Scribd
Upload
9 views

Chapter 3

The document discusses network firewall security and describes different types of firewalls including packet filtering firewalls, application gateways, circuit gateways, and MAC layer firewalls. It defines access control and authentication factors and explains the goals and functionality of firewalls.

Uploaded by

desalewminale
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
9 views

Chapter 3

The document discusses network firewall security and describes different types of firewalls including packet filtering firewalls, application gateways, circuit gateways, and MAC layer firewalls. It defines access control and authentication factors and explains the goals and functionality of firewalls.

Uploaded by

desalewminale
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 11

CHAPTER THREE

Network Firewall security

1
UPON COMPLETION OF THIS CHAPTER,
YOU SHOULD BE ABLE TO:

• Recognize the important role of access control in


computerized information systems, and identify and discuss
widely-used authentication factors

• Describe firewall technology and the various approaches to


firewall implementation

• Identify the various approaches to control remote and dial-up


access by means of the Authentication and Authorization of
users

• Describe the technology that enables the use of Virtual Private


Networks

2
Terminalogies
Access is the flow of information between a subject and an object.
A subject is an active entity that requests access to an object or the data
within an object.
A subject can be a user, program, or process that accesses an object to
accomplish a task.
When a program accesses a file, the program is the subject and the file is
the object.
An object is a passive entity that contains information.
An object can be a computer, database, file, computer program, directory,
or field contained in a table within a database.
When you look up information in a database, you are the active subject and
the database is the passive object.

3
4
A firewall in an information security program prevents specific
types of information from moving between the outside world,
known as the untrusted network (for example, the internet),
and the inside world.

The firewall may be a separate computer system, a software


service running on an existing router or server, or a separate
network containing a number of supporting devices.
or structure.
Goals of a firewall
 All traffic (in or out) must pass through the firewall.
 Only authorized traffic will be allowed to pass.
 The firewall itself is immune to penetration.

5
Firewalls can be categorized by processing mode,
development era,
The packet-filtering firewall, also simply called a filtering
firewall, examines the header information of data packets that
come into a network.

A packet-filtering firewall installed on a TCP/IP-based network


typically functions at the IP level and determines whether to
drop a packet (deny) or forward it to the next network
connection (allow) based on the rules programmed into the
firewall.

6
Application Gateways
The application gateway, also known as an application-level
firewall or application firewall, is frequently installed on a
dedicated computer, separate from the filtering router, but is
commonly used in conjunction with a filtering router.

The application firewall is also known as a proxy server


since it runs special software that acts as a proxy for a
service request.

7
CIRCUIT GATEWAYS
The circuit gateway firewall operates at the transport
layer.
Again, connections are authorized based on
addresses.
Like filtering firewalls, circuit gateway firewalls do not
usually look at traffic flowing between one network
and another, but they do prevent direct connections
between one network and another.

8
MAC Layer Firewalls
MAC layer firewalls are designed to operate at
the media access control sublayer of the data
link layer (Layer 2) of the OSI network model.

9
10
THANK YOU!

11

You might also like