Content

 Introduction
 What is a Firewall
 Applications of Firewall
 Software Firewall vs Hardware Firewall
 History
 Design goals for Firewall
 Content….

 Types
 Basic Concepts of Firewall
 Role of Firewall
 Advantages
 Disadvantages
 Conclusion
 Introduction

 The Internet has made large amount of information available to

the average computer user at home, in business and education.
 For many people, having access to this information is no longer
just an advantage; it is essential.
 Therefore, security of network is the main criteria here and
firewalls provide this security.
 What is a Firewall?

 A Firewall is simply a program or hardware device that

filters the information coming through the internet
connection into your private network or computer system.
 What is an application firewall?

 An application firewall is a special firewall that is specifically

coded for the type of traffic it is inspecting.

 The most widely developed application firewall is the web

application firewall.
 What is the difference between a host-based firewall
and a network-based firewall?

 A host-based firewall is installed on an individual computer to

protect it from activity occurring on its network.

 A network-based firewall is implemented at a specified point in

the network path and protects all computers on the “internal” side
of the firewall from all computers on the “external” side of the
firewall.
 Hardware firewall vs Software firewall

 Hardware firewalls are integrated into the router that sits

between a computer and the Internet.

 Software firewalls are installed on individual servers. They

intercept each connection request and then determine whether the
request is valid or not.
 History of Firewalls

 Firewall technology first began to emerge in the late 1980s.

Internet was still a fairly new technology in terms of its global
usage and connectivity.

 In 1988 an employee at the NASA Ames Research Center in

California sent a memo by email to his colleagues that read, "We
are currently under attack from an Internet VIRUS!
 History of Firewalls…

 The first paper published on firewall technology was in 1988,

when Jeff Mogul from Digital Equipment Corp. developed filter
systems know as packet filter firewalls.

 One of the largest internet security companies in the world

released the product to the public in 1997.
 Design goals for a firewall

 The first design goal for a firewall is that collectively

the sum of all the network traffic from internal to
external must go through the firewall physically
cutting off all access to the local network except via
the firewall.
 The second design goal would be only authorized
traffic which is delineated by the local security policy
will be allowed to proceed.
 Finally the last design goal is that the firewall itself is
resistant to penetration inclusive is a solid trustworthy
system with a protected operating system.
 Types of firewalls

 Packet-filtering Router
 Packet-filtering Router

 Applies a set of rules to each incoming IP packet and then

forwards or discards the packet
 Filter packets going in both directions
 The packet filter is typically set up as a list of rules based on
matches to fields in the IP or TCP header
 Two default policies (discard or forward)
 Question

 Network layer firewall works as a __________

 a) Frame filter
 b) Packet filter
 c) Content filter
 d) Virus filter
 Question

 Network layer firewall has two sub-categories as

_________
 a) State full firewall and stateless firewall
 b) Bit oriented firewall and byte oriented firewall
 c) Frame firewall and packet firewall
 d) Network layer firewall and session layer firewall
 Continue..

 Most network layer firewalls can operate as stateful

or stateless firewalls, creating two subcategories of
the standard network layer firewall. Stateful firewalls
have the advantage of being able to track packets
over a period of time for greater analysis and
accuracy — but they require more memory and
operate more slowly.
 Continue..

 Stateless firewalls do not analyze past traffic and can

be useful for systems where speed is more important
than security, or for systems that have very specific
and limited needs. For example, a computer that
only needs to connect to a particular backup server
does not need the extra security of a stateful firewall.
 Question

Which of the following is / are the types of firewall?

 a) Packet Filtering Firewall
 b) Dual Homed Gateway Firewall
 c) Screen Host Firewall
 d) Dual Host Firewall
 Types of firewalls…

 Application-level Gateway
 Application-level Gateway

 Also called proxy server

 Acts as a relay of application-level traffic
 Question

A proxy firewall filters at _________

 a) Physical layer
 b) Data link layer
 c) Network layer
 d) Application layer
 Types of firewalls…

 Circuit-level Gateway
 Circuit-level Gateway

 Stand-alone system or
 Specialized function performed by an Application-level
Gateway
 Sets up two TCP connections
 The gateway typically relays TCP segments from one
connection to the other without examining the contents
 The security function consists of determining which
connections will be allowed
 Question

What tells a firewall how to reassemble a data stream

that has been divided into packets?
a) The source routing feature
b) The number in the header’s identification field
c) The destination IP address
d) The header checksum field in the packet header
 Continue..

 The source routing feature provides a path address

for the packet to help the firewall to reassemble the
data stream that was divided into packets. After
reassembling, the firewall can then filter the stream.
 Basic concepts of a firewall

 Source
 Destination
 Service
 Action
 The Role of Firewalls

 A firewall is a term used for a ``barrier'' between a network of

machines and users that operate under a common security policy
and generally trust each other, and the outside world.
 There are two basic reasons for using a firewall at present: to
save money in concentrating your security on a small number of
components, and to simplify the architecture of a system by
restricting access only to machines that trust each other.
 Question

A stateful firewall maintains a ___________ which

is a list of active connections.
 a) Routing table
 b) Bridging table
 c) State table
 d) Connection table
 Advantages of firewall

 Concentration of security all modified software and logging is

located on the firewall system as opposed to being distributed on
many hosts;
 Protocol filtering, where the firewall filters protocols and services
that are either not necessary or that cannot be adequately secured
from exploitation;
 Information hiding, in which a firewall can ``hide'' names of
internal systems or electronic mail addresses, thereby revealing
less information to outside hosts;
 Application gateways, where the firewall requires inside or
outside users to connect first to the firewall before connecting
further, thereby filtering the protocol;
 Disadvantages of firewall

 The most obvious being that certain types of network access may
be hampered or even blocked for some hosts, including telnet,
ftp, X Windows, NFS, NIS, etc.
 A second disadvantage with a firewall system is that it
concentrates security in one spot as opposed to distributing it
among systems, thus a compromise of the firewall could be
disastrous to other less-protected systems on the subnet.
 Question

Firewall examines each ____________ that are

entering or leaving the internal network.
 a) emails users
 b) updates
 c) connections
 d) data packets
 Question

A firewall protects which of the following attacks?

 a) Phishing
 b) Dumpster diving
 c) Denial of Service (DoS)
 d) Shoulder surfing
 Conclusion

 One of the best things about a firewall from a security standpoint

is that it stops anyone on the outside from logging onto a
computer in your private network.
 While this is a big deal for businesses, most home networks will
probably not be threatened in this manner. Still, putting a firewall
in place provides some peace of mind.