Internet Security. Lecture 5. Robert M. Cannistra

Similar documents
Overview. Firewall Security. Perimeter Security Devices. Routers

Firewall Security. Presented by: Daminda Perera

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

What is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Intro to Firewalls. Summary

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

CMPT 471 Networking II

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

Chapter 15. Firewalls, IDS and IPS

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

Proxy Server, Network Address Translator, Firewall. Proxy Server

Guideline on Firewall

Firewalls. CEN 448 Security and Internet Protocols Chapter 20 Firewalls

Firewalls. Test your Firewall knowledge. Test your Firewall knowledge (cont) (March 4, 2015)

SE 4C03 Winter 2005 Firewall Design Principles. By: Kirk Crane

FIREWALLS & CBAC. philip.heimer@hh.se

Security Technology: Firewalls and VPNs

Firewalls, IDS and IPS

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

SE 4C03 Winter 2005 An Introduction of Firewall Architectures and Functions. Kevin Law 26 th March,

Chapter 7. Firewalls

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Firewall

Internet Security Firewalls

Firewall Architecture

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall

Network Security Topologies. Chapter 11

Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 22 Firewalls.

- Introduction to Firewalls -

allow all such packets? While outgoing communications request information from a

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT

Chapter 20 Firewalls. Cryptography and Network Security Chapter 22. What is a Firewall? Introduction 4/19/2010

Firewalls. Chapter 3

What is Firewall? A system designed to prevent unauthorized access to or from a private network.

Chapter 5. Figure 5-1: Border Firewall. Firewalls. Figure 5-1: Border Firewall. Figure 5-1: Border Firewall. Figure 5-1: Border Firewall

Tutorial 3. June 8, 2015

Architecture. The DMZ is a portion of a network that separates a purely internal network from an external network.

8. Firewall Design & Implementation

Firewall Architecture Guide

FIREWALL ARCHITECTURES

Internet Security Firewalls

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

SFWR ENG 4C03 Class Project Firewall Design Principals Arash Kamyab March 04, 2004

Internet Security for Small to Medium Sized Businesses

Firewalls. Ingress Filtering. Ingress Filtering. Network Security. Firewalls. Access lists Ingress filtering. Egress filtering NAT

10 Configuring Packet Filtering and Routing Rules

Packet filtering and other firewall functions

Lecture 23: Firewalls

Chapter 9 Firewalls and Intrusion Prevention Systems

ABSTRACT CHAPTER I. Preliminary Background

Network Security. Internet Firewalls. Chapter 13. Network Security (WS 2002): 13 Internet Firewalls 1 Dr.-Ing G. Schäfer

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

12. Firewalls Content

Firewall Design Principles

Introduction to Firewalls Open Source Security Tools for Information Technology Professionals

How To Protect Your Network From Attack

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

Don t skip these expert tips for making your firewall airtight, bulletproof and fail-safe. 10 Tips to Make Sure Your Firewall is Really Secure

Firewalls. Mahalingam Ramkumar

Firewalls and System Protection

This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How

Firewalls & Intrusion Detection

Compter Networks Chapter 9: Network Security

Building Your Firewall Rulebase Lance Spitzner Last Modified: January 26, 2000

Firewall Environments. Name

Firewalls CSCI 454/554

Network Security. Chapter 13. Internet Firewalls. Network Security (WS 07/08): 13 Internet Firewalls 1 Dr.-Ing G. Schäfer

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

How To Protect Your Network From Attack From Outside From Inside And Outside

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Firewall Configuration. Firewall Configuration. Solution Firewall Principles

JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA

CSE331: Introduction to Networks and Security. Lecture 12 Fall 2006

Internet infrastructure. Prof. dr. ir. André Mariën

What is a Firewall? A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services

FIREWALL AND NAT Lecture 7a

- Introduction to PIX/ASA Firewalls -

Distributed Systems. Firewalls: Defending the Network. Paul Krzyzanowski

Configuring PA Firewalls for a Layer 3 Deployment

Role of Firewall in Network. Security. Syed S. Rizvi. CS 872: Computer Network Security. Fall 2005

What would you like to protect?

Firewalls. Steven M. Bellovin Matsuzaki maz Yoshinobu

UNIVERSITY OF BOLTON CREATIVE TECHNOLOGIES COMPUTING AND NETWORK SECURITY SEMESTER TWO EXAMINATIONS 2014/2015 NETWORK SECURITY MODULE NO: CPU6004

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work

This chapter covers the following topics:

Network Security, Guidelines to Build a Security Perimeter for SMEs

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.

Agenda. Understanding of Firewall s definition and Categorization. Understanding of Firewall s Deployment Architectures

Training Course on Network Administration

Firewalls. Ahmad Almulhem March 10, 2012

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

Firewalls, Tunnels, and Network Intrusion Detection

Chapter 11 Cloud Application Development

Linux MDS Firewall Supplement

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

PAVING THE PATH TO THE ELIMINATION OF THE TRADITIONAL DMZ

Transcription:

Lecture 5 Robert M. Cannistra

Overview Firewall Security Assessment Facilities Managment 2

Firewall Security

Perimeter Security Devices Network devices that form the core of perimeter security include Routers Proxy servers Firewalls A perimeter defense must be manageable Balance financial, manpower, and other resources against the degree of security required Facilities Managment 4

