1 / 24

Chapter5 Firewall

Chapter5 Firewall. Ku-Chuan Lin. Outlines. Defining an access control policy Understanding firewalls Firewall functions Firewall Types Choosing a firewall type Additional firewall considerations Q & A. Defining an Access Control Policy. Direction Service Specific Individual Users

bonita
Download Presentation

Chapter5 Firewall

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter5Firewall Ku-Chuan Lin Chapter5 Firewall

  2. Outlines • Defining an access control policy • Understanding firewalls • Firewall functions • Firewall Types • Choosing a firewall type • Additional firewall considerations • Q & A Chapter5 Firewall

  3. Defining an Access Control Policy • Direction • Service • Specific • Individual Users • Time of Day • Public or Private • Quality of Service • Role Chapter5 Firewall

  4. Definition of a Firewall • A firewall is a system or group systems that enforce an access control policy on network traffic as it pass through access points. Chapter5 Firewall

  5. When is a Firewall Required? • Dial-In Modem Pool and Client-Initiated VPN • External Connections to Business Partners • Between Departments • Hosts Chapter5 Firewall

  6. Firewall Functions • Static Packet Filtering • Dynamic Packet Filtering • Stateful Filtering • Proxy Servers Chapter5 Firewall

  7. Static Packet Filtering • Protocol • Destination IP address or subnet • Source IP address or subnet • Destination service port • Source service port • Flag ( TCP only ) Chapter5 Firewall

  8. Valid TCP Flag • ACK ( Acknowledgment ) • FIN ( Final ) • PSH ( Push ) • RST ( Reset ) • SYN ( Synchronize ) • URG ( Urgent ) Chapter5 Firewall

  9. Dynamic Packet Filtering • Dynamic Packet Filtering in Action • UDP Traffic and Dynamic Packet Filtering • Is my transport supported? Chapter5 Firewall

  10. Dynamic Packet Filtering in Action Dynamic Packet Filter State Table Protected Host has a open session with Remote Server Source Port=1037 Destination Port=80 Attacker Remote Server Protected Host ACK=1 FIN=1 ACK = 1 PSH=1 ACK = 1 FIN = 1 FIN = 1 Chapter5 Firewall

  11. UDP Traffic and Dynamic Packet Filtering • Static packet filtering has some real problems handling UDP traffic. • Dynamic Packet Filtering does not rely on information within the packet header. Chapter5 Firewall

  12. Is my transport supported? • The implement of dynamic packet filtering is transport specific. • It has to be specifically implemented for each protocol transport, such as TCP, UDP and ICMP. Chapter5 Firewall

  13. Stateful Filtering • The greatest addition that stateful filtering provides to dynamic filtering is the ability to maintain application state, not just connection state. • First implemented by Check Point under the name Stateful Multilevel Inspection. Chapter5 Firewall

  14. Proxy Servers • A proxy server is an application that mediates traffic between two network segments. • With the proxy acting as mediator, the source and destination systems never actually “connect”. Chapter5 Firewall

  15. How A Proxy Passes Traffic? HTTP Application Data Request Data Request Proxy Server Internal Host Remote Server Chapter5 Firewall

  16. Filtering Hostile Code • Proxies can analyze the payload of a packet of data and make decision as to whether this packet should be passed or dropped. Chapter5 Firewall

  17. Firewall Types • Embedded Firewalls • Known as choke-point firewalls • Software Firewalls • Hardware Firewalls • Application Firewalls Chapter5 Firewall

  18. Which Type Should I Choose? • Server-Based Firewalls • Appliance-Based Firewalls • Cisco PIX • Check Point Firewall-1 Chapter5 Firewall

  19. Additional Firewall Considerations • Address Translation • Firewall Logging and Analysis • Virtual Private Networks ( VPNs) • Intrusion Detection and Response • Integration and Access Control • Third-Party Tools • You Decide Chapter5 Firewall

  20. Summary • Keep in mind the basic types and services that all firewalls offer, including: • Static/Dynamic/Stateful/Proxy filtering • VPN capabilities • Monitoring, logging and analysis • Extra services and third party product integration Chapter5 Firewall

  21. Q & A Chapter5 Firewall

  22. Question 1Firewall Deployment Internet Router A DMZ B Internal Network Web Server E-mail Server File Server Email Server Workstation Workstation Chapter5 Firewall

  23. Question 2 What is FIN Scanner? Chapter5 Firewall

  24. Question 3 Please compare server-based Firewalls with appliance-Based Firewalls? Chapter5 Firewall

More Related