Firewall by neerajdalal1516


									An Introduction to Firewalls

        David Moss, NUIT Technology Support Services
Vince Celindro, NUIT Telecommunications and Network Services
Robert Vance, NUIT Telecommunications and Network Services
  Barbara Mims, Office of Alumni Relations and Development
• Firewall Basics for the Beginning User
• NUIT Firewall Offering
• Case Study – Desktop Firewall Software
  Implementation for the Office of Alumni
  Relations and Development
• Questions and Answers
         What is a Firewall?
• A firewall is hardware, software, or a
  combination of both that is used to prevent
  unauthorized programs or Internet users
  from accessing a private network and/or a
  single computer
Hardware vs. Software Firewalls
• Hardware Firewalls
  – Protect an entire network
  – Implemented on the router level
  – Usually more expensive, harder to configure
• Software Firewalls
  – Protect a single computer
  – Usually less expensive, easier to configure
How does a software firewall work?
• Inspects each individual “packet” of data
  as it arrives at either side of the firewall
• Inbound to or outbound from your
• Determines whether it should be allowed
  to pass through or if it should be blocked
             Firewall Rules
• Allow – traffic that flows automatically
  because it has been deemed as “safe”
  (Ex. Meeting Maker, Eudora, etc.)
• Block – traffic that is blocked because it
  has been deemed dangerous to your
• Ask – asks the user whether or not the
  traffic is allowed to pass through
What a personal firewall can do
• Stop hackers from accessing your
• Protects your personal information
• Blocks “pop up” ads and certain cookies
• Determines which programs can access
  the Internet
What a personal firewall cannot do
• Cannot prevent e-mail viruses
  – Only an antivirus product with updated
    definitions can prevent e-mail viruses
• After setting it initially, you can forget
  about it
  – The firewall will require periodic updates to
    the rulesets and the software itself
     Considerations when using
      personal firewall software
• If you did not initialize an action and your
  firewall picks up something, you should
  most likely deny it and investigate it
• It’s a learning process (Ex. Spooler
  Subsystem App)
• If you notice you cannot do something you
  did prior to the installation, there is a good
  chance it might be because of your firewall
      Examples of personal firewall
•   ZoneAlarm <>
•   BlackICE Defender <>
•   Tiny Personal Firewall <>
•   Norton Personal Firewall <>

***Please be sure to read the license agreement
   carefully to verify that the firewall can be legally
   used at home and/or the office.
       Windows XP Firewall
• Currently *not* enabled by default
• Enable under Start -> Settings -> Control
• Select Local Area Connection
• Select the Properties button
• Click the “Advanced” tab
Windows XP firewall
  Updates to Windows XP Firewall
• *Will* be enabled in default installations of
  Windows XP Service Pack 2
• Ports will be closed except when they are
  in use
• Improved user interface for easier
• Improved application compatibility when
  firewall is enabled
           Mac OS X firewall
•   *Not* enabled by default
•   Enable under System Preferences
•   Select Sharing
•   Click “Firewall” tab
•   Click “Start” button
Mac OS X firewall
NUIT Firewall Service
           Why Netscreen?
• Comparison of the Big 3
  – Hardware vs. Software
  – Transparent Mode vs. Routing Mode
  – Distributed Management
  – Pricing Models
             The Process
• A Department requests a FW Consultation
• TNS Organizes a Meeting
• The Department Provides the List of
  Machines they want to Protect
• TNS Measures Bandwidth Requirements
• TNS Prepares a FW Proposal
• The Department Makes their Decision
           The Process continued...
•   TNS Installs the FW in a Passive State
•   TNS Logs All Traffic from the Target Hosts
•   TNS Develops a Rule Set
•   The Department Oks the Rule Set
•   TNS Activates the Rule Set
•   Everyone's Happy =)
              Final Notes
• Rule Management
• Default Allow vs. Default Deny
• Firewalls do NOT Solve the Entire Problem
              Additional Information
• Visit the following websites:

• Or simply email:

To top