Lecture_15_Firewalls

Lecture_15_Firewalls - IPv4 versus IPv6 IP V4 IHL describes...

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
COMP 6370 Firewalls – Lecture 15 1 IPv4 versus IPv6 IP V6 Traffic class to support priority Flow label (experimental) -- flow controllable -- Can traffic be slowed in case of congestion? Header simplified because of option to add extension headers else indicates which transport handler to pass the packet to. IP V4 IHL describes how long the variable length header is ToS – reliability vs. speed ID – dest uses to assemble fragments Protocol – UDP, TCP etc.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
COMP 6370 Firewalls – Lecture 15 2 Definition of a VP(rivate)N A network where packets that are internal to a private network pass across a public network. Without being obvious to hosts on the private network Illusion of a dedicated, circuit-switched network In general, VPNs use encryption to protect the packets as they pass across the public network. VPN solutions are popular because it is often cheaper to connect two local networks via public networks (i.e. Internet connections) than via private networks
Background image of page 2
COMP 6370 Firewalls – Lecture 15 3 Tunneling Revisited A special case when source and destination networks are the same type, but there is a different network between them. Reid’s host sends an ethernet frame to an Adelaide-based multi- protocol router with the Auburn IP address encapsulated in the ethernet frame. Adelaide router removes the IP packet and inserts into the payload of the WAN frame and addresses the WAN frame to the multi-protocol router in Auburn. Auburn router receives the WAN packet, removes the IP packet and sends it to Hamilton’s host. IP IP Ethernet Frame IP Ethernet Frame IP packet inside payload Field of the WAN packet WAN Pipe Multiprotocol Router Multiprotocol Router Darryn Reid Adelaide, Australia Drew Hamilton Auburn, AL, USA TELESTRA PTT WAN
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
COMP 6370 Firewalls – Lecture 15 4 Firewalls Traditionally, a firewall is a wall separating two areas, in a building, a car, etc., to prevent fire from propagating from one area to another. By extension, it is used to separate two networks, to prevent hostile packets from one network from reaching the other. The most common firewall configuration protects a company's private network from the Internet. Firewalling traditionally operates by inspecting packet headers and discarding packets with undesirable header info.
Background image of page 4
COMP 6370 Firewalls – Lecture 15 5 Tanenbaum’s View of Firewalls in the Network
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Firewalls – Lecture 15 6 Firewall Characteristics Firewalls have at least two network interfaces. have rules to forward the packets. A tightly configured firewall won’t allow any incoming packets and will allow outgoing packets to only trusted machines. It is expensive to put security patches on every
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 33

Lecture_15_Firewalls - IPv4 versus IPv6 IP V4 IHL describes...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online