NETWORK

SECURITY
CS412 Group 5 and 6
Knowledge Sithole B1953752
Tinashe Taruvinga B1953017
Allan Kamuruko B190044A
Rowson Zingwina B190191A
Kudzai Tsikira B1953895
Moses Jawi B1952984
Liberty Alois Chandiwana B1953675
Trisher T Mpatsi B191368A
Munashe Ticharambeyi B1953003
FIREWALLS
 FIREWALL
• Is a network security system designed to prevent unauthorised access to or from a private network.
• Network firewalls are frequently used to prevent internet users from accessing private networks connected to the
internet, especially intranets.

• All messages entering or leaving the intranet pass through the firewall which examines each message and blocks
those that do not meet the specified security criteria.
• Firewalls can be implemented in both hardware and software or a combination of both.
• Firewalls can be either hardware or software but the ideal configuration will consist of both.

• In addition to limiting access to your computer and network, a firewall is also useful for allowing remote access to
a private network through secure authentication certificates and logins.
• Hardware firewalls can be bought as a standalone product but are also typically found in broadband routers, and
should be considered an important part of your system and network set-up.

• Most hardware firewalls will have a minimum of four network ports to connect other computers, but for larger
networks, business networking solutions are available.
 SOFTWARE FIREWALLS

• Software firewalls are installed on your computer( like any software) and you can customise it;
allowing you some control over its function and protection features.

• A software firewall will protect your computer from outside attempts to control or gain access to
your computer.
 TYPES OF FIREWALLS

• PACKET FILTER
• APPLICATION GATEWAY
• PROXY SERVER FIREWALL
• COMODO FIREWALL
• WINDOWS FIREWALL
• NEXT GENERATION FIREWALL
 1. PACKET FILTER

• Looks at each packet entering or leaving the network and accepts or rejects it based on user defined rules.
• Uses transport-layer information only

• It is fairly effective and transparent to users but it is difficult to configure.

• In addition, it is prone to IP Spoofing.

 2.APPLICATION GATEWAY

• Applies security mechanisms to specific applications, such as FTP

and Telnet servers.

• This is very effective but can impose a performance degradation.

 3.PROXY SERVER FIREWALL

• Intercepts all messages entering and leaving the network.

• The proxy server can effectively hides the true network addresses.
 4.COMODO FIREWALL

• Is one of many free internet security tools for Microsoft Windows developed by
Comodo Group.

• It manages traffic, secures and monitors in or out connections and block internet
attacks.

• It uses Default Deny Protection(DDP) a prevention-based technology , to

reference a list of over 2 million known friendly applications and will alert you
when an application is not on the list.
 5. WINDOWS FIREWALL INTRO

• Windows firewall is a Microsoft Windows application that filters information coming to

your system from the internet and blocking potentially harmful programs.

• Users simply add a program to the list of allowed programs to allow it to communicate
through the firewall.
• Windows firewall can also secure the system by blocking all unsolicited attempts to
connect to your computer.
 6.NEXT GENERATION FIREWALL (NGFW)

• A newer class of Firewalls, NGFW ,filters network and internet traffic based
upon the applications or traffic types using specific ports.

• NGFW blend the features of a standard firewall with Quality of Service(QoS)

functionalities in order to provide smarter and deeper inspection
IPSEC/VPN
 VPN

• A virtual private network (VPN) is a technology that creates a safe and encrypted connection over a less
secure network, such as the internet.
• A Virtual Private Network is a way to extend a private network using a public network such as the internet.
 TYPES OF VIRTUAL PRIVATE NETWORK (VPN) AND ITS PROTOCOLS

• Remote Access VPN permits a user to connect to a private network and access all its services
and resources remotely.
• The connection between the user and the private network occurs through the Internet and the
connection is secure and private
• Private users or home users of VPN, primarily use VPN services to bypass regional restrictions
on the Internet and access blocked websites.
 SITE TO SITE VPN:

• Companies or organizations, with branch offices in different locations, use Site-to-site VPN to
connect the network of one office location to the network at another office location.
• Intranet based VPN: When several offices of the same company are connected using Site-to-Site
VPN type, it is called as Intranet based VPN.
• Extranet based VPN: When companies use Site-to-site VPN type to connect to the office of
another company, it is called as Extranet based VPN.
• Basically, Site-to-site VPN create a imaginary bridge between the networks at geographically
distant offices and connect them through the Internet and sustain a secure and private
communication between the networks.
• In Site-to-site VPN one router acts as a VPN Client and another router as a VPN Server as it is
based on Router-to-Router communication. When the authentication is validated between the two
routers only then the communication starts.
 TYPES OF VIRTUAL PRIVATE NETWORK
(VPN) PROTOCOLS:
• Layer 2 Tunneling Protocol (L2TP):
L2TP or Layer 2 Tunneling Protocol is a tunneling protocol that is often combined with another
VPN security protocol like IPSec to establish a highly secure VPN connection.
• L2TP generates a tunnel between two L2TP connection points and IPSec protocol encrypts the
data and maintains secure communication between the tunnel.
 POINT–TO–POINT TUNNELING PROTOCOL
(PPTP):
• PPTP or Point-to-Point Tunneling Protocol generates a tunnel and confines the data packet.
Point-to-Point Protocol (PPP) is used to encrypt the data between the connection.
• PPTP is one of the most widely used VPN protocol and has been in use since the early release of
Windows. PPTP is also used on Mac and Linux apart from Windows.
 SSL AND TLS:

• SSL (Secure Sockets Layer) and TLS (Transport Layer Security) generate a VPN connection
where the web browser acts as the client and user access is prohibited to specific applications
instead of entire network. Online shopping websites commonly uses SSL and TLS protocol.
• It is easy to switch to SSL by web browsers and with almost no action required from the user as
web browsers come integrated with SSL and TLS. SSL connections have “https” in the initial of
the URL instead of “http”.
 OPENVPN:

• OpenVPN is an open source VPN that is commonly used for creating Point-to-Point and Site-to-
Site connections. It uses a traditional security protocol based on SSL and TLS protocol.
 SECURE SHELL (SSH):

• Secure Shell or SSH generates the VPN tunnel through which the data transfer occurs and also
ensures that the tunnel is encrypted.
• SSH connections are generated by a SSH client and data is transferred from a local port on to the
remote server through the encrypted tunnel.
 INTERNET PROTOCOL SECURITY (IPSEC)

• Internet Protocol Security, known as IPSec, is used to secure Internet communication across an IP network.
• IPSec secures Internet Protocol communication by verifying the session and encrypts each data packet
during the connection.
• IPSec runs in 2 modes:
• (i) Transport mode
• (ii) Tunneling mode
• The work of transport mode is to encrypt the message in the data packet and the tunneling mode
encrypts the whole data packet. IPSec can also be used with other security protocols to improve
the security system.