Scribd Logo
Upload

Welcome to Scribd!

  • Firewall

    Uploaded by

    Rogers
    5 views16 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views16 pages

    Firewall

    Uploaded by

    Rogers

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 16

    IMPLEMENTATION

    OF ADVANCED
    POLICY FIREWALLS
    GROUP MEMBERS

    S/NO NAME REGISTRATION NO.

    1 GLADNESS MOSHI T/UDOM/2020/05266


    2 JOHNSON MASSAWE T/UDOM/2020/05230
    3 MUSTAPHA HASSAN T/UDOM/2020/10296
    4
    4 HUSSEIN ISSA
    CHRISTINA SOMPO T/UDOM/2020/05241
    T/UDOM/2020/05251

    5 HUSSEIN ISSA T/UDOM/2020/05241


    DEFINITION
     An advanced policy firewall is a type of firewall that
    provides more granular control over network traffic by
    allowing administrators to define policies based on
    specific criteria, such as application, user, or content.
     It examines the contents of network packets and
    compares them against predefined policies, allowing
    only authorized users and applications to
    access sensitive resources.
     Palo Alto Networks' Next-Generation Firewall
    (NGFW) is an example of an advanced policy firewall
    it uses a combination of signature-based and
    behavioral-based detection methods to identify threats
    HOW IT DIFFERS FROM
    OTHER FIREWALLS
     An advanced policy firewall differs from other firewalls in
    that it provides more granular control over network traffic
    based on specific criteria, such as application, user, and
    content. This allows administrators to create policies that are
    tailored to the specific needs of their organization and
    provide greater security against targeted attacks.
     Additionally, advanced policy firewalls typically include
    real-time threat detection, comprehensive protection
    against a wide range of threats, and scalability to handle
    large and complex networks. In contrast, traditional
    firewalls typically provide basic packet filtering and
    network address translation without the granular control or
    advanced features of advanced policy firewalls.
    FEATURES OF ADVANCED
    POLICY FIREWALL
     Granular control over network traffic based on a range of
    criteria, including application, user, content, and context.
     Real-time identification and blocking of threats, including
    known and unknown malware, phishing attempts, and
    other attacks
     Both Signature-based and behavioral-based detection
    methods are used to identify threats.
     Scalable to handle large and complex networks.
     Management and reporting tools to help administrators
    monitor and analyze network activity.
    WHERE CAN IT BE PLACED
    An advanced policy firewall can be placed in a variety of
    locations within a network, depending on the organization's
    specific security needs. Some common locations for advanced
    policy firewalls include:
    At the network edge: An advanced policy firewall can be
    placed at the edge of a network, such as between the internet
    and an organization's internal network. This can help to
    prevent unauthorized access and block malicious traffic before
    it enters the network.
    Within the internal network: An advanced policy firewall
    can also be placed within an internal network to protect
    specific resources or segments. This can be useful for
    protecting sensitive data or critical systems that require
    additional security.
    WHERE CAN IT BE PLACED
    CONT….
     In the cloud: As more organizations move their
    applications and data to the cloud, advanced policy firewalls
    can be placed in cloud environments to provide additional
    security. This can help to protect cloud-based applications
    and data from attacks and ensure compliance with relevant
    regulations and standards.
    GENERALLY: The placement of an advanced policy firewall
    will depend on the organization's specific security needs and
    the network architecture. It's important to carefully consider
    the placement of a firewall and ensure that it is configured
    correctly to provide the desired level of protection.
    RECOMMENDED VENDORS
    The choice of vendor and product will depend on the
    organization's specific security needs, budget, and
    network architecture. Here are some recommended
    vendors
    1.Cisco
    2.Palo alto networks
    3.Fortinet
    4.Checkpoint
    5.Juniper networks
    How to configure advanced
    policy firewall
    Configuring an advanced policy firewall like the Palo Alto Networks
    NGFW typically involves the following steps:
    Define security policies: Involves identifying the applications and
    services that need to be allowed or blocked, and creating policies that
