Building Your Own Firewall
description
Transcript of Building Your Own Firewall
![Page 1: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/1.jpg)
Building Your Own Firewall
Chapter 10
![Page 2: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/2.jpg)
Learning Objectives
List and define the two categories of firewalls
Explain why desktop firewalls are used
Explain how enterprise firewalls work
![Page 3: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/3.jpg)
Enterprise versus Desktop Firewalls
Enterprise firewall Protects entire network or a network segment Can be a separate hardware appliance or
software-only
Desktop firewall Software-only firewall intended to be installed
on one client computer on the network and provide protection only to that device
Also known as a personal firewall
![Page 4: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/4.jpg)
Enterprise Firewall
![Page 5: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/5.jpg)
Desktop Firewalls
Have generally replaced hardware firewalls for protection of a single deviceIntercept and inspect all data that enters or leaves the computerTraffic can generally be blocked by IP address, port address, or applicationProtects against rogue access points and worms
![Page 6: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/6.jpg)
Desktop Firewalls
![Page 7: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/7.jpg)
Rogue Access Point
![Page 8: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/8.jpg)
Desktop Firewalls
Help protect network by providing additional level of security at each network deviceRecent increase in popularityPopular desktop firewalls Tiny Personal Firewall Sygate Personal Firewall ZoneAlarm
![Page 9: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/9.jpg)
Tiny Personal Firewall
Unique for advanced security featuresBased on a technology certified by ICSAMade up of several different “engines”Includes an Intrusion Detection System (IDS) engineUses sandbox technology to create a closed environment around an application and restrict access to resources
![Page 10: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/10.jpg)
Firewall Engine
Performs stateful packet inspectionFilters network activity based on TCP/IP protocolSupports rules that link to specific applications (Application Filter)Ensures that an application program on the computer is the real program and not a Trojan horse Creates and checks MD5 signatures (checksums) of
application programs
![Page 11: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/11.jpg)
Tiny Personal Firewall Engine
![Page 12: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/12.jpg)
Checksums
![Page 13: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/13.jpg)
IDS Engine Report
![Page 14: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/14.jpg)
Sandbox Technology
Protects resources Device drivers Registry database that contains all
configurations of the computer File system
Shields and constantly monitors application programs to protect privacy and integrity of the computer system
continued
![Page 15: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/15.jpg)
Sandbox Technology
Protects against active content programs being used to perform: Theft of information and data Remote access via Internet Manipulation of communication Deletion of files Denial of service
![Page 16: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/16.jpg)
Tiny Personal Firewall Sandbox
![Page 17: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/17.jpg)
Sandbox Objects
![Page 18: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/18.jpg)
Sygate Firewalls
Protect corporate networks and desktop systems from intrusion
Prevent malicious attackers from gaining control of corporate information network
Range in design from enterprise-based security systems to personal firewall systems Secure Enterprise Personal Firewall Pro
![Page 19: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/19.jpg)
Sygate Secure Enterprise
Top-of-the-line product that combines protection with centralized management
Made up of Sygate Management Server (SMS) and Sygate Security Server SMS enables security managers to create a global
security policy that applies to all users and groups Subgroups can be created within the global group
Can produce detailed reports of firewall’s actions
![Page 20: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/20.jpg)
Sygate Management Server
![Page 21: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/21.jpg)
Sygate Personal Firewall Pro
Designed for business users but lacks centralized management features
Provides in-depth low-level tools for protecting computers from a variety of attacks
![Page 22: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/22.jpg)
Sygate Personal Firewall Pro
![Page 23: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/23.jpg)
Sygate Personal Firewall Pro
Blocks or allows specific services and applications instead of restricting specific TCP network ports
Fingerprinting system ensures that an application program is the real program and not a Trojan horse
