SlideShare a Scribd company logo

FIREWALLS BY SAIKIRAN PANJALA

Download as PPTX, PDF
S
Saikiran Panjala

This document discusses firewalls and their types. It begins by explaining that firewalls protect networks by guarding entry points and are becoming more sophisticated. It then defines a firewall as a network security system that controls incoming and outgoing network traffic based on rules. The document outlines different generations of firewalls and describes four main types: packet filtering, stateful packet inspection, application gateways/proxies, and circuit-level gateways. It details the characteristics, strengths, and weaknesses of each type. Finally, it emphasizes that networks are still at risk of attacks and that firewalls have become ubiquitous, so choosing the right solution depends on needs, policies, resources.

1 of 30
FIREWALLS Presenting by ###### 12df@@@@@@ Under the guidance of @@@@@@@@@@
The increasing complexity of networks , and the need to make them more open due to growing emphasis and attractiveness of the Internet as a medium for business transactions, mean that networks are becoming more and more exposed to attacks. The search is on for mechanisms and techniques for the protection of internal networks from such attack. One of the protective mechanisms under serious consideration is the firewall. A Firewall protects a network by guarding the points of entry to it. Firewalls are becoming more sophisticated by the day, and new features are constantly being added, so that, in spite of the criticism made of them and developmental trends threatening them, they are still a powerful protective mechanism.
WHAT IS FIREWALL?  The term firewall has been around for quite some time and originally was used to define a barrier constructed to prevent the spread of fire from one part of building or structure to another. Network firewalls provide a barrier between networks that prevents or denies unwanted or unauthorized traffic.
DEFINITION:  A firewall is a network security system, either hardware or software based, that controls incoming and outgoing network traffic based on a set of rules. (OR)  A firewall is a system designed to prevent unauthorized access to or from a private network .Firewalls can be implemented in both hardware and software.
 NirZuk says he developed the technology used in all firewalls today .David Pensak claims to have built the first commercially successful firewall.  Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity. The original idea was formed in response to a number of major internet security problems, which occurred in the late 1980s.
FIRST GENERATION: The first paper published on firewall was in 1988,when Jeff Mogul from Digital Equipment Corporation(DEC) developed filter systems known as packet filter firewalls. SECOND GENERATION: From 1980-1990 two colleagues from AT&T Company, developed the second generation of firewalls known as circuit level firewalls. THIRD GENERATION: Publications by Gene Spafford of Purdue University, Bill Cheswick at AT&T Laboratories described a third generation firewall, also known as proxy based firewall.
Subsequent generations: In 1992,Bob Braden and Annette DeSchon at the University of Southern California(USC) were developing their own fourth generation packet filter firewall system. In 1994 an Israeli company called Check Point Software Technologies built this into readily available software known as FireWall-1. Cisco, one of the largest internet security companies in the world released their PIX “Private Internet Exchange” product to the public in 1997.
Positive effects: User authentication. Firewalls can be configured to require user authentication. This allows network administrators to control, track specific user activity. Auditing and logging. By configuring a firewall to log and audit activity, information may be kept and analyzed at a later date.
 Anti-Spoofing -Detecting when the source of the network traffic is being “spoofed” , i.e., when an individual attempting to access a blocked service alters the source address in the message so that the traffic is allowed.  Network Address Translation(NAT) – Changing the network addresses of devices on any side of the firewall to hide their true addresses from devices on other sides . There are two ways NAT is performed. 1) One-to-One : where each true address is translated to a unique translated address. 2) Many-to-One : where all true addresses are translated to a single address, usually that of the firewall.
 Virtual Private Networks VPNs are communications sessions traversing public networks that have been made virtually private through the use of encryption technology. VPN sessions are defined by creating a firewall rule that requires encryption for any session that meets specific criteria.
Negative Effects: Although firewall provide many benefits, negative effects may also be experienced.  Traffic bottlenecks . By forcing all the network traffic to pass through the firewall , there is a greater chance that the network will become congested.  Single point of failure . In most configurations where firewalls are the only link between networks, if they are not configured correctly or are unavailable , no traffic will be allowed through.
 Increased management responsibilities. A firewall often adds to network management responsibilities and makes network troubleshooting more complex.
 Firewalls types can be categorized depending on: - The function or methodologies the firewall use - Whether the communication is being done between a single node and the network or between two networks. - Whether the communication state is being tracked at the firewall or not.
By the Firewalls methodology :  Packet Filtering  Stateful Packet Inspection  Application Gateways/Proxies  Circuit Level Gateway
A packet filtering firewall does exactly what its name implies -- it filters packets. As each packet passes through the firewall, it is examined and information contained in the header is compared to a pre-configured set of rules or filters. An allow or deny decision is made based on the results of the comparison. Each packet is examined individually without regard to other packets that are part of the same connection.
 A packet filtering firewall is often called a network layer firewall because the filtering is primarily done at the network layer (layer three) or the transport layer (layer four) of the OSI reference model.
Strengths :  Packet filtering firewalls are typically less expensive. Many hardware devices and software packages have packet filtering features included as part of their standard package. Weaknesses:  Defining rules and filters on a packet filtering firewall can be a complex task.
 Stateful packet inspection uses the same fundamental technique that packet filtering does. In addition, it examines the packet header information from the network layer of the OSI model to the application layer to verify that the packet is part of a legitimate connection and the protocols are behaving as expected.
Strengths :  More secure than basic packet filtering firewalls. Because stateful packet inspection digs deeper into the packet header information to determine the connection state between endpoints.  Usually it have some logging capabilities. Logging can help identify and track the different types of traffic that pass though the firewall.
Weaknesses  Like packet filtering, stateful packet inspection does not break the client/server model and therefore allows a direct connection to be made between the two endpoints  Rules and filters in this packet screening method can become complex, hard to manage and difficult to test.
 This type of firewall operates at the application level of the OSI model. For source and destination endpoints to be able to communicate with each other, a proxy service must be implemented for each application protocol.  The gateways/proxies are carefully designed to be reliable and secure because they are the only connection point between the two networks.
FIREWALLS BY SAIKIRAN PANJALA
Strengths  Application gateways/proxies do not allow a direct connection to be made between endpoints. They actually break the client/server model.  Allow the network administrator to have more control over traffic passing through the firewall. They can permit or deny specific applications or specific features of an application.
Weaknesses  The most significant weakness is the impact they can have on performance.  Typically require additional client configuration. Clients on the network may require specialized software or configuration changes to be able to connect to the application gateway/proxy.
 Unlike a packet filtering firewall, a circuit-level gateway does not examine individual packets. Instead, circuit-level gateways monitor TCP or UDP sessions.  Once a session has been established, it leaves the port open to allow all other packets belonging to that session to pass. The port is closed when the session is terminated.  Circuit-level gateways operate at the transport layer (layer 4) of the OSI model.
2. With regard to the scope of filtered communications that done between a single node and the network, or between two or more networks there exist : ◦ Personal Firewalls, a software application which normally filters traffic entering or leaving a single computer. ◦ Network Firewalls, normally running on a dedicated network device or computer positioned on the boundary of two or more networks.
3. Finally, Types depending on whether the firewalls keeps track of the state of network connections or treats each packet in isolation, two additional categories of firewalls exist: ◦ Stateful firewall ◦ Stateless firewall
Stateful firewall keeps track of the state of network connections (such as TCP streams) traveling across it . Stateful firewall is able to hold in memory significant attributes of each connection, from start to finish. These attributes, which are collectively known as the state of the connection, may include such details as the IP addresses and ports involved in the connection and the sequence numbers of the packets traversing the connection. Stateless firewall Treats each network frame (Packet) in isolation. Such a firewall has no way of knowing if any given packet is part of an existing connection, is trying to establish a new connection, or is just a rogue packet. The classic example is the File Transfer Protocol, because by design it opens new connections to random ports.
 Don’t make the mistake of thinking that no one will attack your network, because with the rise in automated attack tools, your network is as much at risk as every other network on the Internet.  The need for firewalls has led to their ubiquity. Nearly every organization connected to the Internet has installed some sort of firewall.  When choosing and implementing a firewall solution, make a decision based on the organization's needs, security policy, technical analysis, and financial resources. Solutions available today utilize different types of equipment, network configurations, and software.
THANK YOU

