13 Firewalls - Firewalls Guide to Network Defense and...

Info iconThis preview shows pages 1–15. Sign up to view the full content.

View Full Document Right Arrow Icon
Guide to Network Defense and Countermeasures, Second Edition 1 Firewalls
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Guide to Network Defense and Countermeasures, Second Edition 2 Firewalls Explain what firewalls can and cannot do Describe common approaches to packet filtering Establish a set of rules and restrictions for a firewall Design common firewall configurations Compare hardware and software firewalls
Background image of page 2
Guide to Network Defense and Countermeasures, Second Edition 3 An Overview of Firewalls Firewall Hardware or software Can configure to block unauthorized network access Firewalls cannot protect against malicious insiders Who send proprietary information out of the organization Firewalls cannot protect connections that do not go through it
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Guide to Network Defense and Countermeasures, Second Edition 4 What Firewalls Are Network firewall Combination of multiple software and hardware components Earliest firewalls were packet filters Some firewalls are designed for consumers Norton Personal Firewall ZoneAlarm Sygate Personal Firewall
Background image of page 4
Guide to Network Defense and Countermeasures, Second Edition 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Guide to Network Defense and Countermeasures, Second Edition 6 What Firewalls Are (continued) Rules for blocking traffic are done case-by-case Actions include: Allow the traffic Block the traffic Customize access Check Point Next Generation (NG) firewall Designed to protect and monitor large-scale networks Firewall appliances Self-contained hardware devices
Background image of page 6
Guide to Network Defense and Countermeasures, Second Edition 7
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Guide to Network Defense and Countermeasures, Second Edition 8
Background image of page 8
Guide to Network Defense and Countermeasures, Second Edition 9 What Firewalls Are Not Firewalls are not a standalone solution Cannot protect from internal threats Need strong security policy and employee education Firewalls must be combined with Antivirus software IDS Open Platform for Security (OPSEC) Protocol used by Check Point NG to integrate with other security products
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Guide to Network Defense and Countermeasures, Second Edition 10 Approaches to Packet Filtering Stateless packet filtering Stateful packet filtering Packet filtering depends on position of components
Background image of page 10
Guide to Network Defense and Countermeasures, Second Edition 11 Stateless Packet Filtering Decides whether to allow or block packets based on information in the protocol headers Filtering based on common IP header features IP address Ports and sockets ACK bits Intruders can get around these defenses Advantage: Inexpensive Disadvantage: Cumbersome to maintain
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Guide to Network Defense and Countermeasures, Second Edition 12
Background image of page 12
Guide to Network Defense and Countermeasures, Second Edition 13 Stateful Packet Filtering (continued) Keeps a record of connections a host computer has made with other computers Maintain a file called a state table containing record of all current connections Allows incoming packets to pass through only from external hosts already connected
Background image of page 13

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Guide to Network Defense and Countermeasures, Second Edition 14
Background image of page 14
Image of page 15
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 76

13 Firewalls - Firewalls Guide to Network Defense and...

This preview shows document pages 1 - 15. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online