SlideShare una empresa de Scribd logo

Firewall and It's Types

Descargar como PPTX, PDF
Hem Pokhrel
Hem Pokhrel

Firewall and It's Types

Educación
1 de 19
FIREWALLS E-Commerce BBA 6th Semester, Prime College Hem Sagar Pokhrel Faculty Member, Computer Science & IT department Prime College, Kathmandu geeksagar@prime.edu.np 9843410129
Firewall Design Principles The firewall is inserted between the premises network and the Internet Aims:  Establish a controlled link  Protect the premises network from Internet-based attacks 2
Firewall Characteristics • Design goals: • All traffic from inside to outside must pass through the firewall (physically blocking all access to the local network except via the firewall) • Only authorized traffic (defined by the local security police) will be allowed to pass. • The firewall itself is immune to penetration (use of trusted system with a secure operating system) 3
Firewall Characteristics  Four general techniques: 1. Service control  Determines the types of Internet services that can be accessed, inbound or outbound 2. Direction control  Determines the direction in which particular service requests are allowed to flow 4
Firewall Characteristics 3. User control  Controls access to a service according to which user is attempting to access it 4. Behavior control  Controls how particular services are used (e.g. filter e-mail) 5
Types of Firewalls Three common types of Firewalls: 1. Packet-filtering routers 2. Application-level gateways 3. Circuit-level gateways  (Bastion host) 6
Types of Firewalls Packet-filtering Router Applies a set of rules to each incoming IP packet and then forwards or discards the packet Filter packets going in both directions The packet filter is typically set up as a list of rules based on matches to fields in the IP or TCP header Two default policies (discard or forward) 7
Types of Firewalls  Packet-filtering Router 8
Types of Firewalls Advantages:  Simplicity  Transparency to users  High speed Disadvantages:  Difficulty of setting up packet filter rules  Lack of Authentication 9
Types of Firewalls Possible attacks and appropriate countermeasures  IP address spoofing  Source routing attacks  Tiny fragment attacks 10
Types of Firewalls Application-level Gateway  Also known as application proxy or application-level proxy, an application gateway is an application program that runs on a firewall system between two networks.  When a client program establishes a connection to a destination service, it connects to an application gateway, or proxy.  The client then negotiates with the proxy server in order to communicate with the destination service. 11
Application-level Gateway  In effect, the proxy establishes the connection with the destination behind the firewall and acts on behalf of the client, hiding and protecting individual computers on the network behind the firewall.  This creates two connections: one between the client and the proxy server and one between the proxy server and the destination.  Once connected, the proxy makes all packet-forwarding decisions.  Since all communication is conducted through the proxy server, computers behind the firewall are protected. 12
Types of Firewalls Application-level Gateway 13
Application-level Gateway Advantages:  Higher security than packet filters  Only need to scrutinize a few allowable applications  Easy to log and audit all incoming traffic Disadvantages:  Additional processing overhead on each connection (gateway as splice point) 14
Types of Firewalls Circuit-level Gateway Stand-alone system or Specialized function performed by an Application-level Gateway Sets up two TCP connections The gateway typically relays TCP segments from one connection to the other without examining the contents 15
Circuit-level Gateway  The security function consists of determining which connections will be allowed  Typically use is a situation in which the system administrator trusts the internal users  Circuit-level gateways work at the session layer of the OSI model, or as a "shim-layer" between the application layer and the transport layer of the TCP/IP stack.  They monitor TCP handshaking between packets to determine whether a requested session is legitimate.  Information passed to a remote computer through a circuit-level gateway appears to have originated from the gateway. 16
Circuit-level Gateway  Firewall technology supervises TCP handshaking among packets to confirm a session is genuine.  Firewall traffic is clean based on particular session rules and may be controlled to acknowledged computers only.  But circuit-level firewalls do not clean entity packets. This is useful for hiding information about protected networks.  Circuit-level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect. On the other hand, they do not filter individual packets 17
Types of Firewalls Circuit-level Gateway 18
Types of Firewalls Bastion Host A system identified by the firewall administrator as a critical strong point in the network´s security The bastion host serves as a platform for an application- level or circuit-level gateway 19

Recomendados

Proxy Server
Proxy ServerProxy Server
Proxy Serverguest095022
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptOECLIB Odisha Electronics Control Library
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Dmz
Dmz Dmz
Dmz أحلام انصارى
 
