Download Application level gateway Firewalls - Mercer University

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
Document related concepts

Wireless security wikipedia , lookup

Proxy server wikipedia , lookup

Mobile security wikipedia , lookup

Computer security wikipedia , lookup

Denial-of-service attack wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Unix security wikipedia , lookup

Deep packet inspection wikipedia , lookup

Distributed firewall wikipedia , lookup

Transcript 
Unified Threat
Management
{
the history of protecting data



1984 NSA, Honeywell (LOCK) Developed a
hardened operating system called LOCK
Logical Co-processing Kernel.
1988: The Morris Worm*
The Morris Worm, which hit NASA and several
universities, sparked the development of the
first firewalls.
1989: IDS Emerges
University and government research yields the
first generation of intrusion detection system
(IDS) technology.
Background


1991: Packet and Circuit Firewalls*
Digital Equipment Corp rolled out the first
application-layer proxy firewall – dubbed
SEAL -- in 1991. Bell Labs research spawned
Raptor Eagle, a circuit-level firewall, a few
months later.
1993: Inventing the Wheel
Air Force begins deploying its Automated
Security Incident Measurement system. Two
years, later Air Force developers found
WheelGroup, which launches the NetRanger
IDS system
Early Development
DEC SEAL



1994: Check Point and The Stateful Firewall
Check Point Software debuted Firewall-1, inaugurating
the stateful firewall market. The emergence of stateful
firewalls represented a middle ground between the
performance of packet filtering firewalls and the
intelligence and demarcation of proxy firewalls.
STATEFUL Firewall Stateful firewalls can watch traffic
streams from end to end. They are aware of
communication paths and can implement various IP
Security (IPsec) functions such as tunnels and
encryption.
STATELESS* Firewalls Stateless firewalls watch
network traffic and restrict or block packets based on
source and destination addresses or other static values
Further Development
Check Point Firewall -1


1998: Snort Debuts
The open source IDS Snort is created, which is
now considered the most widely deployed
IDS/IPS in the world.
1998-2000: IPS Arrives
Industry begins to recast IDS as Intrusion
Prevention Systems (IPS), as products such as
Network ICE’s BlackICE hit the market.
IDS/IPS

2003: Attack of the Worms
Slammer and Blaster hit corporate networks in
a banner year for worms and other malware.
This development drove an outcry for a
smarter firewall and things like intrusion
prevention.
New Threats Drive New
Technology

2004: UTM
International Data Corpration (IDC) is credited with coining
the phrase “unified threat management” to describe products
that combine the functionality of firewalls, IDS/IPS, and other
network protection gear in a single appliance.
David Frazer, director of technology services at anti-virus
vendor F-Secure, said the emergence of UTM coincided with
the rise of blended security threats.

UTM
The impetus for combining security functions in one box dates
back to the late 1990s, when Cisco began offering encryption
in its routers. Astaro and Fortinent, two of the current leaders
in the UTM market, were actually founded in 2000

2009: NextGen Firewalls
A wire speed integrated network platform that performs
deep inspection of traffic and blocking of attacks.

Application level gateway Firewalls: L7
Application level firewalls decide whether to drop a packet
or send them through based on the application information
(available in the packet).

2014: New Perimeters; New Needs
55% of networks have now evolved into boundless space.
Today traditional premises and cloud based networks are
both utilized in corporate environments.
Next Generation
Palo Alto Enterprise
Firewall



1. Packet Filtering Firewalls: L3
2. Circuit level gateway Firewalls: L4-5
3. Application level gateway Firewalls: L7
Review of Firewall Tech


Packet Filtering mechanisms work in the network
layer of the OSI model. In packet filtering, each
packet passing through a firewall is compared to a
set of rules before it is allowed to pass through.
Depending on the packet and the rule, the packet
can be either dropped, sent through or a message
can be forwarded to the originator.
The rules which determine which packets to be sent,
and which not to be sent can be based on the source
and destination IP address, source and destination
port number or the protocol used.
Packet Filtering Firewalls:
L3


The circuit level gateway firewalls work at the
session layer of the OSI model. They monitor
TCP handshaking between the packets to
determine if a requested session is legitimate.
And the information passed through a circuit
level gateway, to the internet, appears to have
come from the circuit level gateway.
So, there is no way for a remote computer or a
host to determine the internal private IP
addresses of an organization, for example.
Circuit level gateway
Firewalls: L4-5
Application level firewalls decide whether to
drop a packet or send them through based on
the application information. They do this by
setting up various proxies on a single firewall
for different applications. Both the client and
the server connect to these proxies instead of
connecting directly to each other.
 So, any suspicious data or connections are
dropped by these proxies. Application level
firewalls can look in to individual sessions
and decide to drop a packet based on
information in the application protocol
headers or in the application payload.

Application level gateway
Firewalls: L7


SMTP application proxies can be configured to
allow only certain commands like helo, mail
from:, rcpt to: etc. to pass through the firewall.
And also block other commands like expn, vrfy
etc. which tries to expand a list or verify if that
account exists, and are used by attackers and
spammers for their vested self interests.
Application Level
Firewall Example

http://www.cisco.com/c/en/us/about/press/inter
net-protocol-journal/back-issues/table-contents1/ipj-archive/article09186a00800c85ae.html

https://www.cybrary.it/0p3n/stateful-vsstateless-firewalls/

http://www.networksecurityjournal.com/featur
es/security-timeline-firewalls-062707
References
Related documents
Firewall Configuration
Firewall Configuration
View File
View File
Firewall
Firewall
William Stallings, Cryptography and Network Security 3/e
William Stallings, Cryptography and Network Security 3/e
Deployed and Emerging Security Systems for the Internet
Deployed and Emerging Security Systems for the Internet
Understanding and Installing Firewalls
Understanding and Installing Firewalls
Network Security
Network Security
AMIA 2000 Presentation as PowerPoint
AMIA 2000 Presentation as PowerPoint
Document 62752
Document 62752
Lecture 11
Lecture 11
William Stallings, Cryptography and Network Security 3/e
William Stallings, Cryptography and Network Security 3/e
William Stallings, Cryptography and Network Security 3/e
William Stallings, Cryptography and Network Security 3/e
Cisco Discovery 1 Module 08 Quiz Picture Descriptions
Cisco Discovery 1 Module 08 Quiz Picture Descriptions
Part II. Project Information, to be completed by the proposer (Faculty
Part II. Project Information, to be completed by the proposer (Faculty
Intrusion Detection Systems
Intrusion Detection Systems
Firewalls
Firewalls
Ch10 - Protection Mechanism
Ch10 - Protection Mechanism
Firewall
Firewall
Intrusion Detection Systems
Intrusion Detection Systems
Firewalls
Firewalls
IC3: Network Security _______________ Firewalls
IC3: Network Security _______________ Firewalls
Symantec Enterprise Firewalls
Symantec Enterprise Firewalls