15-12-2012, 05:55 PM
Firewall Technologies
1Firewall.ppt (Size: 370 KB / Downloads: 110)
The Nature of Today’s Attackers
Who are these “hackers” who are trying to break into your computer?
Most people imagine someone at a keyboard late at night, guessing passwords to steal confidential data from a computer system.
This type of attack does happen, but it makes up a very small portion of the total network attacks that occur.
Today, worms and viruses initiate the vast majority of attacks. Worms and viruses generally find their targets randomly.
As a result, even organizations with little or no confidential information need firewalls to protect their networks from these automated attackers.
What Is a Firewall?
The term firewall has been around for quite some time and originally was used to define a barrier constructed to prevent the spread of fire from one part of a building or structure to another. Network firewalls provide a barrier between networks that prevents or denies unwanted or unauthorized traffic.
Definition: A Network Firewall is a system or group of systems used to control access between two networks -- a trusted network and an untrusted network -- using pre-configured rules or filters.
Device that provides secure connectivity between networks (internal/external; varying levels of trust)
Used to implement and enforce a security policy for communication between networks
Firewalls can either be hardware and/or software based.
Firewalls History
Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity. The original idea was formed in response to a number of major internet security breaches, which occurred in the late 1980s.
First generation - packet filters
The first paper published on firewall technology was in 1988, when Jeff Mogul from Digital Equipment Corporatin (DEC) developed filter systems known as packet filter firewalls.
Second generation - circuit level
From 1980-1990 two colleagues from AT&T Company, developed the second generation of firewalls known as circuit level firewalls.
Third generation - application layer
Publications by Gene Spafford of Purdue University, Bill Cheswick at AT&T Laboratories described a third generation firewall. also known as proxy based firewalls.
Positive Effects
User authentication.
Firewalls can be configured to require user authentication. This allows network administrators to control ,track specific user activity. Auditing and logging.
By configuring a firewall to log and audit activity, information may be kept and analyzed at a later date.
How Firewalls Work
There are two security design logic approaches network firewalls use to make access control decisions.
Everything not specifically permitted is denied.
Everything not specifically denied is permitted.
The one most often recommended is everything not specifically permitted is denied.