Seminar6_2010 - Seminar 6 Firewalls Fabian Ng 1 Outline...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
Fabian Ng 1 Seminar 6 Seminar 6 Firewalls Firewalls
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Fabian Ng 2 Outline Outline Firewall Design Principles Firewall Characteristics Types of Firewalls Firewall Configurations Trusted Systems Data Access Control The Concept of Trusted systems Trojan Horse Defense
Background image of page 2
Fabian Ng 3 Firewalls Firewalls Effective means of protection a local system or network of systems from network-based security threats while affording access to the outside world via WAN`s or the Internet
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Fabian Ng 4 Firewalls Firewalls Information systems undergo a steady evolution (from small LAN`s to Internet connectivity) Strong security features for all workstations and servers not established The firewall is inserted between the premises network and the Internet Aims: Establish a controlled link Protect the premises network from Internet-based attacks Provide a single choke point
Background image of page 4
Fabian Ng 5 Firewall Characteristics Firewall Characteristics Design goals: All traffic from inside to outside must pass through the firewall (physically blocking all access to the local network except via the firewall) Only authorized traffic (defined by the local security police) will be allowed to pass The firewall itself is immune to penetration (use of trusted system with a secure operating system)
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Fabian Ng 6 Firewall Characteristics Firewall Characteristics Four general techniques: Service control Determines the types of Internet services that can be accessed, inbound or outbound filters traffic on the basis of IP address and TCP port number; provides proxy software that receives and interprets each service request before passing it on; or may host the server software itself. Direction control Determines the direction in which particular service requests are allowed to flow
Background image of page 6
Fabian Ng 7 Firewall Characteristics Firewall Characteristics User control Controls access to a service according to which user is attempting to access it Behavior control Controls how particular services are used (e.g. filter e- mail)
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Fabian Ng 8 Firewall Capabilities Firewall Capabilities Single choke point blocks malicious traffic simplifies security management Singular monitoring point location for monitoring, auditing and event triggering Platform for non-security functions can be used for network address translation and network management Platform for IPSec implements VPN via tunnel mode
Background image of page 8
Fabian Ng 9 Firewall Limitations Firewall Limitations Cannot protect from attacks bypassing it eg sneaker net, utility modems, trusted organizations, trusted services (eg SSL/SSH) Cannot protect against internal threats eg disgruntled employee Cannot protect against transfer of all virus infected programs or files because of huge range of OS and file types
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Fabian Ng 10 Types of Firewalls Types of Firewalls Three common types of Firewalls: Packet-filtering routers :
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 35

Seminar6_2010 - Seminar 6 Firewalls Fabian Ng 1 Outline...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online