100 likes | 390 Views
Chapter 7. 7.4 Firewalls. In This Section. What is a Firewall? Types of Firewall Comparison of Firewalls Types What Firewall Can-and Cannot Block. What is a Firewall?. A device that filters all traffic between a protected or “inside” network and a less trustworthy or “outside” network.
E N D
Chapter 7 7.4 Firewalls Network Security / G.Steffen
In This Section • What is a Firewall? • Types of Firewall • Comparison of Firewalls Types • What Firewall Can-and Cannot Block Network Security / G.Steffen
What is a Firewall? • A device that filters all traffic between a protected or “inside” network and a less trustworthy or “outside” network. • It runs on a dedicated device • It is an executable code, therefore an attacker could comprise that code & execute from the firewalls device. • Its purpose is to keep a protected environment. Network Security / G.Steffen
Types of Firewalls 1 • Packet Filtered Gateway • It is the simplest and in some situation the most effective. • It controls access to packets on the basis of packet address. Network Security / G.Steffen
Types of Firewalls 2 • Stateful Inspection Firewall • It maintains state information from one packet to another in the input stream. • It also tracks the sequence of packets & conditions from one packet to another to thwart an attack. Filter Screening Outside Addresses Network Security / G.Steffen
Types of Firewalls 3 • Application Proxy • It suns pseudo-applications • Packet filters look only at the header of packets, passing anything to port 25. • Application proxy gateway (bastion host)- a firewall that simulates the proper effects of an application so that the application receives only requests to act properly. • A proxy gateway intrudes in the middle of the protocol exchange Network Security / G.Steffen
Types of Firewalls 4 • Guards • It is a sophisticated firewall • Similar to proxy firewall, receives protocol data units, interprets them and passes them. • Personal Firewalls • It is an application program that runs on a workstation to block unwanted traffic, usually from the network. • It is configured to enforce some policies. • It sums on the computer it is trying to protect. Network Security / G.Steffen
Comparison of Firewall Types Network Security / G.Steffen
What Firewall Can-and Cannot Do • Firewall • It must be configured properly • It only protects the perimeter of its environment. • They are targets for penetrators • It exercises only minor control over the content admitted to the inside. • It does not protect data outside the perimeter • It alone cannot secure an environment Network Security / G.Steffen