More Related Content

What's hot

Passive monitoring to build Situational Awareness
Passive monitoring to build Situational AwarenessPassive monitoring to build Situational Awareness
Passive monitoring to build Situational Awareness
David Sweigert
 
Security Key Management Model for Low Rate Wireless Personal Area Networks
Security Key Management Model for Low Rate Wireless Personal Area NetworksSecurity Key Management Model for Low Rate Wireless Personal Area Networks
Security Key Management Model for Low Rate Wireless Personal Area Networks
CSCJournals
 
Firewall
Firewall Firewall
Firewall
Devashree Kumari
 
Firewals in Network Security NS10
Firewals in Network Security NS10Firewals in Network Security NS10
Firewals in Network Security NS10
koolkampus
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
Rashi Dhagat
 
Firewall
FirewallFirewall
Firewall
ArchanaMani2
 
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsLayered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Editor IJCATR
 
Ii2514901494
Ii2514901494Ii2514901494
Ii2514901494
IJERA Editor
 
Network security at_osi_layers
Network security at_osi_layersNetwork security at_osi_layers
Network security at_osi_layers
Federal Urdu University
 
Security issues
Security issuesSecurity issues
Security issues
Isaaq Mohammed
 
Flooding attack manet
Flooding attack manetFlooding attack manet
Flooding attack manet
Meena S Pandi
 
Wormhole attack
Wormhole attackWormhole attack
Wormhole attack
Harsh Kishore Mishra
 
Security and privacy in Wireless Sensor Networks
Security and privacy in Wireless Sensor NetworksSecurity and privacy in Wireless Sensor Networks
Security and privacy in Wireless Sensor Networks
Imran Khan
 
security in wireless sensor networks
security in wireless sensor networkssecurity in wireless sensor networks
security in wireless sensor networks
Vishnu Kudumula
 
Investigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a SecureInvestigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a Secure
Firas Alsayied
 
Wireless_Sensor_security
Wireless_Sensor_securityWireless_Sensor_security
Wireless_Sensor_security
Tosha Shah
 
Security in wireless sensor networks
Security in wireless sensor networksSecurity in wireless sensor networks
Security in wireless sensor networks
Piyush Mittal
 
Study of security attacks in manet
Study of security attacks in manetStudy of security attacks in manet
Study of security attacks in manet
Kunal Prajapati
 
Cr32585591
Cr32585591Cr32585591
Cr32585591
IJERA Editor
 

What's hot (19)

Passive monitoring to build Situational Awareness
Passive monitoring to build Situational AwarenessPassive monitoring to build Situational Awareness
Passive monitoring to build Situational Awareness
 
Security Key Management Model for Low Rate Wireless Personal Area Networks
Security Key Management Model for Low Rate Wireless Personal Area NetworksSecurity Key Management Model for Low Rate Wireless Personal Area Networks
Security Key Management Model for Low Rate Wireless Personal Area Networks
 
Firewall
Firewall Firewall
Firewall
 
Firewals in Network Security NS10
Firewals in Network Security NS10Firewals in Network Security NS10
Firewals in Network Security NS10
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
 
Firewall
FirewallFirewall
Firewall
 
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention SystemsLayered Approach for Preprocessing of Data in Intrusion Prevention Systems
Layered Approach for Preprocessing of Data in Intrusion Prevention Systems
 
Ii2514901494
Ii2514901494Ii2514901494
Ii2514901494
 
Network security at_osi_layers
Network security at_osi_layersNetwork security at_osi_layers
Network security at_osi_layers
 
