WeLCOME

SEMINAR ON FIREWALL

AMAN BHARDWAJ
B.Tech(CS) 4th SEM
ROLL NO.- 15
Firewalls
Firewalls
 What is a Firewall

 Types of Firewall
 Network Layer and Packet Filters
 Application Layer
 Proxy Firewalls
 Network Address Translations
What is a Firewall?
 A hardware or software solution which restricts
access between your network and an outside
network.
 Firewall can be uni-directional or bi-directional
 Usually at perimeter (where the two networks meet)
 Like a Military Checkpoint:
 Stops all traffic in and/or out of your network
 Inspects the traffic to see if it meets the security policy
 Allows or denies the traffic based on the security policy
 Like a real checkpoint, it will slow down traffic!!!
What is a Firewall
 A firewall's function within a network is similar
to firewalls in building construction, because in
both cases they are intended to isolate one
"network" or "compartment" from another.
However, network firewalls, unlike physical
firewalls, are designed to allow some traffic to
flow.
What is a Firewall?
 A firewall : Internet
 Acts as a security gateway
between two networks

Corporate Network
 Usually between trusted Gateway
and untrusted networks
(such as between a
corporate network and
the Internet

Corporate
Site
EVOLUTION OF FIREWALLS

Stateful
Inspection

Application
Proxy

Packet
Filter

Stage of Evolution
Types of Firewall
There are mainly four types of Firewalls

 Network layer and packet filters

 Application-layer
 Proxies
 Network address translation
Packet Filter
 How Packet filters work
 Read the header and filter by whether fields
match specific rules

 The firewall administrator may define the rules; or

default rules may apply

 Operate at network level, not application level

Application-Layer

• Application-layer firewalls work on the

application level of the TCP/IP stack, and may
intercept all packets traveling to or from an
application.
• Stronger security
• Harder to implement and maintain
Requires writing new or custom rules/proxies as
applications and protocols change or are introduced
• Slower performance, less scalable
Proxy firewalls
 Proxy firewalls pass data between two
separate connections, one on each side of
the firewall.

 Proxies should not route packets between

interfaces.
Network Address Translation
(NAT)
 NAT changes the ip addresses in a packet, so that
the address of the client inside never shows up on
the internet.

 Examples: Cisco PIX, Linux Masquerading, Firewall

One, ipfilter
Appropriate use of Firewalls
 Firewalls are applicable when –
 When there is two networks that have a distinct
trust factor (friend/foe).
 When protected networks connection must
terminate behind firewall.
 When there is need for extra layer of protection
for certain applications.
Configuration Considerations
 By default, less trusted networks has NO access to
the trusted network (deny all).

 Be port specific as possible when allowing outside

host to access applications.

 Rulesets/access-list will not work unless applied to

interface.

 Certain applications are very firewall sensitive (i.e.

Voice, H323)
THANK YOU