Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates Fundamentals of Firewalls What is a firewall? – A firewall is a software or hardware that prevents unauthorized access, and enforces an access control party between two networks. – A firewall imposes its policy on everything behind it. – YOU – the user decides the policy Why do we need a firewall? To prevent certain types of data from getting in or out of particular areas Security between the outside world and your network, especially protection from most Internet security threats Firewalls keep damage on one part of the network What does a firewall protect against? Security threats posed by the Internet Unauthenticated interactive logins Application backdoors SMTP session hijacking Operating system bugs Denial of service E-mail bombs Macros Viruses Spam Redirect bombs Source routing What does a firewall not protect against? Certain class of threats such as inside attacks, and Outside attacks that it cannot detect Tunneling over most application protocols to trojaned or poorly written clients Data-driven attacks- something is mailed or copied to an internal host where it is then executed. – Past occurrences against OutLook OSI MODEL & FIREWALLS Packet Filter Firewalls Work at network layer Usually routers and firewall appliances Scan IP header in rule base for: – – – – Source IP address Destination IP address TCP/UDP source port TCP/UDP destination port Example on web Circuit Level Gateways Work in session layer of the OSI model (~ transport layer of the TCP/IP model) Ensures that the session between two end users is legitimate However, no further processing or filtering of individual packets is done. Application Level Gateways Work in application layer Usually proxy servers, also personal firewalls High level of security Can slow down network Example: Proxy Server and DMZ Stateful Multilayer Inspection Firewalls Combination of the above High level of security, and good performance Expensive Complex TYPES OF FIREWALLS Personal Firewalls Software-only solutions No external devices – Easy to install and upgrade Protects against: – Worms, Trojan horses, and spyware Examples: ZoneAlarm, BlackIce Advantages, Disadvantages Firewall Appliances Specialized hardware devices, sometimes part of SOHO router Can be Plug and Play Provide NAT and TCP port inspection DMZ Example: NetGear, Linksys etc. Turnkey Solutions Turnkey solutions combine (arguably) the best of both Appliance and Software-only solutions Wider range of services offered More expensive, greater number of components Differences between software and hardware firewalls On webpage: Level of Protection Manageability Cost Analysis Feature Set Comparison Future Outlook Grade Summary REMEMBER The use of firewalls presents a tradeoff between service and protection. Decide what your optimal balance between security and service is!!! Conclusion Implementing a firewall is a great tool for security purposes BUT, DO EXPECT FAILURE PLAN FOR THE WORST Q&A Questions?