Security issues
Security issuesSecurity issues
Security issues
 
Flooding attack manet
Flooding attack manetFlooding attack manet
Flooding attack manet
 
Wormhole attack
Wormhole attackWormhole attack
Wormhole attack
 
Security and privacy in Wireless Sensor Networks
Security and privacy in Wireless Sensor NetworksSecurity and privacy in Wireless Sensor Networks
Security and privacy in Wireless Sensor Networks
 
security in wireless sensor networks
security in wireless sensor networkssecurity in wireless sensor networks
security in wireless sensor networks
 
Investigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a SecureInvestigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a Secure
 
Wireless_Sensor_security
Wireless_Sensor_securityWireless_Sensor_security
Wireless_Sensor_security
 
Security in wireless sensor networks
Security in wireless sensor networksSecurity in wireless sensor networks
Security in wireless sensor networks
 
Study of security attacks in manet
Study of security attacks in manetStudy of security attacks in manet
Study of security attacks in manet
 
Cr32585591
Cr32585591Cr32585591
Cr32585591
 

Similar to FIREWALLS BY SAIKIRAN PANJALA

Firewall
FirewallFirewall
Firewall
syeda zoya mehdi
 
Firewall
FirewallFirewall
Firewall
reddivarihareesh
 
Firewall
FirewallFirewall
Firewall
Saurabh Chauhan
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
ImXaib
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
OECLIB Odisha Electronics Control Library
 
Firewall
FirewallFirewall
Firewall
Shiva Krishna Chandra Shekar
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
VC Infotech
 
Firewall
Firewall Firewall
Firewall
Amuthavalli Nachiyar
 
Firewall
FirewallFirewall
Firewall
Shamima Akther
 
Firewall
FirewallFirewall
Firewall
Naga Dinesh
 
Firewalls
FirewallsFirewalls
Firewalls
Shashwat Shriparv
 
Firewalls
FirewallsFirewalls
Firewalls
Shreya Singireddy
 
Cr32585591
Cr32585591Cr32585591
Cr32585591
IJERA Editor
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
Mohammed Maajidh
 
Firewall
FirewallFirewall
Firewall
Pankaj Kumawat
 
Firewall ppt.pptx
Firewall ppt.pptxFirewall ppt.pptx
Firewall ppt.pptx
BhushanLokhande12
 
Firewall ,Its types and Working.pptx
Firewall ,Its types and Working.pptxFirewall ,Its types and Working.pptx
Firewall ,Its types and Working.pptx
ShrayamManandhar
 
Watchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationWatchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetation
Kaveh Khosravi
 
Firewalls
FirewallsFirewalls
Firewalls
Vibhor Raut
 
Firewalls
FirewallsFirewalls
Firewalls
Sonali Parab
 

Similar to FIREWALLS BY SAIKIRAN PANJALA (20)

Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Firewall.pdf
Firewall.pdfFirewall.pdf
Firewall.pdf
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Firewall
FirewallFirewall
Firewall
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
Firewall
Firewall Firewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewalls
FirewallsFirewalls
Firewalls
 
Cr32585591
Cr32585591Cr32585591
Cr32585591
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
 
Firewall
FirewallFirewall
Firewall
 
Firewall ppt.pptx
Firewall ppt.pptxFirewall ppt.pptx
Firewall ppt.pptx
 
Firewall ,Its types and Working.pptx
Firewall ,Its types and Working.pptxFirewall ,Its types and Working.pptx
Firewall ,Its types and Working.pptx
 
Watchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationWatchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetation
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewalls
FirewallsFirewalls
Firewalls
 

More from Saikiran Panjala

DEVELOPMENT OF INTERNET BY SAIKIRAN PANJALA
DEVELOPMENT OF INTERNET BY SAIKIRAN PANJALADEVELOPMENT OF INTERNET BY SAIKIRAN PANJALA
DEVELOPMENT OF INTERNET BY SAIKIRAN PANJALA
Saikiran Panjala
 
VIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALA
VIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALAVIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALA
VIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALA
Saikiran Panjala
 
HUMAN COMPUTER INTERACTION TECHNIQUES BY SAIKIRAN PANJALA
HUMAN COMPUTER INTERACTION TECHNIQUES BY SAIKIRAN PANJALAHUMAN COMPUTER INTERACTION TECHNIQUES BY SAIKIRAN PANJALA
HUMAN COMPUTER INTERACTION TECHNIQUES BY SAIKIRAN PANJALA
Saikiran Panjala
 
A Technical Seminar on Quantum Computers By SAIKIRAN PANJALA
A Technical Seminar on Quantum Computers By SAIKIRAN PANJALAA Technical Seminar on Quantum Computers By SAIKIRAN PANJALA
A Technical Seminar on Quantum Computers By SAIKIRAN PANJALA
Saikiran Panjala
 
Voice over IP By SAIKIRAN PANJALA
Voice over IP By SAIKIRAN PANJALAVoice over IP By SAIKIRAN PANJALA
Voice over IP By SAIKIRAN PANJALA
Saikiran Panjala
 
LATEST TRENDS IN ANDROID TECHNOLOGY BY SAIKIRAN PANJALA
LATEST TRENDS IN ANDROID TECHNOLOGY BY SAIKIRAN PANJALALATEST TRENDS IN ANDROID TECHNOLOGY BY SAIKIRAN PANJALA
LATEST TRENDS IN ANDROID TECHNOLOGY BY SAIKIRAN PANJALA
Saikiran Panjala
 
DATA WAREHOUSE IMPLEMENTATION BY SAIKIRAN PANJALA
DATA WAREHOUSE IMPLEMENTATION BY SAIKIRAN PANJALADATA WAREHOUSE IMPLEMENTATION BY SAIKIRAN PANJALA
DATA WAREHOUSE IMPLEMENTATION BY SAIKIRAN PANJALA
Saikiran Panjala
 
