Documents
Resources
Learning Center
Upload
Plans & pricing Sign in
Sign Out

03

VIEWS: 13 PAGES: 28

									Firewalls


 Danielle Barry
  Jason Bryant
   Jeremi Hale
  Charles Kelly
 Megan McBride
             Firewall Basics
   What is a firewall?

   What is its purpose?

   Who can benefit from a firewall?
         Firewall Basics con’t
   How does a firewall work?
Firewall Basics con’t
           Firewall Lifecycle
1.   Define network domain security policy
2.   Create high level structure
3.   Examine other firewalls
4.   Create low-level structure
5.   Test firewall / Review security policy
6.   Periodic testing /Maintenance
    Firewall Product Evaluation
             Checklist
 Identification – Who are we buying from
 Education and Documentation – Is there
  sufficient and clear documentation that
  comes with the product?
 Reports and Audits – What is available as
  far as reports and what audit tools
  accompany the product?
       Checklist Continued
 Attacks and Scenarios – What is our level
  of protection and what attacks does the
  current version protect against?
 Administrative Concerns – How secure and
  flexible is the administrative access?
 Implementation
 The Bottom Line
          Firewall Techniques
   Packet – filtering

   Circuit level

   NAT

   Application level
             Packet Filtering
   Works at IP layer

   Evaluates packets individually

   Unacceptable packets are dropped
Packet Filtering Diagram
  Advantages/Disadvantages
Advantages
 Low cost
 Minimal network interruption
 Low layer security


Disadvantages
 Can be susceptible to SYN/ACK attacks
              Circuit Level
   Works at TCP layer

   Connection based

   Hides address
Circuit Level Diagram
  Advantages/Disadvantages
Advantages
 IP address hiding


Disadvantages
 Doesn’t filter individual packets
                      NAT
   Hides internal addresses

   Deters sniffers

   Similar to circuit – level and packet filtering

   Second form of protection
NAT diagram
            Application Level
   Most secure

   Also known as a proxy

   Only allows specific applications

   Strain on network performance
Application Level Diagram
                       Pros
   Protect privacy

   Protect security

   Administrator assistance

   User - friendly
          Privacy vs Security
Privacy – personal information
            ex. credit card #, passwords, etc

Security – accessing, modifying, and destroying

            ex. software, hardware, denial-of-
              service, and data integrity
    Administration Advantages
 Assign access privileges
 Virus protection
 Logs / Live updates
 Controls cookies and pop-ups
         The Cons of Firewall
             Protection
 Leaves a false sense of security – install a firewall,
  but fail to regularly update
 Ability to audit – no set standards specific to the
  audit of a firewall
 User access – appropriate use may at times be
  denied
              * most malicious attacks come
                from internal users (disgruntled
                employees.)
                More Cons
   Decreased data throughput – firewalls
    increase overhead between users and
    servers.
  Corporate Firewalls
Watchguard SOHO
CheckPoint Firewall-1
Cisco PIX
Cisco IOS Feature Set
Novell BorderManager 3.7
      Personal / Small Business
              Firewalls
 Zone Alarm                       FREE
 Zone Alarm Plus                  39.95

 Zone Alarm Pro                   49.95

 Norton Personal Firewall 2003    49.95

 McAfee Personal Firewall         34.95

 Tiny Personal Firewall 3.0       39.00

 BlackIce                         39.95

 Microsoft Windows XP             Free with
                                    purchase
           Main Options
 Live Updates
 Cookie Controlling
 Control ads and pop-up windows
 Technical support
         Example




   http://grc.com/It/leaktest.htm
              Conclusions
 Firewalls are effective, but may not be
  relied upon as a sole protection
 Useful tool for implementing security
  policies

								
To top