HUB Device
HUB Device HUB Device
HUB Device Nets international LLC
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and functionNisarg Amin
 
Firewall
Firewall Firewall
Firewall Amuthavalli Nachiyar
 

Recomendados

Proxy Server
Proxy ServerProxy Server
Proxy Serverguest095022
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptOECLIB Odisha Electronics Control Library
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Dmz
Dmz Dmz
Dmz أحلام انصارى
 
HUB Device
HUB Device HUB Device
HUB Device Nets international LLC
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and functionNisarg Amin
 
Firewall
Firewall Firewall
Firewall Amuthavalli Nachiyar
 
Types Of Firewall Security
Types Of Firewall SecurityTypes Of Firewall Security
Types Of Firewall Securityiberrywifisecurity
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Firewalls in network security
Firewalls in network securityFirewalls in network security
Firewalls in network securityVikram Khanna
 
FTP & TFTP
FTP & TFTPFTP & TFTP
FTP & TFTPNetProtocol Xpert
 
IP Address
IP AddressIP Address
IP Addressbaabtra.com - No. 1 supplier of quality freshers
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocolsOnline
 
Network switch
Network switchNetwork switch
Network switchRavinder Kaur
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filtersMOHIT AGARWAL
 
Protocols
ProtocolsProtocols
ProtocolsSonali Chawla
 
Introduction to TCP/IP
Introduction to TCP/IPIntroduction to TCP/IP
Introduction to TCP/IPMichael Lamont
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Clientserver Presentation
Clientserver PresentationClientserver Presentation
Clientserver PresentationTuhin_Das
 
Osi model
Osi modelOsi model
Osi modelPriyanka Sharma
 
Consumer Oriented E commerce Application
Consumer Oriented E commerce ApplicationConsumer Oriented E commerce Application
Consumer Oriented E commerce ApplicationMahesh Shetty
 
Digital signature
Digital signatureDigital signature
Digital signatureHossain Md Shakhawat
 
TCP/IP Protocols With All Layer Description
TCP/IP Protocols With All Layer DescriptionTCP/IP Protocols With All Layer Description
TCP/IP Protocols With All Layer DescriptionShubham Khedekar
 
Computer Networks Unit 1 Introduction and Physical Layer
Computer Networks Unit 1 Introduction and Physical Layer Computer Networks Unit 1 Introduction and Physical Layer
Computer Networks Unit 1 Introduction and Physical Layer Dr. SELVAGANESAN S
 
Sub Netting
Sub NettingSub Netting
Sub NettingLilesh Pathe
 
Virtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptVirtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptOECLIB Odisha Electronics Control Library
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)Jainam Shah
 
Firewall
FirewallFirewall
FirewallYdel Capales
 
[9] Firewall.pdf
[9] Firewall.pdf[9] Firewall.pdf
[9] Firewall.pdflamtran367679
 

Más contenido relacionado

La actualidad más candente

Firewalls in network security
Firewalls in network securityFirewalls in network security
Firewalls in network securityVikram Khanna
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocolsOnline
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filtersMOHIT AGARWAL
 
Introduction to TCP/IP
Introduction to TCP/IPIntroduction to TCP/IP
Introduction to TCP/IPMichael Lamont
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Clientserver Presentation
Clientserver PresentationClientserver Presentation
Clientserver PresentationTuhin_Das
 
Consumer Oriented E commerce Application
Consumer Oriented E commerce ApplicationConsumer Oriented E commerce Application
Consumer Oriented E commerce ApplicationMahesh Shetty
 
TCP/IP Protocols With All Layer Description
TCP/IP Protocols With All Layer DescriptionTCP/IP Protocols With All Layer Description
TCP/IP Protocols With All Layer DescriptionShubham Khedekar
 
Computer Networks Unit 1 Introduction and Physical Layer
Computer Networks Unit 1 Introduction and Physical Layer Computer Networks Unit 1 Introduction and Physical Layer
Computer Networks Unit 1 Introduction and Physical Layer Dr. SELVAGANESAN S
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)Jainam Shah
 

La actualidad más candente (20)

Types Of Firewall Security
Types Of Firewall SecurityTypes Of Firewall Security
Types Of Firewall Security
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Firewalls in network security
Firewalls in network securityFirewalls in network security
Firewalls in network security
 
