28-08-2013, 04:56 PM
A SEMINAR ON DISTRIBUTED FIREWALL
DISTRIBUTED FIREWALL.pptx (Size: 279.72 KB / Downloads: 15)
Introduction:
Firewalls are core elements of network security.
Firewalls have been the frontier defense for secure networks against attacks and unauthorized traffic by filtering out unwanted network traffic coming from or going to the secured network.
Related Work:
The threat modeling approach takes a system and models it in terms of how it could and would be attacked; what are the entry points for an attacker, which parts of the system are vulnerable first, and what “surface” or interface does anattacker have to the system in which to find weaknesses.
Distributed Firewalls:
A central management node sets the security policy enforced by individual hosts.
Combination of high-level policy specification with file distribution mechanism.
Rule Placement and Insertion Algorithm:
The process of inserting a new rule in the global security policy is performed in two steps.
The first step is to identify the firewalls in which this rule should be placed.
The second step is to determine the proper order of the rule in each firewall such that no intrafirewall anomaly is created.
Managers & Probers:
Both Managers and Probers use a similar implementation style. Both are implemented in bash .Bash, an interpreted language, was chosen for two primary reasons.
Managers & Probers Cont:
Firstly because it is a very common interpreted language and thus can be deployed with little fore-knowledge of the system it will be deployed on.
Secondly because bash is very good at handling the interesting file redirection, threading and process monitoring.
Conclusion
Using Firewall Policy Advisor was shown to be very effective for firewalls in real-life networks. In regards to usability, the tool was able to discover filtering anomalies in rules written by expert network administrators.