FIRE WALLS

Prepared By Komal Basharat

 WHAT IS FIREWALL

• A firewall system is a secure host that acts as a barrier between your internal network and
outside networks. Each network approaches the other as untrusted.
• A firewall is a device installed between the internet network of an organization and the rest of
Internet. 
• You should consider this setup as mandatory between your internal network and any external
networks, such as the Internet, with which you want to communicate.
 WORKING OF FIREWALL

• A firewall is a system designed to prevent unauthorized access to or from a private network. 

• Firewalls prevent unauthorized internet users from accessing private networks connected to the
internet, especially intranets. All messages entering or leaving the intranet (the local network to
which you are connected) must pass through the firewall, which examines each message and
blocks those that do not meet the specified security criteria.
TYPES OF FIREWALL
 FIREWALL CAPABILITIES

• It defines a single choke point to keep unauthorized users out of protected network
• It prohibits potentially vulnerable services from entering or leaving the network
• It provides protection from various kinds of IP spoofing
• It provides a location for monitoring security-related events
• Audits and alarms can be implemented on the firewall systems
• A firewall is a convenient platform for several internet functions
• Firewall systems fall into three categories on the base of its generations
• Network-level/packet filter firewall
• Application-level Firewall
• Next Generation Firewalls (NGFW)
 NETWORK-LEVEL FIREWALLS/PACKET FILTER
FIREWALL
 
• Also called Packet filter firewall
• It can be used as packet filter. These firewalls examine only the headers of each packet of
information passing to or from the Internet. The firewall accepts or rejects packets based on the
packet’s sender, receiver, and port. For example, the firewall might allow e-mail and Web
packets to and from any computer on the intranet, but allow telnet (remote login) packets to and
from only selected computers.
• Packet filter firewall maintains a filtering table that decides which packets are to be forwarded or
discarded. A packet filter firewall filters at the network or transport layer.
 APPLICATION LEVEL FIREWALL

• sometimes referred to as a proxy firewall

• An application level firewall evaluates network packets for valid data at the application layer
before allowing a connection. The firewall examines the data in all network packets at the
application layer and maintains complete connection state and sequencing information.
 ADVANTAGES OFFERED BY APPLICATION
LAYER FIREWALLS
• Authenticate individuals
• It’s more difficult to spoof and make DoS attacks
• Can monitor and filter application data
 NEXT GENERATION FIREWALLS (NGFW)

•  Next Generation Firewalls are being deployed these days to stop modern security breaches like
advance malware attacks and application-layer attacks. NGFW consists of Deep Packet
Inspection, Application Inspection, SSL/SSH inspection and many functionalities to protect the
network from these modern threats.
  TYPES OF FIREWALL

• Firewalls are generally of two types: Host-based and Network-based.

• Host- based Firewalls : Host-based firewall is installed on each network node which controls
each incoming and outgoing packet. It is a software application or suite of applications, comes as
a part of the operating system.
• Host firewall protects each host from attacks and unauthorized access.
• Network-based Firewalls : Network firewall function on network level. In other words, these
firewalls filter all incoming and outgoing traffic across the network. It protects the internal
network by filtering the traffic using rules defined on the firewall.
• A Network firewall might have two or more network interface cards (NICs). A network-based
firewall is usually a dedicated system with proprietary software installed.