FTP & TFTP
FTP & TFTPFTP & TFTP
FTP & TFTP
 
IP Address
IP AddressIP Address
IP Address
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocols
 
Network switch
Network switchNetwork switch
Network switch
 
Firewalls and packet filters
Firewalls and packet filtersFirewalls and packet filters
Firewalls and packet filters
 
Protocols
ProtocolsProtocols
Protocols
 
Introduction to TCP/IP
Introduction to TCP/IPIntroduction to TCP/IP
Introduction to TCP/IP
 
FireWall
FireWallFireWall
FireWall
 
Clientserver Presentation
Clientserver PresentationClientserver Presentation
Clientserver Presentation
 
Osi model
Osi modelOsi model
Osi model
 
Consumer Oriented E commerce Application
Consumer Oriented E commerce ApplicationConsumer Oriented E commerce Application
Consumer Oriented E commerce Application
 
Digital signature
Digital signatureDigital signature
Digital signature
 
TCP/IP Protocols With All Layer Description
TCP/IP Protocols With All Layer DescriptionTCP/IP Protocols With All Layer Description
TCP/IP Protocols With All Layer Description
 
Computer Networks Unit 1 Introduction and Physical Layer
Computer Networks Unit 1 Introduction and Physical Layer Computer Networks Unit 1 Introduction and Physical Layer
Computer Networks Unit 1 Introduction and Physical Layer
 
Sub Netting
Sub NettingSub Netting
Sub Netting
 
Virtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptVirtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) ppt
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
 

Similar a Firewall and It's Types

what is firewall in information security?
what is firewall in information security?what is firewall in information security?
what is firewall in information security?ezoicxcom
 
what is firewall in information security?
what is firewall in information security?what is firewall in information security?
what is firewall in information security?haq107457
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfDr. Shivashankar
 
Chapter_Five[1].ppt
Chapter_Five[1].pptChapter_Five[1].ppt
Chapter_Five[1].pptBachaSirata
 
CN. Presentation for submitting project term pptx
CN. Presentation for submitting project term pptxCN. Presentation for submitting project term pptx
CN. Presentation for submitting project term pptxsaad504633
 
firewalls.ppt
firewalls.pptfirewalls.ppt
firewalls.pptRaj Kumar
 
WT - Firewall & Proxy Server
WT - Firewall & Proxy ServerWT - Firewall & Proxy Server
WT - Firewall & Proxy Servervinay arora
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet BawaPuneet Bawa
 
Lec # 13 Firewall.pptx
Lec # 13 Firewall.pptxLec # 13 Firewall.pptx
Lec # 13 Firewall.pptxskknowledge
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Network defenses
Network defensesNetwork defenses
Network defensesG Prachi
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Ch06-NetworkSecurity2-firewall-tunneling-IDS.ppt
Ch06-NetworkSecurity2-firewall-tunneling-IDS.pptCh06-NetworkSecurity2-firewall-tunneling-IDS.ppt
Ch06-NetworkSecurity2-firewall-tunneling-IDS.pptgocokir267
 

Similar a Firewall and It's Types (20)

Firewall
FirewallFirewall
Firewall
 
[9] Firewall.pdf
[9] Firewall.pdf[9] Firewall.pdf
[9] Firewall.pdf
 
what is firewall in information security?
what is firewall in information security?what is firewall in information security?
what is firewall in information security?
 
what is firewall in information security?
what is firewall in information security?what is firewall in information security?
what is firewall in information security?
 
Firewall
FirewallFirewall
Firewall
 
Network Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdfNetwork Security_Dr Shivashankar_Module 5.pdf
Network Security_Dr Shivashankar_Module 5.pdf
 
Chapter_Five[1].ppt
Chapter_Five[1].pptChapter_Five[1].ppt
Chapter_Five[1].ppt
 
CN. Presentation for submitting project term pptx
CN. Presentation for submitting project term pptxCN. Presentation for submitting project term pptx
CN. Presentation for submitting project term pptx
 
firewalls.ppt
firewalls.pptfirewalls.ppt
firewalls.ppt
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
 
Firewall
FirewallFirewall
Firewall
 
WT - Firewall & Proxy Server
WT - Firewall & Proxy ServerWT - Firewall & Proxy Server
WT - Firewall & Proxy Server
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet Bawa
 
