Group 3-2 - Firewalls and VPN Firewalls and VPN Created By Myrna Pacheco Kirk Bosnjak Rob Walls Course EEL 3531 Information Theory Dr Mark

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Firewalls and VPN Firewalls and VPN Created By: Myrna Pacheco Kirk Bosnjak Rob Walls Course: EEL 3531 Information Theory Dr. Mark Llewellyn February 22, 2009 Firewalls Firewalls •Proceeded by routers as security measures •Programming innovations for Networking •First Generation: Packet Filters •Second Generation: Stateful Filters •Evolution: OSI Model and Internet Model Firewalls Firewalls Hardware Style Firewalls • • • Routers enhanced with heuristics Scanning packets for source/destination information Sits at first incoming/outgoing position Software Style Firewalls • Proxy Server­type software configuration • OSI/Internet Model filters examining all layers Sits at first incoming/outgoing position • Isolated Double­buffering Firewalls Firewalls Intuitive Algorithms for spotting attacks and back door apps Integrated software within most routers Consumer friendly software in stand­alone and bundled packages Golden Shield Project (aka Great Firewall of China) Largest Attempt at isolating an internetwork Most attacked firewall design since 2003 Monitoring, filtering, and blocking sensitive online content in recent updates Firewalls Firewalls Conceptualization for Hardware/Software Network Interface: Exterior Traffic Content Addressable Memory Heuristic Algorithms: Encapsulation Scanning Outgoing Data Returning Data Transfer of Data to Intranetwork: Routers, Network Segments, or Host Computer: Stand Alone or Network Node Advantages of Firewalls Advantages of Firewalls • Relatively inexpensive or free for personal use. • New releases are becoming user friendly. • You can monitor incoming and outgoing security alerts and the firewall company will record and track down an intrusion attempt depending on the severity. •Some firewalls but not all can detect viruses, worms, Trojan horses, or data collectors. • A feeling of increased security that your PC and contents are being protected. Disadvantages of Firewalls Disadvantages of Firewalls 1. Cost varies 2. Firewalls evolve 3. Firewalls cannot protect you from internal sabotage within a network or from allowing other users access to your PC. 4. Firewalls offer weak defense from viruses so antiviral software is needed. 5. A firewall protection is limited once you have an allowable connection open. Virtual Private Network Virtual Private Network VPN Virtual Private Network Virtual Private Network VPN Definition­VPN is a private network that uses a public network (internet) to connect remote sites or users together. (Usually combined with encryption and authentication) Two main kinds of VPNs 1. Host­to­Gateway VPN ­ remote user of corporate resources 2. Gateway­to­Gateway VPN ­ create an encrypted tunnel between two gateways VPNs can be: Intranet­based ­ one or more remote locations joined in single private network Extranet­based – shared environment on LAN where 2 different companies Virtual Private Network Virtual Private Network VPN Secure VPNs use cryptographic tunneling protocols to provide the intended confidentiality (blocking snooping and thus Packet sniffing), sender authentication (blocking identity spoofing), and message integrity (blocking message alteration) to achieve privacy. Secure VPN protocols include the following: IPsec (IP security) ­ commonly used over IPv4, and a "standard option" in IPv6. SSL/TLS, used either for tunneling the entire network OpenVPN, an open standard VPN. A variation of SSL­based VPN, it can run over UDP. Virtual Private Network Virtual Private Network VPN Think of tunneling as having a computer delivered to you by UPS. The vendor packs the computer (passenger protocol) into a box (encapsulating protocol) which is then put on a UPS truck (carrier protocol) at the vendor's warehouse (entry tunnel interface). The truck The truck is the carrier protocol, (carrier protocol) travels over the the box is the encapsulating highways (Internet) to your home protocol and the computer is the (exit tunnel interface) and delivers passenger protocol. the computer. You open the box (encapsulating protocol) and remove the computer (passenger protocol). Tunneling is just that simple! Advantages and of VPN Advantages and of VPN 1. Cost Savings – lower cost 2. Security ­ VPNs provide the highest level of security using advanced encryption and authentication protocols that protect data from unauthorized access. 3. Deployment speed ­ no need to wait for new line 4.Scalability ­ VPNs allow corporations to utilize remote access infrastructure within ISPs. 5. Compatibility with Broadband Technology ­ VPNs allow mobile workers, telecommuters and day extenders to take advantage of high­speed, broadband connectivity Disadvantages of VPN Disadvantages of VPN 1. Overhead – vpn tunnels impose overhead for dial­in users 2. Encryption ­ data compression is no longer achievable 3. Implementation VPN has to be integrated into existing network environments Addresses, MTU, firewalls 4. Quality of Service – packet loss can be high Works Cited Works Cited http://en.wikipedia.org/wiki/Firewall_(networking)#History http://cba.unomaha.edu/faculty/garfathr/web/vpn_pros_cons.html http://homepages.uel.ac.uk/u0117002/NETWORKS.COM/aa010701c.htm http://www.ief.uni­ rostock.de/basoti/material/basoti2007/ns/NS_Mundt_080_VPN.pdf http://www.cisco.com/univercd/cc/td/doc/product/iaabu/centri4/user/s cf4ch3.htm http://www.wired.com/politics/security/magazine/15­11/ff_chinafirewall?cu http://www.sunshadowz.com/articles/firewalls_advantages.htm ...
View Full Document

This note was uploaded on 07/24/2011 for the course EEL 3531 taught by Professor Llewelyn during the Spring '09 term at University of Florida.

Ask a homework question - tutors are online