Routers Routers are used to interconnect networks Route traffic from a source to a destination Often the first device encountered as a packet enters a network from the Internet Routers may implement some security functionality Packet filtering through the use of access control lists Reducing load on other devices Screening traffic with suspicious IP addresses to protect against spoofing Egress filtering Facilities Managment 5

Routers: Spoofing Protection Facilities Managment 6

Proxies A proxy is an entity with the authority to act on behalf of another Proxy servers sit between a client and an untrusted system (such as the Internet) Prevents the untrusted system from having any direct access to the client that would support malicious actions Masks the client s identity Limits network sniffing Client requests are directed to the proxy Proxy either responds from its cache or makes a request to the Web server on behalf of the client and then responds to the client Facilities Managment 7

Proxies (continued) Facilities Managment 8

Proxies (continued) Facilities Managment 9

Firewalls Improve network security Cannot completely eliminate threats and attacks Responsible for screening traffic entering and/or leaving a computer network Each packet that passes is screened following a set of rules stored in the firewall rulebase Several types of firewalls Several common topologies for arranging firewalls Facilities Managment 10

Types of Firewalls A diverse range of firewall solutions are available on the market today Both hardware and software solutions Hardware-based firewalls (appliances) Integrated solutions are standalone devices that contain all hardware and software required to implement the firewall Similar to software firewalls in user interfaces, logging/audit, and remote configuration capabilities More expensive than software firewalls Faster processing possible for high-bandwidth environments Facilities Managment 11

Types of Firewalls (continued) Software firewalls Relatively inexpensive Purchasing a license agreement will include media required to install and configure the firewall Most firewalls are available for Windows, Unix, and Linux Can also purchase design of the firewall rulebase with configuration, maintenance and support Worthwhile unless you really understand what is needed, a mistake can negate the usefulness of the firewall Facilities Managment 12

Packet Filtering An early technology for screening packets passing through a network Each packet is screened in isolation Firewall reads and analyzes the packet headers Offers considerable flexibility in what can be screened Can be used for performance enhancement by screening non-critical traffic by day or time for example Facilities Managment 13

Stateful Inspection A next-generation firewall technology Overcomes the limitation of packet filtering that treats packets in isolation Treats packets as pieces of a connection Maintains data about legitimate open connections that packets belong to Keeps identity of ports being used for a connection Traffic is allowed to pass until connection is closed or times out Facilities Managment 14

Firewall Topologies Firewalls should be placed between the protected network (or subnet) and potential entry points Access points can include dial-up modems and broadband lines Three common firewall topologies Bastion host, screened subnet, dual firewalls Firewall installations can include combinations of these topologies for layered protection Facilities Managment 15

Bastion Host Firewall is sole link between the protected network and the untrusted network Firewall has two network interface cards One to protected network One to untrusted network Relatively inexpensive and easy to implement If services are offered to clients outside of the protected network, there is a significant security risk Port 80 has to stay open Hackers can potentially compromise the network through this port and get access to full system Facilities Managment 16

Bastion Host (continued) Facilities Managment 17

Screened Subnet Also called demilitarized zone (DMZ) Single firewall, three network interface cards One to protected network One to screened subnet One to untrusted network Screened subnet contains systems that provide services to external users (Web or SMTP servers etc.) If subnet is compromised, access is still limited to the rest of the network Facilities Managment 18

Screened Subnet (continued) Facilities Managment 19

Dual Firewalls Uses two firewalls, each with two network cards One firewall connects to the untrusted network and a subnet The other firewall connects to the subnet and the protected network The screened subnet again provides a buffer between the networks For more security, use two different firewalls Unlikely to have the same security vulnerabilities Facilities Managment 20

Dual Firewalls Facilities Managment 21

Firewall Rulebases Rulebase is used to provide the definition of what traffic is allowable and what is not Firewall administrators spend most of their time on the rulebase Most firewalls have good user interfaces to support rule definition General syntax is <action><protocol> from <source_address><source_port> to <destination_address><destination_port> Most firewalls have advanced functionality to supplement the basic fields above Facilities Managment 22

Special Rules These are basic rules that should be included in all firewall installations Cleanup Rule Deny everything that is not explicitly allowed. Last rule in any firewall rulebase Many firewalls include this rule implicitly in the installation Stealth Rule Prevents anyone from directly connecting to the firewall over the network (to protect from attacks) First rule in the firewall rulebase (unless limited connections are explicitly allowed by previous rules) Facilities Managment 23

Summary Perimeter security involves a combination of network devices including routers, proxy servers, and firewalls Routers are used for routing traffic May have some security functionality Proxy servers sit between a protected client and an untrusted network, masking potentially dangerous interactions Firewalls screen traffic entering and leaving a network on a packet-by-packet basis Facilities Managment 24

Summary Firewalls can be purchased as software or as integrated hardware packages There are two primary types of firewall filtering Packet filtering examines each packet in isolation Stateful inspection examines each packet within the context of a specific open connection There are three primary firewall topologies Bastion host uses a single firewall with two interface cards Screened subnet uses a single firewall with three interface cards Dual firewalls uses two firewalls, each with two interface cards Facilities Managment 25

Summary Firewalls rely on rulebases to configure the specific screening that will be done on packets Specific rules should be based on the business requirements for the particular organization There are two special rules that should be implemented by every firewall Cleanup rule Stealth rule Facilities Managment 26

Assessment Please take Pop Quiz 5 within the examinations section of the online curriculum. Facilities Managment 27

Robert M. Cannistra

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information