Mobile Voice over Internet Protocol By SAIKIRAN PANJALA
Mobile Voice over Internet Protocol By SAIKIRAN PANJALAMobile Voice over Internet Protocol By SAIKIRAN PANJALA
Mobile Voice over Internet Protocol By SAIKIRAN PANJALA
Saikiran Panjala
 
FEATURES OF CLOUD COMPUTING BY SAIKIRAN PANJALA
FEATURES OF CLOUD COMPUTING BY SAIKIRAN PANJALAFEATURES OF CLOUD COMPUTING BY SAIKIRAN PANJALA
FEATURES OF CLOUD COMPUTING BY SAIKIRAN PANJALA
Saikiran Panjala
 
CLOUD COMPUTING AND SERVICES BY SAIKIRAN PANJALA
CLOUD COMPUTING AND SERVICES BY SAIKIRAN PANJALACLOUD COMPUTING AND SERVICES BY SAIKIRAN PANJALA
CLOUD COMPUTING AND SERVICES BY SAIKIRAN PANJALA
Saikiran Panjala
 
Digital Audio Broadcasting By SAIKIRAN PANJALA
Digital Audio Broadcasting By SAIKIRAN PANJALADigital Audio Broadcasting By SAIKIRAN PANJALA
Digital Audio Broadcasting By SAIKIRAN PANJALA
Saikiran Panjala
 
Bluetooth Based Smart Sensor Network By SAIKIRAN PANJALA
Bluetooth Based Smart Sensor Network By SAIKIRAN PANJALABluetooth Based Smart Sensor Network By SAIKIRAN PANJALA
Bluetooth Based Smart Sensor Network By SAIKIRAN PANJALA
Saikiran Panjala
 
AN ATM WITH AN EYE BY SAIKIRAN PANJALA
AN ATM WITH AN EYE BY SAIKIRAN PANJALAAN ATM WITH AN EYE BY SAIKIRAN PANJALA
AN ATM WITH AN EYE BY SAIKIRAN PANJALA
Saikiran Panjala
 
EXTENSIBLE MARKUP LANGUAGE BY SAIKIRAN PANJALA
EXTENSIBLE MARKUP LANGUAGE BY SAIKIRAN PANJALAEXTENSIBLE MARKUP LANGUAGE BY SAIKIRAN PANJALA
EXTENSIBLE MARKUP LANGUAGE BY SAIKIRAN PANJALA
Saikiran Panjala
 
WIRELESS NETWORKED DIGITAL DEVICES BY SAIKIRAN PANJALA
WIRELESS NETWORKED DIGITAL DEVICES BY SAIKIRAN PANJALAWIRELESS NETWORKED DIGITAL DEVICES BY SAIKIRAN PANJALA
WIRELESS NETWORKED DIGITAL DEVICES BY SAIKIRAN PANJALA
Saikiran Panjala
 
DATA BASE MANAGEMENT SYSTEM BY SAIKIRAN PANJALA
DATA BASE MANAGEMENT SYSTEM BY SAIKIRAN PANJALADATA BASE MANAGEMENT SYSTEM BY SAIKIRAN PANJALA
DATA BASE MANAGEMENT SYSTEM BY SAIKIRAN PANJALA
Saikiran Panjala
 
ACTIVE SERVER PAGES BY SAIKIRAN PANJALA
ACTIVE SERVER PAGES BY SAIKIRAN PANJALAACTIVE SERVER PAGES BY SAIKIRAN PANJALA
ACTIVE SERVER PAGES BY SAIKIRAN PANJALA
Saikiran Panjala
 
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALAGSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
Saikiran Panjala
 
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALAINTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
Saikiran Panjala
 
DVD TECHNOLOGY SANTHOSH GUNDA BY SAIKIRAN PANJALA
DVD TECHNOLOGY SANTHOSH GUNDA BY SAIKIRAN PANJALADVD TECHNOLOGY SANTHOSH GUNDA BY SAIKIRAN PANJALA
DVD TECHNOLOGY SANTHOSH GUNDA BY SAIKIRAN PANJALA
Saikiran Panjala
 

More from Saikiran Panjala (20)

DEVELOPMENT OF INTERNET BY SAIKIRAN PANJALA
DEVELOPMENT OF INTERNET BY SAIKIRAN PANJALADEVELOPMENT OF INTERNET BY SAIKIRAN PANJALA
DEVELOPMENT OF INTERNET BY SAIKIRAN PANJALA
 
VIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALA
VIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALAVIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALA
VIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALA
 
HUMAN COMPUTER INTERACTION TECHNIQUES BY SAIKIRAN PANJALA
HUMAN COMPUTER INTERACTION TECHNIQUES BY SAIKIRAN PANJALAHUMAN COMPUTER INTERACTION TECHNIQUES BY SAIKIRAN PANJALA
HUMAN COMPUTER INTERACTION TECHNIQUES BY SAIKIRAN PANJALA
 
A Technical Seminar on Quantum Computers By SAIKIRAN PANJALA
A Technical Seminar on Quantum Computers By SAIKIRAN PANJALAA Technical Seminar on Quantum Computers By SAIKIRAN PANJALA
A Technical Seminar on Quantum Computers By SAIKIRAN PANJALA
 
Voice over IP By SAIKIRAN PANJALA
Voice over IP By SAIKIRAN PANJALAVoice over IP By SAIKIRAN PANJALA
Voice over IP By SAIKIRAN PANJALA
 
LATEST TRENDS IN ANDROID TECHNOLOGY BY SAIKIRAN PANJALA
LATEST TRENDS IN ANDROID TECHNOLOGY BY SAIKIRAN PANJALALATEST TRENDS IN ANDROID TECHNOLOGY BY SAIKIRAN PANJALA
LATEST TRENDS IN ANDROID TECHNOLOGY BY SAIKIRAN PANJALA
 