![Page 24: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/24.jpg)
Sygate Personal Firewall Pro
![Page 25: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/25.jpg)
Sygate Personal Firewall Pro
Provides flexibility over rules that govern the firewall
Contains other features not commonly found on most desktop firewall products (eg, testing and connection)
Protects against MAC and IP spoofing
![Page 26: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/26.jpg)
Sygate Personal Firewall Pro
![Page 27: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/27.jpg)
ZoneAlarm Firewalls
Bi-directional; provide protection from incoming and outgoing traffic
Pop-up windows alert users to intrusion attempts
Four interlocking security services Firewall Application Control Internet Lock Zones
![Page 28: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/28.jpg)
ZoneAlarm Firewall
![Page 29: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/29.jpg)
ZoneAlarm Firewall
![Page 30: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/30.jpg)
ZoneAlarm Firewall
Uses fingerprints to identify components of a program as well as the program itself Prevents malicious
code from gaining control of computer
Stops potentially malicious active content
![Page 31: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/31.jpg)
ZoneAlarm Firewall
Application Control Allows users to decide which applications can or
cannot use the Internet
Internet Lock Blocks all Internet traffic while computer is unattended
or while Internet is not being used
Zones Monitors all activities on the computer; sends an alert
when a new application tries to access the Internet
![Page 32: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/32.jpg)
Internet Lock Settings
![Page 33: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/33.jpg)
Zone Security
![Page 34: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/34.jpg)
ZoneAlarm Logging Options
![Page 35: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/35.jpg)
Enterprise Firewalls
Still perform bulk of the work in protecting a network
First line of defense in a security management plan
Provide “perimeter security”
Allow security managers to log attacks that strike the network
![Page 36: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/36.jpg)
Popular Enterprise Firewall Products
Linksys firewall/router
Microsoft Internet Security and Acceleration (ISA) server
![Page 37: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/37.jpg)
Linksys
Offers a wide variety of routers, hubs, wireless access points, firewalls, and other networking hardware
Produces solid products that provide strong security and are easy to set up and use
![Page 38: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/38.jpg)
Linksys Firewall/Router
Comes in a variety of configurations
Good solutions for connecting a group of computers to a high-speed broadband Internet connection or to a 10/100 Ethernet backbone and also support VPN
![Page 39: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/39.jpg)
Linksys Firewall/Router
Features an advanced stateful packet inspection firewall
Does not block transmissions based on the application
Supports system traffic logging and event logging
![Page 40: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/40.jpg)
Linksys Firewall/Router Features
Web filter
Block WAN request
Multicast pass through
IPSec pass through
PPTP pass through
Remote management
![Page 41: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/41.jpg)
Microsoft ISA Server 2000
Enterprise firewall that integrates with Microsoft Windows 2000 operating system for policy-based security and management
Provides control over security, directory, virtual private networking (VPN), and bandwidth
Available in two product versions ISA Server Standard Edition ISA Server Enterprise Edition
![Page 42: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/42.jpg)
Microsoft ISA Server 2000
Provides two tightly integrated modes Multilayer firewall Web cache server
Software uses a multihomed server
Firewall protection is based on rules which are processed in a certain order
![Page 43: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/43.jpg)
Multihomed Server
![Page 44: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/44.jpg)
Order of Processing ISA Server Rules
Incoming requests1. Packet filters
2. Web publishing rules
3. Routing rules
4. Bandwidth rules
Outgoing requests1. Bandwidth rules
2. Protocol rules
3. Site and content rules
4. Routing rules
5. Packet filters
![Page 45: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/45.jpg)
Microsoft ISA Server Policy Elements
Schedules
Bandwidth priorities
Destination sets
Client Address sets
Content groups
![Page 46: Building Your Own Firewall](https://reader036.fdocuments.us/reader036/viewer/2022062315/56814d0b550346895dba4340/html5/thumbnails/46.jpg)
Chapter Summary
Types of firewalls currently available for enterprise, small office home office (SOHO), and single computer protection
Features of these firewalls that provide the necessary protection to help keep a network or computer secure