Windows Firewall

Download Report

Transcript Windows Firewall

Filtering in Firewall
By Fantastic 5
Agenda
What is Firewall?
Types Of Firewall
Pros and Cons Of Different Firewalls
What Firewall can do?
What Firewall can not do?
Q&A
What is Firewall?
Isolates organization’s internal network from
larger Internet, allowing some packets to pass,
blocking others.
Types Of Firewall
Packet Filtering Firewall
Operate at network layer
Circuit Level
Operates at transport layer
Application level Firewall
Operates at Application layer
Packet Filter Firewall
Incoming Traffic
Allowed Outgoing Traffic
Packet Filtering Firewall
Stateless Filters
Stateful Filters
Content Filters
Dynamic Packet Filtering
Stateless Packet Filters
Simple filters
Makes decision on a packet by packet basis
Every packet check
Stateless Packet Filtering
Pros
Very fast, no need to remember
anything about the traffic
•Cons
•More Complex criteria decreases
performance
•No protection against malicious code in
upper layer
•Difficult to get the filtering rules right
Stateful Packet Filtering
Each connection established is stored in
saved in a table.
The first packet of the connection is checked
against pre-defined rules.
Stateful Packet Filtering
Pros
Scalable
More Secure, as maintain connection
state
Cons
Connection maintain even for
connectionless protocols
Takes more CPU time.
Content Filtering
Check the content of the packet
It looks for the packet contents at the
network layer
Circuit level Firewall
Incoming Traffic
Allowed Outgoing Traffic
Application Level Firewall
Incoming Traffic
Allowed Outgoing Traffic
Circuit Level Firewall
Pros
Improved security
When network packets are
readdressed, information about
protected network is hidden
Cons
No application Level Security
Dynamic Packet Filtering
Monitor state of active connection
Record session information such as IP,
Port no.
Determines whether packets are allowed
or not, by comparing state of that
connection.
Much secure than static packet filter
e.g. only replies to users data requests are
let back in.
What Firewalls can do?
Deny unauthorized access
Control access to authorized services
Monitor traffic
Raise alarm if suspicious activity occurs
Enforce Policy
What Firewalls can not do?
Protect against threats inside your network
Protect against services allowed through
the firewall
Set themselves up – misconfiguration
Only Firewalls can not be used to make
the secure network
Conclusion
The Firewall alone can not make the network
secure from the public network like internet
References
Firewall(networking). 2 March 2007. Wikimedia Foundation Inc. 2 March 2007.
<http://en.wikipedia.org/wiki/Firewall>
Dynamic packet Filtering (DPF). September 2002. Netmaster Digital security, Inc. 11
March 2007. <http://www.netmaster.com/products/ggoss-dbf.pdf
Firewall Q&A. 2007. Vicomsoft Ltd. 26 Febraury2007.
<http://www.vicomsoft.com/knowledge/reference/firewalls1.html#1>
Introduction to Firewalls. 3 Sep 2004. Addison Wesley Professional, Inc. 12 March
2007.
<http://www.awprofessional.com/articles/article.asp?p=170452&seqNum=2&rl=1>
Evolution of Firewall Industry. 28 Sep 2002. Cisco Systems, Inc. 22 March 2007.
<http://www.cisco.com/univercd/cc/td/doc/product/iaabu/centri4/user/scf4ch3.htm#xto
cid0>
IP Packet Filtering. April 2007. IBM. 26 March 2007.
<http://publib.boulder.ibm.com/infocenter/eserver/v1r3s/index.jsp?topic=/ipha5/packe
tfilterfirewall.htm>
NVIDIA Firewall. 2004. NVIDIA Corporation. 26 March 2007.
<http://www.alienwaresystems.com.au/dnn2/Portals/0/nForce%204%20Firewall.pdf>
Questions?
Thank U !