DATA WAREHOUSE IMPLEMENTATION BY SAIKIRAN PANJALA
DATA WAREHOUSE IMPLEMENTATION BY SAIKIRAN PANJALADATA WAREHOUSE IMPLEMENTATION BY SAIKIRAN PANJALA
DATA WAREHOUSE IMPLEMENTATION BY SAIKIRAN PANJALA
 
Mobile Voice over Internet Protocol By SAIKIRAN PANJALA
Mobile Voice over Internet Protocol By SAIKIRAN PANJALAMobile Voice over Internet Protocol By SAIKIRAN PANJALA
Mobile Voice over Internet Protocol By SAIKIRAN PANJALA
 
FEATURES OF CLOUD COMPUTING BY SAIKIRAN PANJALA
FEATURES OF CLOUD COMPUTING BY SAIKIRAN PANJALAFEATURES OF CLOUD COMPUTING BY SAIKIRAN PANJALA
FEATURES OF CLOUD COMPUTING BY SAIKIRAN PANJALA
 
CLOUD COMPUTING AND SERVICES BY SAIKIRAN PANJALA
CLOUD COMPUTING AND SERVICES BY SAIKIRAN PANJALACLOUD COMPUTING AND SERVICES BY SAIKIRAN PANJALA
CLOUD COMPUTING AND SERVICES BY SAIKIRAN PANJALA
 
Digital Audio Broadcasting By SAIKIRAN PANJALA
Digital Audio Broadcasting By SAIKIRAN PANJALADigital Audio Broadcasting By SAIKIRAN PANJALA
Digital Audio Broadcasting By SAIKIRAN PANJALA
 
Bluetooth Based Smart Sensor Network By SAIKIRAN PANJALA
Bluetooth Based Smart Sensor Network By SAIKIRAN PANJALABluetooth Based Smart Sensor Network By SAIKIRAN PANJALA
Bluetooth Based Smart Sensor Network By SAIKIRAN PANJALA
 
AN ATM WITH AN EYE BY SAIKIRAN PANJALA
AN ATM WITH AN EYE BY SAIKIRAN PANJALAAN ATM WITH AN EYE BY SAIKIRAN PANJALA
AN ATM WITH AN EYE BY SAIKIRAN PANJALA
 
EXTENSIBLE MARKUP LANGUAGE BY SAIKIRAN PANJALA
EXTENSIBLE MARKUP LANGUAGE BY SAIKIRAN PANJALAEXTENSIBLE MARKUP LANGUAGE BY SAIKIRAN PANJALA
EXTENSIBLE MARKUP LANGUAGE BY SAIKIRAN PANJALA
 
WIRELESS NETWORKED DIGITAL DEVICES BY SAIKIRAN PANJALA
WIRELESS NETWORKED DIGITAL DEVICES BY SAIKIRAN PANJALAWIRELESS NETWORKED DIGITAL DEVICES BY SAIKIRAN PANJALA
WIRELESS NETWORKED DIGITAL DEVICES BY SAIKIRAN PANJALA
 
DATA BASE MANAGEMENT SYSTEM BY SAIKIRAN PANJALA
DATA BASE MANAGEMENT SYSTEM BY SAIKIRAN PANJALADATA BASE MANAGEMENT SYSTEM BY SAIKIRAN PANJALA
DATA BASE MANAGEMENT SYSTEM BY SAIKIRAN PANJALA
 
ACTIVE SERVER PAGES BY SAIKIRAN PANJALA
ACTIVE SERVER PAGES BY SAIKIRAN PANJALAACTIVE SERVER PAGES BY SAIKIRAN PANJALA
ACTIVE SERVER PAGES BY SAIKIRAN PANJALA
 
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALAGSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
 
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALAINTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
 
DVD TECHNOLOGY SANTHOSH GUNDA BY SAIKIRAN PANJALA
DVD TECHNOLOGY SANTHOSH GUNDA BY SAIKIRAN PANJALADVD TECHNOLOGY SANTHOSH GUNDA BY SAIKIRAN PANJALA
DVD TECHNOLOGY SANTHOSH GUNDA BY SAIKIRAN PANJALA
 

Recently uploaded

Introduction to IP address concept - Computer Networking
Introduction to IP address concept - Computer NetworkingIntroduction to IP address concept - Computer Networking
Introduction to IP address concept - Computer Networking
Md.Shohel Rana ( M.Sc in CSE Khulna University of Engineering & Technology (KUET))
 
Quadcopter Dynamics, Stability and Control
Quadcopter Dynamics, Stability and ControlQuadcopter Dynamics, Stability and Control
Quadcopter Dynamics, Stability and Control
Blesson Easo Varghese
 
Paharganj @ℂall @Girls ꧁❤ 9873777170 ❤꧂VIP Arti Singh Top Model Safe
Paharganj @ℂall @Girls ꧁❤ 9873777170 ❤꧂VIP Arti Singh Top Model SafePaharganj @ℂall @Girls ꧁❤ 9873777170 ❤꧂VIP Arti Singh Top Model Safe
Paharganj @ℂall @Girls ꧁❤ 9873777170 ❤꧂VIP Arti Singh Top Model Safe
aarusi sexy model
 
Phone Us ❤ X000XX000X ❤ #ℂall #gIRLS In Chennai By Chenai @ℂall @Girls Hotel ...
Phone Us ❤ X000XX000X ❤ #ℂall #gIRLS In Chennai By Chenai @ℂall @Girls Hotel ...Phone Us ❤ X000XX000X ❤ #ℂall #gIRLS In Chennai By Chenai @ℂall @Girls Hotel ...
Phone Us ❤ X000XX000X ❤ #ℂall #gIRLS In Chennai By Chenai @ℂall @Girls Hotel ...
Miss Khusi #V08
 
Germany Offshore Wind 010724 RE (1) 2 test.pptx
Germany Offshore Wind 010724 RE (1) 2 test.pptxGermany Offshore Wind 010724 RE (1) 2 test.pptx
Germany Offshore Wind 010724 RE (1) 2 test.pptx
rebecca841358
 
