• No results found

Network Security - ISA 656 Intro to Firewalls

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Network Security - ISA 656 Intro to Firewalls"

Copied!
17
0
0

Loading.... (view fulltext now)

Download now ( 17 Page )

Full text

(1)

Network Security - ISA 656

Intro to Firewalls

Angelos Stavrou

(2)

What’s a Firewall

Intro to Firewalls

What’s a Firewall

Why Use Firewalls? Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

Devices examining traffic making access control

decisions

Divide the world between trusted and not

Only authorized traffic is allowed to pass

Act as Barrier between us and them.

Limits communication from the outside world.

The outside world can be another part of

the same organization.

(3)

Why Use Firewalls?

Intro to Firewalls What’s a Firewall

Why Use Firewalls?

Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

Most hosts have security holes.

Proof: Most software is buggy. Therefore,

most security software has security bugs.

Firewalls run much less code, and hence have

few bugs (and holes).

Firewalls can be professionally (and hence

(4)

Why Use Firewalls?

Intro to Firewalls What’s a Firewall

Why Use Firewalls?

Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

Firewalls run less software, with more logging

and monitoring.

They enforce the partition of a network into

separate security domains.

Without such a partition, a network acts as a

(5)

Traditional Firewalls by Analogy

Intro to Firewalls What’s a Firewall Why Use Firewalls?

Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

Passports are (generally) checked at the

border.

My office doesn’t have a door direct to the

outside.

(6)

Should We Fix the Network

Protocols Instead?

Intro to Firewalls What’s a Firewall Why Use Firewalls? Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

Network security is not the problem.

Firewalls are not a solution to network

problems. They are a network response to a

host security problem.

More precisely, they are a response to the

dismal state of software engineering; taken as

a whole, the profession does not know how to

produce software that is secure, correct, and

easy to administer.

Consequently, better network protocols will not

(7)

Firewall Advantages

Intro to Firewalls What’s a Firewall Why Use Firewalls? Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

If you don’t need it, get rid of it.

No ordinary users, and hence no passwords for

them

Run as few servers as possible

Install conservative software, don’t get the

latest fancy servers, etc.)

Log everything, and monitor the log files.

Keep copious backups, including a “Day 0”

backup.

(8)

Firewall Advantages

Intro to Firewalls What’s a Firewall Why Use Firewalls? Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

Can operate at various levels in the stack

Link, network, application

Examines packet headers of the appropriate

layer

(9)

Schematic of a Firewall

Intro to Firewalls What’s a Firewall Why Use Firewalls? Traditional Firewalls by Analogy

(10)

Conceptual Pieces

Intro to Firewalls What’s a Firewall Why Use Firewalls? Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

An “inside” — everyone on the inside is

presumed to be a good guy

An “outside” — bad guys live there

A “DMZ” (Demilitarized Zone) — put

(11)

The DMZ

Intro to Firewalls What’s a Firewall Why Use Firewalls? Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

(12)

Positioning Firewalls

Intro to Firewalls What’s a Firewall Why Use Firewalls? Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

(13)

Why Administrative Domains?

Intro to Firewalls What’s a Firewall Why Use Firewalls? Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

Firewalls enforce policy

Policy follows administrative boundaries, not

physical ones

Example: separate protection domains for

(14)

Splitting a Location

Intro to Firewalls What’s a Firewall Why Use Firewalls? Traditional Firewalls by Analogy

(15)

Firewall Philosophies

Intro to Firewalls What’s a Firewall Why Use Firewalls? Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

1. Block all dangerous destinations.

2. Block everything; unblock things known to be

both safe and necessary.

(16)

Blocking Outbound Traffic?

Intro to Firewalls What’s a Firewall Why Use Firewalls? Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

Many sites permit arbitrary outbound traffic,

but. . .

Internal bad guys?

Extrusion detection?

(17)

Next: Packet Filtering

Intro to Firewalls What’s a Firewall Why Use Firewalls? Traditional Firewalls by Analogy

Should We Fix the Network Protocols Instead? Firewall Advantages Schematic of a Firewall Conceptual Pieces The DMZ Positioning Firewalls Why Administrative Domains? Splitting a Location Firewall Philosophies Blocking Outbound Traffic? Next: Packet Filtering

Read the Readings list posted online

Ask questions

References

Download now ( PDF - 17 Page - 161.68 KB )

Related documents

FIREWALLS CHAPTER The Need for Firewalls Firewall Characteristics Types of Firewalls

application-level gateway bastion host circuit-level gateway distributed firewalls DMZ firewall host-based firewall IP address spoofing IP security (IPsec) packet filtering

Firewalls. CS 6v81 - Network Security. What is a firewall? Firewall capabilities. Firewall limitations. Firewall limitations, cont d

Firewall Deployment Topologies 19 Internet Packet filtering router Server Bastion host Private network hosts.  Screened host firewall system – dual-homed

215267572-v2500-Fam-New

The external gearbox assembly, which includes the high speed gearbox and angle gearbox, is installed at the bottom of the intermediate module.. It houses and drives multiple

Network Security. by David G. Messerschmitt. Secure and Insecure Authentication. Security Flaws in Public Servers. Firewalls and Packet Filtering

Firewalls provide a focus point (at the boundary of a trusted enclave) to enforce security policies, such as control of access, protocols, and applications. Using

Raptor Firewall Products

TCP/IP Internet Router Firewall Gateway Computer Web Server DMZ Subnet Firewall System Architecture Architecture Firewalls

Dr. György Kálmán

• Use network zones: create DMZ for data exchange, deny-all default policy for firewalls • Use security functions in protocols where available. • Security shall not compromise

Lab 7: Firewalls Stateful Firewalls and Edge Router Filtering

Network Security Stateful Firewalls & Edge Router Filtering – Rich Macfarlane 16 You should find that the stateful firewall allows the ICMP return traffic if the ping

ENIGMA SECURITY SOLUTIONS UN GLOBAL COMPACT COMMUNICATION ON PROGRESS 2021/22

Enigma only contracts to clients with appropriate Management, Health Safety & Environmental accreditations and Corporate Social Responsibility/ Sustainability Policies