    specify which users or groups are allowed to access them. Policies can be
    based on a range of criteria, including application, user, content, and
    context.
    Configure network interfaces: Involves setting up the interfaces that
    connect the firewall to the network, and configuring IP addresses, subnet
    masks, and other network settings as needed.
    Configure security profiles: Advanced policy firewalls typically use
    security profiles to enforce policies and detect threats. Security profiles
    can include intrusion prevention, antivirus, web filtering, and other
    security features. These profiles need to be configured and tuned to match
    the organization's security needs.
    How to configure advanced
    policy firewall cont…
    Configure logging and reporting: To effectively monitor and
    analyze network activity, an advanced policy firewall needs to be
    configured to log events and generate reports. This involves setting up
    logging and reporting settings, and configuring alerts and
    notifications as needed.
    Test and verify: Once the advanced policy firewall has been
    configured, it's important to test and verify that it is working as
    expected. This involves testing policies, security profiles, logging and
    reporting, and other features to ensure that they are providing the
    desired level of protection and are not causing any disruptions to
    legitimate network traffic.
    Note: It's worth noting that configuring an advanced policy firewall
    can be a complex and time-consuming process, and may require
    specialized knowledge or support.
    IMPORTANCE OF ADVANCED
    FIREWALLS
    Granular control: Advanced policy firewalls provide
    granular control over network traffic based on specific
    criteria, such as application, user, and content. This allows
    administrators to create policies that are tailored to the
    specific needs of their organization and provide greater
    security against targeted attacks.
    VPN Support: Advanced policy firewalls often include
    VPN capabilities, enabling secure remote access to the
    network. This is crucial for organizations with remote
    workers or branches, providing secure communication and
    protecting sensitive data.
    IMPORTANCE OF ADVANCED
    FIREWALLS
    Enhanced Security: Advanced policy firewalls provide advanced
    threat detection and prevention capabilities, such as deep packet
    inspection, intrusion prevention, and application-level control.
    They help protect the network from various cyber threats, including
    malware, unauthorized access attempts, and data breaches.
    Scalability: Advanced policy firewalls are designed to be scalable,
    allowing them to handle large and complex networks. This makes
    them suitable for use in a wide range of organizations, from small
    businesses to large enterprises.
    Compliance: Advanced policy firewalls can help organizations
    meet industry-specific security requirements and comply with
    relevant regulations and standards.
    LIMITATIONS OF ADVANCED
    FIREWALLS
    Encrypted Traffic: Advanced policy firewalls face
    challenges in inspecting encrypted traffic, such as HTTPS.
    As encryption prevents visibility into the content, it
    becomes difficult to identify potential threats hidden within
    encrypted communications.
    False Positives and Negatives: Intrusion prevention
    systems and deep packet inspection techniques used in
    NGFWs may occasionally generate false positives, flagging
    legitimate traffic as malicious. On the other hand, false
    negatives may occur, allowing potentially harmful traffic to
    pass undetected.
    LIMITATIONS OF ADVANCED
    FIREWALLS
    Performance Impact: The advanced inspection and
    analysis performed by NGFWs can impose a performance
    impact on network throughput. The computational overhead
    required for deep packet inspection and other security
    features may introduce latency and affect overall network
    performance.
    Evolving Threat Landscape: Advanced policy firewalls
    need to continually update their threat intelligence and
    security signatures to keep up with the constantly evolving
    threat landscape. Failure to do so may result in missing
    emerging threats or new attack vectors.
    CONCLUSION
    • A firewall is an appliance (a combination of
    hardware and software) or an application
    (software) designed to control the flow of
    Internet Protocol (IP) traffic to or from a
    network or electronic equipment. Firewalls
    are used to examine network traffic and
    enforce policies based on instructions
    contained within the Firewall's Ruleset.
    THANK YOU…

    You might also like