Lec # 13 Firewall.pptx
Lec # 13 Firewall.pptxLec # 13 Firewall.pptx
Lec # 13 Firewall.pptx
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Network defenses
Network defensesNetwork defenses
Network defenses
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Ch06-NetworkSecurity2-firewall-tunneling-IDS.ppt
Ch06-NetworkSecurity2-firewall-tunneling-IDS.pptCh06-NetworkSecurity2-firewall-tunneling-IDS.ppt
Ch06-NetworkSecurity2-firewall-tunneling-IDS.ppt
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
 

Más de Hem Pokhrel

Software/System Development Life Cycle
Software/System Development Life CycleSoftware/System Development Life Cycle
Software/System Development Life CycleHem Pokhrel
 
Network Infrastructure for E-commerce | Part I
Network Infrastructure for E-commerce | Part INetwork Infrastructure for E-commerce | Part I
Network Infrastructure for E-commerce | Part IHem Pokhrel
 
PrestaShop Kathmandu Ecommerce Meetup #2
PrestaShop Kathmandu Ecommerce Meetup #2PrestaShop Kathmandu Ecommerce Meetup #2
PrestaShop Kathmandu Ecommerce Meetup #2Hem Pokhrel
 
Marketing Information System (MkIS)
Marketing Information System (MkIS)Marketing Information System (MkIS)
Marketing Information System (MkIS)Hem Pokhrel
 
Primary Memory: RAM, ROM and their Types
Primary Memory: RAM, ROM and their TypesPrimary Memory: RAM, ROM and their Types
Primary Memory: RAM, ROM and their TypesHem Pokhrel
 
OUTPUT DEVICES: MONITORS (CRT, LCD, LED, PLASMA)
OUTPUT DEVICES: MONITORS (CRT, LCD, LED, PLASMA)OUTPUT DEVICES: MONITORS (CRT, LCD, LED, PLASMA)
OUTPUT DEVICES: MONITORS (CRT, LCD, LED, PLASMA)Hem Pokhrel
 
Introduction to Bus | Address, Data, Control Bus
Introduction to Bus | Address, Data, Control BusIntroduction to Bus | Address, Data, Control Bus
Introduction to Bus | Address, Data, Control BusHem Pokhrel
 
Touch Screens and Scanner
Touch Screens and ScannerTouch Screens and Scanner
Touch Screens and ScannerHem Pokhrel
 
BBA First Semester | Course introduction
BBA First Semester | Course introductionBBA First Semester | Course introduction
BBA First Semester | Course introductionHem Pokhrel
 
Software Agents & Their Taxonomy | Ecommerce BBA Handout
Software Agents & Their Taxonomy | Ecommerce BBA HandoutSoftware Agents & Their Taxonomy | Ecommerce BBA Handout
Software Agents & Their Taxonomy | Ecommerce BBA HandoutHem Pokhrel
 
How to be THIN and SKINNY - 5 Simple Tips
How to be THIN and SKINNY - 5 Simple TipsHow to be THIN and SKINNY - 5 Simple Tips
How to be THIN and SKINNY - 5 Simple TipsHem Pokhrel
 
BBA 6th Orientation
BBA 6th OrientationBBA 6th Orientation
BBA 6th OrientationHem Pokhrel
 
Computer Network | BBA First Semester
Computer Network | BBA First SemesterComputer Network | BBA First Semester
Computer Network | BBA First SemesterHem Pokhrel
 
Short Questions Collections | BBA First Semester
Short Questions Collections | BBA First SemesterShort Questions Collections | BBA First Semester
Short Questions Collections | BBA First SemesterHem Pokhrel
 
Detailed format for E-commerce project report |BBA
Detailed format for E-commerce project report |BBADetailed format for E-commerce project report |BBA
Detailed format for E-commerce project report |BBAHem Pokhrel
 
PrestaShop - Kathmandu Ecommerce Meetup #1
PrestaShop - Kathmandu Ecommerce Meetup #1PrestaShop - Kathmandu Ecommerce Meetup #1
PrestaShop - Kathmandu Ecommerce Meetup #1Hem Pokhrel
 
Electronic Data Interchange (EDI) | E-Commerce
Electronic Data Interchange (EDI) | E-CommerceElectronic Data Interchange (EDI) | E-Commerce
Electronic Data Interchange (EDI) | E-CommerceHem Pokhrel
 
