Firewall and its types FirewallQ Definition: A Network Firewall is a system or group of systems used to control access between two networks. i.e. a trusted network and an untrusted network using pre-configured rules or filters. All messages entering or leaving the intranet pass through the firewall, which examines each message & blocks those that do not meet the specified security criteria.O Firewall is device that provides secure connectivity between networks (internal/ external). M O Itis used to implement and enforce a security policy for \ roe communication between networks. 2 Q A firewall may be a hardware, software or a combination of both that is used to prevent unauthorized program or internet users from accessing a private network or a single computer.Why do we need a firewal Q To protect confidential information from those who do not explicitly need to access it. Q To protect our network & its resources from malicious users & accidents that originate outside of our network.rewall Types of Q Hardware firewall Q Software firewall ‘user's PC ac teTypes of firewall Q Hardware firewall: It is a physical device. It can be installed between the modem and computer. Itcan be incorporated into a broadband router being used to share the internet connection. Protects an entire network. Usually more expensive, harder to configure. E.g.- Cisco pix, Netscreen, Watchguard etc.Types of firewall Software firewall: Itis a software application, Itis installed onto the computer system that you wish to protect. Protects a single computer. This is usually the computer with modem attached to it. Usually less expensive, easier to configure. E.g.- Norton internet security, MacAfee internet security etc.Types of firewall technique Q Packet filter O Application gateway O Circuit-level gateway Q Bastion host Types of FirewallsPacket filter O It looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. QO Packet filtering is fairly effective & transparent to users, but it is difficult to configure. O In addition, it is susceptible to IP spoofing.Application gateway Q Insuch type of firewall remote host or network can interact only with proxy server, proxy server is responsible for hiding the details of the internal network ie. intranet. Users uses TCP/IP application, such as FTP & Telnet servers. This is very effective, but can impose a performance degradation.Circuit — level gateway Q This can be a stand alone system or it can be a specialized functions performed by an application level gateway for certain applications. It does not permit an end-to-end TCP connection; rather, the gateway sets two TCP connections. QO Atypical use of the circuit — level gateway is a situation in which the system administrator trusts the internal users. O The gateway can be configured to support application level or proxy service on inbound connections and circuit level functions for outbound connections.Bastion Host Q Bastion host is a special purpose computer on a network specifically designed and configured to withstand attacks. G Itgenerally hosts a single application, provides platform for application gateway and circuit- level gateway. Q Itsupports limited/specific applications to reduce the threat to the computer. « Include application-Telnet, SMTP, FTPWhat a personal firewall can do Q Stop hackers from accessing your computer. Q Protect your personal information. Q Blocks “pop up” ads and certain cookies. Q Determines which programs can access the internet. Q Block invalid packets.What a personal firewall can not d Q Cannot prevent e-mail viruses "Only an antivirus product with update definitions can prevent e-mail viruses. O After setting it initially, you cannot forget about it. "The firewall will require periodic updates to the rule sets and the software itself,THANK YOU