Firewalls

Julie Petrusa

S.A.M. Matiur Rahman

Carlo Mormina

Introduction

• What is a firewall?

• What does it protect you from?

• Benefits of a firewall.

• What it can’t protect you from.

• Types of firewalls.

• Composition of a typical firewall.

• Observations and conclusion.

A firewall is simply a program or hardware device that filters the information coming through the Internet connection into your private network or computer system.

A firewall ISOLATES your computer from the Internet using a "wall of code" that

inspects each individual "packet" of data as it arrives at either side of the firewall — inbound to or outbound from your computer — to determine whether it should be allowed to pass or be blocked.

What Is A Firewall?

              

The firewall is part of an overall security policy (between an organization's network and the Internet)

that creates a perimeter defense designed to protect the information resources of the organization.

The firewall determines

(a) which inside services may be accessed from the outside, (b) which outsiders are permitted access to the permitted inside services, (c) and which outside services may be accessed by insiders.

For a firewall to be effective, all traffic to and from the Internet must pass through the

firewall, where it can be inspected (see diagram). The firewall must permit only authorized traffic to pass, and the firewall itself must be

immune to penetration.

What Is A Firewall? (con’t)

There are many creative ways that unscrupulous people use to access or abuse unprotected computers:

Remote login Application backdoors SMTP session hijacking Operating system bugs Denial of service E-mail bombs Macros Viruses Spam Redirect bombs Source routing

What Firewalls Protect You From

Internet firewalls manage access between the Internet and an organization's private network. Without a firewall, each host system on the private network is exposed to attacks from other hosts on the Internet. This means that the security of the private network would depend on the "hardness" of each host's security features and would be only as secure as the weakest system.

Internet firewalls allow the network administrator to define a centralized "choke point" that keeps unauthorized users such as hackers, crackers, vandals, and spies out of the protected network; prohibits potentially vulnerable services from entering or leaving the protected network; and provides protection from various types of routing attacks. An Internet firewall simplifies security management, since network security is consolidated on the firewall systems rather than being distributed to every host in the entire private network.

Benefits Of A Firewall (Advantages)

Firewalls offer a convenient point where Internet security can be monitored and alarms generated. It should be noted that for organizations that have connections to the Internet, the question is not whether but when attacks will occur. Network administrators can audit and log all significant traffic through the firewall.

The Internet has been experiencing an address space crisis that has made registered IP addresses a less plentiful resource. This means that organizations wanting to connect to the Internet may not be able to obtain enough registered IP addresses to meet the demands of their user population. An Internet firewall is a logical place to deploy a Network Address Translator that can help alleviate the address space shortage and eliminate the need to renumber when an organization changes Internet service providers.

An Internet firewall can also offer a central point of contact for information delivery service to customers. The Internet firewall is the ideal location for deploying World Wide Web and FTP servers. The firewall can be configured to allow Internet access to these services, while prohibiting external access to other systems on the protected network.

Benefits Of A Firewall (Advantages)

A firewall cannot control anything which happens after a user has passed

authentication and access check. If a disgruntled employee properly identifies himself, properly logs into a secured machine, and then proceeds to delete all of the files on that machine, the firewall did its job in ensuring that it was a properly authorized user.

A firewall cannot control people who go around it. If perimeter security has been

broken, for instance that same disgruntled employee plugged his phone line into a modem attached to his networked computer, he (or presumably anyone else) can dial that phone line and bypass all firewall checks.

A firewall cannot control people who physically walk up to a machine which is in the

secured network and break in.

What Can A Firewall Not Do?

Types Of Firewalls

Conceptually there are two types of firewalls:

Network Level-

Makes decisions based on resources, destination address

of packets.

Application Layer –

Generally are hosts running proxy servers which permits no traffic directly between networks

Composition Of A Typical Firewall

Packet-filtering router Filtering rules are based on packet header information provided by the IP Process

Application-level gateway(or proxy server)Proxy code is configured by a network administrator for acceptable security features

Circuit-level gatewayThe firewall is easier on the internal users allowing them reasonable access to the internet, but stricter formalities from external attacks

Observations & Conclusion

-As with software, one must choose a type of firewall to implement, that is best suited according to security needs.

-Security standards of firewalls become obsolete very quickly.

-Firewalls should not be the only line of security, it should be

be used in conjunction with virus software and encryption devices.

-It is estimated that 80% of successful hacks are carried out on networks with firewalls.

-Recent hacks into the Pentagon and Microsoft has made people wonder about the efficiency of firewalls.

Observations & Conclusion

-A firewall is a critical piece of software and shouldn’t be viewed as one-style-fits-all configuration.

-Cost of typical firewall: (Ex. CISCO firewall)

NT Server : 4000.00

Netscape Proxy server software: 995.00

Workstation config.(approx. 30 hr install.) 3000.00

Proxy and WINS S/W(approx. 10 hr install.)1000.00

Total Cost: $8995.00