Data Security in

Local Networks using

Distributed Firewalls

Anvesh Bethu

Firewall

• It controls the incoming and outgoing network traffic based

on applied rule set.

• It establishes a barrier between a trusted, secure

internal network and another network (e.g., the Internet)

that is assumed not to be secure and trusted.

Firewall Protects Against The Following Security Threats

Denial of Service (DOS)

IP Spoofing or IP Masquerading

Session Hijacking

Illegal Security Break-Ins

Physical Access to Servers in Data Centers

Corporate NetworkCorporateFirewall

Internet

InternalExternal

ExternalHost

InternalHost

1

InternalHost

2(untrusted)

Webserver

IntranetWebserver(companyprivate)

Architecture of standard firewall connection to the web server

Corporate NetworkCorporateFirewall

Internet

InternalExternal

ExternalHost

InternalHost

1

InternalHost

2(untrusted)

Webserver

IntranetWebserver(companyprivate)

blocked byfirewall connection

allowed,but should

not be

Architecture of standard firewall, connection to the Internet

• Distributed firewall is a mechanism to enforce a network

domain security policy through the use of policy language.

• Security policy is defined centrally.

• This enables the identification of any member of the network

policy domain.

• Distributed Firewalls secure the network endpoints, exactly

where the hackers try to penetrate.

• It filters traffic from both the internal and internet network.

• They overcome the single point of failure concept.

Distributed firewalls

Architecture of Distributed Firewalls

Architecture of Distributed Firewalls

The management centre

Policy actuator

Remote endpoint connectors

Log server

Distributed firewall example to webserver

Corporate NetworkInternet

InternalExternal

ExternalHost

InternalHost

1

InternalHost

2(untrusted)

Webserver

IntranetWebserver(companyprivate)

InternalHost

(telecommuting)

Distributed Firewall example to Intranet

Corporate NetworkInternet

InternalExternal

ExternalHost

InternalHost

1

InternalHost

2(untrusted)

Webserver

IntranetWebserver(companyprivate)

InternalHost

(telecommuting)

Application Interaction with keynote

• Keynote provides a simple notation for specifying both local security policy and credentials that can be sent over an un-trusted network.

• Applications communicate with a “keynote evaluator”.

• monotonicity, means that gives a set of credentials associated with request, if there is any subset that would cause the request to be approved then the complete set will also cause the request to be approved.

• This simplifies both request resolution and credential management.

Application Interaction with Keynote

Verifier

Keynote

RequesterRequest, key, sign

Gather information local policy(Remote Credentials)

Pass information

GiveResponse

Evaluate

Components of Distributed firewalls

Central Management system Policy distribution Host-End Implementation

Central Management System

It addresses the need to maximize network security resources by enabling policies to be centrally configured, deployed, monitored, and updated.

From a single workstation, distributed firewalls can be scanned to understand the current operating policy and to determine if updating is required.

Policy Distribution

• The policy distribution scheme should guarantee the integrity of

the policy during transfer.

Host-End Implementation

• It provide any administrative control for the network administrator

to control the implementation of policies.

• The host allows traffic based on the security rules it has

implemented.

Reference

Firewalls 24 Seven, Strebehttp://ids.nic.in/http://en.wikipedia.org/wiki/Firewall_(computing)http://en.wikipedia.org/wiki/Distributed_firewallhttp://ijcsi.org/

Questions??