IWISS Catalog 2024
IWISS Catalog 2024IWISS Catalog 2024
IWISS Catalog 2024
Iwiss Tools Co.,Ltd
 
1239_2.pdf IS CODE FOR GI PIPE FOR PROCUREMENT
1239_2.pdf IS CODE FOR GI PIPE FOR PROCUREMENT1239_2.pdf IS CODE FOR GI PIPE FOR PROCUREMENT
1239_2.pdf IS CODE FOR GI PIPE FOR PROCUREMENT
Mani Krishna Sarkar
 
GUIA_LEGAL_CHAPTER-9_COLOMBIAN ELECTRICITY (1).pdf
GUIA_LEGAL_CHAPTER-9_COLOMBIAN ELECTRICITY (1).pdfGUIA_LEGAL_CHAPTER-9_COLOMBIAN ELECTRICITY (1).pdf
GUIA_LEGAL_CHAPTER-9_COLOMBIAN ELECTRICITY (1).pdf
ProexportColombia1
 
Conservation of Taksar through Economic Regeneration
Conservation of Taksar through Economic RegenerationConservation of Taksar through Economic Regeneration
Conservation of Taksar through Economic Regeneration
PriyankaKarn3
 
Unblocking The Main Thread - Solving ANRs and Frozen Frames
Unblocking The Main Thread - Solving ANRs and Frozen FramesUnblocking The Main Thread - Solving ANRs and Frozen Frames
Unblocking The Main Thread - Solving ANRs and Frozen Frames
Sinan KOZAK
 
How to Manage Internal Notes in Odoo 17 POS
How to Manage Internal Notes in Odoo 17 POSHow to Manage Internal Notes in Odoo 17 POS
How to Manage Internal Notes in Odoo 17 POS
Celine George
 
Biology for computer science BBOC407 vtu
Biology for computer science BBOC407 vtuBiology for computer science BBOC407 vtu
Biology for computer science BBOC407 vtu
santoshpatilrao33
 
Unit 1 Information Storage and Retrieval
Unit 1 Information Storage and RetrievalUnit 1 Information Storage and Retrieval
Unit 1 Information Storage and Retrieval
KishorMahale5
 
kiln burning and kiln burner system for clinker
kiln burning and kiln burner system for clinkerkiln burning and kiln burner system for clinker
kiln burning and kiln burner system for clinker
hamedmustafa094
 
CONVEGNO DA IRETI 18 giugno 2024 | PASQUALE Donato
CONVEGNO DA IRETI 18 giugno 2024 | PASQUALE DonatoCONVEGNO DA IRETI 18 giugno 2024 | PASQUALE Donato
CONVEGNO DA IRETI 18 giugno 2024 | PASQUALE Donato
Servizi a rete
 
Natural Is The Best: Model-Agnostic Code Simplification for Pre-trained Large...
Natural Is The Best: Model-Agnostic Code Simplification for Pre-trained Large...Natural Is The Best: Model-Agnostic Code Simplification for Pre-trained Large...
Natural Is The Best: Model-Agnostic Code Simplification for Pre-trained Large...
YanKing2
 
Advances in Detect and Avoid for Unmanned Aircraft Systems and Advanced Air M...
Advances in Detect and Avoid for Unmanned Aircraft Systems and Advanced Air M...Advances in Detect and Avoid for Unmanned Aircraft Systems and Advanced Air M...
Advances in Detect and Avoid for Unmanned Aircraft Systems and Advanced Air M...
VICTOR MAESTRE RAMIREZ
 
LeetCode Database problems solved using PySpark.pdf
LeetCode Database problems solved using PySpark.pdfLeetCode Database problems solved using PySpark.pdf
LeetCode Database problems solved using PySpark.pdf
pavanaroshni1977
 
Net Zero Case Study: SRK House and SRK Empire
Net Zero Case Study: SRK House and SRK EmpireNet Zero Case Study: SRK House and SRK Empire
Net Zero Case Study: SRK House and SRK Empire
Global Network for Zero
 
Press Tool and It's Primary Components.pdf
Press Tool and It's Primary Components.pdfPress Tool and It's Primary Components.pdf
Press Tool and It's Primary Components.pdf
Tool and Die Tech
 

Recently uploaded (20)

Introduction to IP address concept - Computer Networking
Introduction to IP address concept - Computer NetworkingIntroduction to IP address concept - Computer Networking
Introduction to IP address concept - Computer Networking
 
Quadcopter Dynamics, Stability and Control
Quadcopter Dynamics, Stability and ControlQuadcopter Dynamics, Stability and Control
Quadcopter Dynamics, Stability and Control
 
Paharganj @ℂall @Girls ꧁❤ 9873777170 ❤꧂VIP Arti Singh Top Model Safe
Paharganj @ℂall @Girls ꧁❤ 9873777170 ��꧂VIP Arti Singh Top Model SafePaharganj @ℂall @Girls ꧁❤ 9873777170 ❤꧂VIP Arti Singh Top Model Safe
Paharganj @ℂall @Girls ꧁❤ 9873777170 ❤꧂VIP Arti Singh Top Model Safe
 
Phone Us ❤ X000XX000X ❤ #ℂall #gIRLS In Chennai By Chenai @ℂall @Girls Hotel ...
Phone Us ❤ X000XX000X ❤ #ℂall #gIRLS In Chennai By Chenai @ℂall @Girls Hotel ...Phone Us ❤ X000XX000X ❤ #ℂall #gIRLS In Chennai By Chenai @ℂall @Girls Hotel ...
Phone Us ❤ X000XX000X ❤ #ℂall #gIRLS In Chennai By Chenai @ℂall @Girls Hotel ...
 
