Matakuliah Tahun Versi : H0451/Praktikum Jaringan Komputer : 2006 : 1/0 Pertemuan 05 Firewall 1 Learning Outcomes Pada akhir pertemuan ini, diharapkan mahasiswa akan mampu : • Menjelaskan mengenai Firewall 2 Outline Materi • Fungsi • Type 3 Firewall • A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets of digital information that attempt to pass through the perimeter or a network. • A firewall is simply a program or hardware device that filters the information coming through the Internet connection into your private network or Computer system. If an incoming packet of information is flagged by the filters, it is not allowed through. 4 Firewall • • • • Sole purpose is to filter traffic Placed at appropriate location in network Can also be host-based Performance is important 5 Perimeter Defense A firewall is said to provide “perimeter security” because it sits on the outer boundary, or perimeter, or a network. The network boundary is the point at which one network connects to another. 6 Firewall Limitations • Cannot protect from attacks bypassing it • Cannot protect against internal threats – e.g. disgruntled employee • Cannot protect against transfer of all virus infected programs or files – because of huge range of O/S & file types 7 Characteristic • Network firewalls usually run on proprietary or minimized operating systems • Two approaches to establishing rules – Default permit – Default deny 8 Type Firewall • Types – Packet filter – Stateful inspection – Application proxy – Personal 9 Packet Filtering Firewall • Routers are the most common example – implemented via Access Control Lists (ACL’s) • Controls access based on src/dest ip address, port and protocol – does not see the contents of the packet • Used for egress and ingress filters – ensure outgoing and incoming addresses are appropriate 10 Stateful Inspection Firewall • Maintains “state” from one packet to another in the network stream • Tracks the sequence of packets and conditions for packets within a connection – Examine each IP packet in context – Keeps tracks of client-server sessions – Checks each packet validly belongs to one • Better able to detect bogus packets out of context 11 Application Proxy Firewall • Runs pseudo-applications • Internal clients talk to the proxy and it in turn talks to the “outside” • More resource intensive on the firewall box than stateful inspection firewall 12 Personal Firewalls • Application that runs on a workstation (the one being protected) to block unwanted traffic • Some vended products include host-based intrusion detection features 13 Firewall Configurations 14 Firewall Configurations 15 Firewall Configurations 16