Internet Marketing Basics | E-Commerce
Internet Marketing Basics | E-CommerceInternet Marketing Basics | E-Commerce
Internet Marketing Basics | E-CommerceHem Pokhrel
 
Computer History, Generations, Types and IO
Computer History, Generations, Types and IOComputer History, Generations, Types and IO
Computer History, Generations, Types and IOHem Pokhrel
 

Más de Hem Pokhrel (20)

Software/System Development Life Cycle
Software/System Development Life CycleSoftware/System Development Life Cycle
Software/System Development Life Cycle
 
Network Infrastructure for E-commerce | Part I
Network Infrastructure for E-commerce | Part INetwork Infrastructure for E-commerce | Part I
Network Infrastructure for E-commerce | Part I
 
PrestaShop Kathmandu Ecommerce Meetup #2
PrestaShop Kathmandu Ecommerce Meetup #2PrestaShop Kathmandu Ecommerce Meetup #2
PrestaShop Kathmandu Ecommerce Meetup #2
 
Marketing Information System (MkIS)
Marketing Information System (MkIS)Marketing Information System (MkIS)
Marketing Information System (MkIS)
 
Primary Memory: RAM, ROM and their Types
Primary Memory: RAM, ROM and their TypesPrimary Memory: RAM, ROM and their Types
Primary Memory: RAM, ROM and their Types
 
OUTPUT DEVICES: MONITORS (CRT, LCD, LED, PLASMA)
OUTPUT DEVICES: MONITORS (CRT, LCD, LED, PLASMA)OUTPUT DEVICES: MONITORS (CRT, LCD, LED, PLASMA)
OUTPUT DEVICES: MONITORS (CRT, LCD, LED, PLASMA)
 
Introduction to Bus | Address, Data, Control Bus
Introduction to Bus | Address, Data, Control BusIntroduction to Bus | Address, Data, Control Bus
Introduction to Bus | Address, Data, Control Bus
 
Touch Screens and Scanner
Touch Screens and ScannerTouch Screens and Scanner
Touch Screens and Scanner
 
BBA First Semester | Course introduction
BBA First Semester | Course introductionBBA First Semester | Course introduction
BBA First Semester | Course introduction
 
Software Agents & Their Taxonomy | Ecommerce BBA Handout
Software Agents & Their Taxonomy | Ecommerce BBA HandoutSoftware Agents & Their Taxonomy | Ecommerce BBA Handout
Software Agents & Their Taxonomy | Ecommerce BBA Handout
 
How to be THIN and SKINNY - 5 Simple Tips
How to be THIN and SKINNY - 5 Simple TipsHow to be THIN and SKINNY - 5 Simple Tips
How to be THIN and SKINNY - 5 Simple Tips
 
BBA 6th Orientation
BBA 6th OrientationBBA 6th Orientation
BBA 6th Orientation
 
Computer Network | BBA First Semester
Computer Network | BBA First SemesterComputer Network | BBA First Semester
Computer Network | BBA First Semester
 
Short Questions Collections | BBA First Semester
Short Questions Collections | BBA First SemesterShort Questions Collections | BBA First Semester
Short Questions Collections | BBA First Semester
 
Detailed format for E-commerce project report |BBA
Detailed format for E-commerce project report |BBADetailed format for E-commerce project report |BBA
Detailed format for E-commerce project report |BBA
 
PrestaShop - Kathmandu Ecommerce Meetup #1
PrestaShop - Kathmandu Ecommerce Meetup #1PrestaShop - Kathmandu Ecommerce Meetup #1
PrestaShop - Kathmandu Ecommerce Meetup #1
 
E-environment
E-environmentE-environment
E-environment
 
Electronic Data Interchange (EDI) | E-Commerce
Electronic Data Interchange (EDI) | E-CommerceElectronic Data Interchange (EDI) | E-Commerce
Electronic Data Interchange (EDI) | E-Commerce
 
Internet Marketing Basics | E-Commerce
Internet Marketing Basics | E-CommerceInternet Marketing Basics | E-Commerce
Internet Marketing Basics | E-Commerce
 
Computer History, Generations, Types and IO
Computer History, Generations, Types and IOComputer History, Generations, Types and IO
Computer History, Generations, Types and IO
 

Último

What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxSherlyMaeNeri
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 

Último (20)

What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptx
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 