Germany Offshore Wind 010724 RE (1) 2 test.pptx
Germany Offshore Wind 010724 RE (1) 2 test.pptxGermany Offshore Wind 010724 RE (1) 2 test.pptx
Germany Offshore Wind 010724 RE (1) 2 test.pptx
 
IWISS Catalog 2024
IWISS Catalog 2024IWISS Catalog 2024
IWISS Catalog 2024
 
1239_2.pdf IS CODE FOR GI PIPE FOR PROCUREMENT
1239_2.pdf IS CODE FOR GI PIPE FOR PROCUREMENT1239_2.pdf IS CODE FOR GI PIPE FOR PROCUREMENT
1239_2.pdf IS CODE FOR GI PIPE FOR PROCUREMENT
 
GUIA_LEGAL_CHAPTER-9_COLOMBIAN ELECTRICITY (1).pdf
GUIA_LEGAL_CHAPTER-9_COLOMBIAN ELECTRICITY (1).pdfGUIA_LEGAL_CHAPTER-9_COLOMBIAN ELECTRICITY (1).pdf
GUIA_LEGAL_CHAPTER-9_COLOMBIAN ELECTRICITY (1).pdf
 
Conservation of Taksar through Economic Regeneration
Conservation of Taksar through Economic RegenerationConservation of Taksar through Economic Regeneration
Conservation of Taksar through Economic Regeneration
 
Unblocking The Main Thread - Solving ANRs and Frozen Frames
Unblocking The Main Thread - Solving ANRs and Frozen FramesUnblocking The Main Thread - Solving ANRs and Frozen Frames
Unblocking The Main Thread - Solving ANRs and Frozen Frames
 
How to Manage Internal Notes in Odoo 17 POS
How to Manage Internal Notes in Odoo 17 POSHow to Manage Internal Notes in Odoo 17 POS
How to Manage Internal Notes in Odoo 17 POS
 
Biology for computer science BBOC407 vtu
Biology for computer science BBOC407 vtuBiology for computer science BBOC407 vtu
Biology for computer science BBOC407 vtu
 
Unit 1 Information Storage and Retrieval
Unit 1 Information Storage and RetrievalUnit 1 Information Storage and Retrieval
Unit 1 Information Storage and Retrieval
 
kiln burning and kiln burner system for clinker
kiln burning and kiln burner system for clinkerkiln burning and kiln burner system for clinker
kiln burning and kiln burner system for clinker
 
CONVEGNO DA IRETI 18 giugno 2024 | PASQUALE Donato
CONVEGNO DA IRETI 18 giugno 2024 | PASQUALE DonatoCONVEGNO DA IRETI 18 giugno 2024 | PASQUALE Donato
CONVEGNO DA IRETI 18 giugno 2024 | PASQUALE Donato
 
Natural Is The Best: Model-Agnostic Code Simplification for Pre-trained Large...
Natural Is The Best: Model-Agnostic Code Simplification for Pre-trained Large...Natural Is The Best: Model-Agnostic Code Simplification for Pre-trained Large...
Natural Is The Best: Model-Agnostic Code Simplification for Pre-trained Large...
 
Advances in Detect and Avoid for Unmanned Aircraft Systems and Advanced Air M...
Advances in Detect and Avoid for Unmanned Aircraft Systems and Advanced Air M...Advances in Detect and Avoid for Unmanned Aircraft Systems and Advanced Air M...
Advances in Detect and Avoid for Unmanned Aircraft Systems and Advanced Air M...
 
LeetCode Database problems solved using PySpark.pdf
LeetCode Database problems solved using PySpark.pdfLeetCode Database problems solved using PySpark.pdf
LeetCode Database problems solved using PySpark.pdf
 
Net Zero Case Study: SRK House and SRK Empire
Net Zero Case Study: SRK House and SRK EmpireNet Zero Case Study: SRK House and SRK Empire
Net Zero Case Study: SRK House and SRK Empire
 
Press Tool and It's Primary Components.pdf
Press Tool and It's Primary Components.pdfPress Tool and It's Primary Components.pdf
Press Tool and It's Primary Components.pdf
 

