnet
  • Two packet-filtering routers are used
  • One between the bastion host and the Internet and
    one between the bastion host and the internal
    network

24
Enterprise Example
  • Case 1

25
Enterprise Example
  • Case 2

26
Enterprise Example
  • Case 3
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Information Security and Management 20' Firewalls" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!