Firewall and It's Types

  • 1. FIREWALLS E-Commerce BBA 6th Semester, Prime College Hem Sagar Pokhrel Faculty Member, Computer Science & IT department Prime College, Kathmandu geeksagar@prime.edu.np 9843410129
  • 2. Firewall Design Principles The firewall is inserted between the premises network and the Internet Aims:  Establish a controlled link  Protect the premises network from Internet-based attacks 2
  • 3. Firewall Characteristics • Design goals: • All traffic from inside to outside must pass through the firewall (physically blocking all access to the local network except via the firewall) • Only authorized traffic (defined by the local security police) will be allowed to pass. • The firewall itself is immune to penetration (use of trusted system with a secure operating system) 3
  • 4. Firewall Characteristics  Four general techniques: 1. Service control  Determines the types of Internet services that can be accessed, inbound or outbound 2. Direction control  Determines the direction in which particular service requests are allowed to flow 4
  • 5. Firewall Characteristics 3. User control  Controls access to a service according to which user is attempting to access it 4. Behavior control  Controls how particular services are used (e.g. filter e-mail) 5
  • 6. Types of Firewalls Three common types of Firewalls: 1. Packet-filtering routers 2. Application-level gateways 3. Circuit-level gateways  (Bastion host) 6
  • 7. Types of Firewalls Packet-filtering Router Applies a set of rules to each incoming IP packet and then forwards or discards the packet Filter packets going in both directions The packet filter is typically set up as a list of rules based on matches to fields in the IP or TCP header Two default policies (discard or forward) 7
  • 8. Types of Firewalls  Packet-filtering Router 8
  • 9. Types of Firewalls Advantages:  Simplicity  Transparency to users  High speed Disadvantages:  Difficulty of setting up packet filter rules  Lack of Authentication 9
  • 10. Types of Firewalls Possible attacks and appropriate countermeasures  IP address spoofing  Source routing attacks  Tiny fragment attacks 10
  • 11. Types of Firewalls Application-level Gateway  Also known as application proxy or application-level proxy, an application gateway is an application program that runs on a firewall system between two networks.  When a client program establishes a connection to a destination service, it connects to an application gateway, or proxy.  The client then negotiates with the proxy server in order to communicate with the destination service. 11
  • 12. Application-level Gateway  In effect, the proxy establishes the connection with the destination behind the firewall and acts on behalf of the client, hiding and protecting individual computers on the network behind the firewall.  This creates two connections: one between the client and the proxy server and one between the proxy server and the destination.  Once connected, the proxy makes all packet-forwarding decisions.  Since all communication is conducted through the proxy server, computers behind the firewall are protected. 12
  • 14. Application-level Gateway Advantages:  Higher security than packet filters  Only need to scrutinize a few allowable applications  Easy to log and audit all incoming traffic Disadvantages:  Additional processing overhead on each connection (gateway as splice point) 14
  • 15. Types of Firewalls Circuit-level Gateway Stand-alone system or Specialized function performed by an Application-level Gateway Sets up two TCP connections The gateway typically relays TCP segments from one connection to the other without examining the contents 15
  • 16. Circuit-level Gateway  The security function consists of determining which connections will be allowed  Typically use is a situation in which the system administrator trusts the internal users  Circuit-level gateways work at the session layer of the OSI model, or as a "shim-layer" between the application layer and the transport layer of the TCP/IP stack.  They monitor TCP handshaking between packets to determine whether a requested session is legitimate.  Information passed to a remote computer through a circuit-level gateway appears to have originated from the gateway. 16
  • 17. Circuit-level Gateway  Firewall technology supervises TCP handshaking among packets to confirm a session is genuine.  Firewall traffic is clean based on particular session rules and may be controlled to acknowledged computers only.  But circuit-level firewalls do not clean entity packets. This is useful for hiding information about protected networks.  Circuit-level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect. On the other hand, they do not filter individual packets 17
  • 19. Types of Firewalls Bastion Host A system identified by the firewall administrator as a critical strong point in the network´s security The bastion host serves as a platform for an application- level or circuit-level gateway 19

Notas del editor

  1. IP address spoofing or IP spoofing is the creation of Internet Protocol (IP) packets with a forged source IP address, with the purpose of concealing the identity of the sender or impersonating another computing system. Source routing is a method that can be used to specify the route that a packet should take through the network. In source routing the path through the network is set by the source or a device that tells the network source the desired path.