FIREWALLS BY SAIKIRAN PANJALA

  • 2. The increasing complexity of networks , and the need to make them more open due to growing emphasis and attractiveness of the Internet as a medium for business transactions, mean that networks are becoming more and more exposed to attacks. The search is on for mechanisms and techniques for the protection of internal networks from such attack. One of the protective mechanisms under serious consideration is the firewall. A Firewall protects a network by guarding the points of entry to it. Firewalls are becoming more sophisticated by the day, and new features are constantly being added, so that, in spite of the criticism made of them and developmental trends threatening them, they are still a powerful protective mechanism.
  • 3. WHAT IS FIREWALL?  The term firewall has been around for quite some time and originally was used to define a barrier constructed to prevent the spread of fire from one part of building or structure to another. Network firewalls provide a barrier between networks that prevents or denies unwanted or unauthorized traffic.
  • 4. DEFINITION:  A firewall is a network security system, either hardware or software based, that controls incoming and outgoing network traffic based on a set of rules. (OR)  A firewall is a system designed to prevent unauthorized access to or from a private network .Firewalls can be implemented in both hardware and software.
  • 5.  NirZuk says he developed the technology used in all firewalls today .David Pensak claims to have built the first commercially successful firewall.  Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity. The original idea was formed in response to a number of major internet security problems, which occurred in the late 1980s.
  • 6. FIRST GENERATION: The first paper published on firewall was in 1988,when Jeff Mogul from Digital Equipment Corporation(DEC) developed filter systems known as packet filter firewalls. SECOND GENERATION: From 1980-1990 two colleagues from AT&T Company, developed the second generation of firewalls known as circuit level firewalls. THIRD GENERATION: Publications by Gene Spafford of Purdue University, Bill Cheswick at AT&T Laboratories described a third generation firewall, also known as proxy based firewall.
  • 7. Subsequent generations: In 1992,Bob Braden and Annette DeSchon at the University of Southern California(USC) were developing their own fourth generation packet filter firewall system. In 1994 an Israeli company called Check Point Software Technologies built this into readily available software known as FireWall-1. Cisco, one of the largest internet security companies in the world released their PIX “Private Internet Exchange” product to the public in 1997.
  • 8. Positive effects: User authentication. Firewalls can be configured to require user authentication. This allows network administrators to control, track specific user activity. Auditing and logging. By configuring a firewall to log and audit activity, information may be kept and analyzed at a later date.
  • 9.  Anti-Spoofing -Detecting when the source of the network traffic is being “spoofed” , i.e., when an individual attempting to access a blocked service alters the source address in the message so that the traffic is allowed.  Network Address Translation(NAT) – Changing the network addresses of devices on any side of the firewall to hide their true addresses from devices on other sides . There are two ways NAT is performed. 1) One-to-One : where each true address is translated to a unique translated address. 2) Many-to-One : where all true addresses are translated to a single address, usually that of the firewall.
  • 10.  Virtual Private Networks VPNs are communications sessions traversing public networks that have been made virtually private through the use of encryption technology. VPN sessions are defined by creating a firewall rule that requires encryption for any session that meets specific criteria.
  • 11. Negative Effects: Although firewall provide many benefits, negative effects may also be experienced.  Traffic bottlenecks . By forcing all the network traffic to pass through the firewall , there is a greater chance that the network will become congested.  Single point of failure . In most configurations where firewalls are the only link between networks, if they are not configured correctly or are unavailable , no traffic will be allowed through.
  • 12.  Increased management responsibilities. A firewall often adds to network management responsibilities and makes network troubleshooting more complex.
  • 13.  Firewalls types can be categorized depending on: - The function or methodologies the firewall use - Whether the communication is being done between a single node and the network or between two networks. - Whether the communication state is being tracked at the firewall or not.
  • 14. By the Firewalls methodology :  Packet Filtering  Stateful Packet Inspection  Application Gateways/Proxies  Circuit Level Gateway
  • 15. A packet filtering firewall does exactly what its name implies -- it filters packets. As each packet passes through the firewall, it is examined and information contained in the header is compared to a pre-configured set of rules or filters. An allow or deny decision is made based on the results of the comparison. Each packet is examined individually without regard to other packets that are part of the same connection.
  • 16.  A packet filtering firewall is often called a network layer firewall because the filtering is primarily done at the network layer (layer three) or the transport layer (layer four) of the OSI reference model.
  • 17. Strengths :  Packet filtering firewalls are typically less expensive. Many hardware devices and software packages have packet filtering features included as part of their standard package. Weaknesses:  Defining rules and filters on a packet filtering firewall can be a complex task.
  • 18.  Stateful packet inspection uses the same fundamental technique that packet filtering does. In addition, it examines the packet header information from the network layer of the OSI model to the application layer to verify that the packet is part of a legitimate connection and the protocols are behaving as expected.
  • 19. Strengths :  More secure than basic packet filtering firewalls. Because stateful packet inspection digs deeper into the packet header information to determine the connection state between endpoints.  Usually it have some logging capabilities. Logging can help identify and track the different types of traffic that pass though the firewall.
  • 20. Weaknesses  Like packet filtering, stateful packet inspection does not break the client/server model and therefore allows a direct connection to be made between the two endpoints  Rules and filters in this packet screening method can become complex, hard to manage and difficult to test.
  • 21.  This type of firewall operates at the application level of the OSI model. For source and destination endpoints to be able to communicate with each other, a proxy service must be implemented for each application protocol.  The gateways/proxies are carefully designed to be reliable and secure because they are the only connection point between the two networks.
  • 23. Strengths  Application gateways/proxies do not allow a direct connection to be made between endpoints. They actually break the client/server model.  Allow the network administrator to have more control over traffic passing through the firewall. They can permit or deny specific applications or specific features of an application.
  • 24. Weaknesses  The most significant weakness is the impact they can have on performance.  Typically require additional client configuration. Clients on the network may require specialized software or configuration changes to be able to connect to the application gateway/proxy.
  • 25.  Unlike a packet filtering firewall, a circuit-level gateway does not examine individual packets. Instead, circuit-level gateways monitor TCP or UDP sessions.  Once a session has been established, it leaves the port open to allow all other packets belonging to that session to pass. The port is closed when the session is terminated.  Circuit-level gateways operate at the transport layer (layer 4) of the OSI model.
  • 26. 2. With regard to the scope of filtered communications that done between a single node and the network, or between two or more networks there exist : ◦ Personal Firewalls, a software application which normally filters traffic entering or leaving a single computer. ◦ Network Firewalls, normally running on a dedicated network device or computer positioned on the boundary of two or more networks.
  • 27. 3. Finally, Types depending on whether the firewalls keeps track of the state of network connections or treats each packet in isolation, two additional categories of firewalls exist: ◦ Stateful firewall ◦ Stateless firewall
  • 28. Stateful firewall keeps track of the state of network connections (such as TCP streams) traveling across it . Stateful firewall is able to hold in memory significant attributes of each connection, from start to finish. These attributes, which are collectively known as the state of the connection, may include such details as the IP addresses and ports involved in the connection and the sequence numbers of the packets traversing the connection. Stateless firewall Treats each network frame (Packet) in isolation. Such a firewall has no way of knowing if any given packet is part of an existing connection, is trying to establish a new connection, or is just a rogue packet. The classic example is the File Transfer Protocol, because by design it opens new connections to random ports.
  • 29.  Don’t make the mistake of thinking that no one will attack your network, because with the rise in automated attack tools, your network is as much at risk as every other network on the Internet.  The need for firewalls has led to their ubiquity. Nearly every organization connected to the Internet has installed some sort of firewall.  When choosing and implementing a firewall solution, make a decision based on the organization's needs, security policy, technical analysis, and financial resources. Solutions available today utilize different types of equipment, network configurations, and software.