Firewall Configuration
Firewall Configuration
Firewall Configuration
A. READINGS/DISCUSSIONS
I. Background Information for Learners
Connecting personal computers to other IT systems
or the internet opens up a range of positive
possibilities — easy collaboration with others,
combining of resources, enhanced creativity — but it
also exposes users to dangers.
Hacking, identity theft, malware, and online
fraud are common threats users could face when
they expose themselves by linking their computers
to a network or the internet. https://www.kaspersky.com/content/en-global/images
repository/isc/2017-images/KSY-53-What_is_a_firewall__
What if there was a way users could protect
themselves from the worst dangers by erecting an
invisible wall to filter out those threats? It would be essential to have it — fortunately, it
already exists. That invisible wall is what is known as a firewall.
Erected between a computer and its connection to an external network or the web, a
firewall decides which network traffic is allowed to pass through and which traffic is
deemed dangerous. It essentially works to filter out the good from the bad, the trusted
from the untrusted.
FIREWALL
A firewall is a security device — computer
hardware or software — that can help protect
your network by filtering traffic and blocking
outsiders from gaining unauthorized access to
the private data on your computer.
Not only does a firewall block unwanted
traffic, it can also help block malicious https://www.hotspotshield.com/imgs/learn/what-is-a-computer
software from infecting your computer. firewall/pic.jpg
1
Your home network is only as secure as its least protected device. That’s where a
network security system comes in.
A firewall shouldn’t be your only consideration for securing your home network. It’s
important to make sure all of your internet-enabled devices — including mobile devices
— have the latest operating system, web browsers, and security software.
Another consideration? Securing your wireless router. This might include changing the
name of your router from the default ID and password it came with from the
manufacturer, reviewing your security options, and setting up a guest network for
visitors to your home.
2
While packet-filtering firewalls can be helpful, they also have limitations. Because all
web traffic is allowed, it doesn’t block web-based attacks. So, you need additional
protection to distinguish between friendly and malicious web traffic.
Stateful multi-layer inspection (SMLI) firewalls
The stateful multi-layer inspection firewall has standard firewall capabilities and
keeps track of established connections. It filters traffic based on state, port, and
protocol, along with administrator-defined rules and context. This involves using
data from prior connections and packets from the same connection.
Most firewalls rely on stateful packet inspection to keep track of all internal traffic.
This firewall is a step above packet-filtering in its use of multi-layer monitoring.
However, it is still unable to distinguish between good and bad web traffic, so you
may need additional software.
Next-generation firewalls (NGFW)
Next-generation firewalls are more sophisticated than packet-filtering and stateful
inspection firewalls. Why? They have more levels of security, going beyond
standard packet-filtering to inspect a packet in its entirety. That means not just the
packet header, but also a packet’s contents and source. NGFW are able to block
more sophisticated and evolving security threats like advanced malware.
Network address translation (NAT) firewalls
A NAT firewall is able to assess internet traffic and block unsolicited
communications. In other words, it only accepts inbound web traffic if a device on
your private network solicited it.
Host-based firewalls versus network-based firewalls
There are differences between host-based and network-based firewalls, along with
benefits of having both in place.
Network firewalls filter traffic going to and from the internet to secured local area
networks (LAN). They typically are used by businesses that need to protect a large
network of computers, servers, and employees. A network-based firewall is able to
monitor communications between a company’s computers and outside sources, as
well as restrict certain websites, IP addresses, or other services.
Host-based firewalls work similarly but are stored locally on a single computer or
device. A host-based firewall is a software application or a suite of applications that
allows for more customization. They are installed on each server, control incoming
and outgoing traffic, decide whether to allow traffic to individual devices, and protect
the host.
What are some of the main risks of not having a firewall?
You might already engage in certain safe computer and internet use practices,
including these:
✔ You don’t click on unknown links or attachments.
✔ You only log on to trustworthy, known websites.
✔ You never give out any personal information unless it is absolutely necessary.
✔ You have strong, unique, complex passwords for each online account that you update
often.
Does that make you safe enough? The answer may be “no.” If you use the internet, it’s
smart to have a firewall in place. Cyber threats are widespread and evolving. It’s
3
important to use available defences to help protect your network, and the personal
information stored on your computer, against cybercrimes.
Hardware Firewall
A hardware firewall is a physical filtering component that inspects data packets from the
network before they reach computers and other devices on a network. A hardware firewall is
a free-standing unit that does not use the resources of the computers it is protecting, so
there is no impact on processing performance.
Software Firewall
4
A software firewall is an application on a computer that inspects and filters data packets.
Windows Firewall is an example of a software firewall that is included in the Windows
operating system. A software firewall uses the resources of the computer, resulting in
reduced performance for the user.
Software Firewalls
Software firewalls can be either an independent application or part of the operating
system. There are several third-party software firewalls. There is also a software
firewall built into
Windows 10.
Standard Procedure:
1. Select the Start button > Settings > Update & Security > Windows Security and
then Firewall & network protection. Open Windows Security settings
2. Select a network profile.
5
3. Under Microsoft Defender Firewall, switch the setting to On. If your device is
connected to a network, network policy settings might prevent you from completing
these steps. For more info, contact your administrator.
4. To turn it off, switch the setting to Off. Turning off Windows Defender Firewall could
make your device (and network, if you have one) more vulnerable to unauthorized
access. If there's an app you need to use that's being blocked, you can allow it
through the firewall, instead of turning the firewall off.
Short Cut:
Windows key + R,
type WF.msc, and then
press ENTER.
6
Please note that by default Windows Defender Firewall in Windows 10 blocks all incoming
connections and allows all outgoing ones.
Inbound refers to connections coming-in to a specific device (host/server) from a remote
location. e.g. A Web Browser connecting to your Web Server is an inbound connection (to
your Web Server). Outbound refers to connections going-out to a specific device from a
device/host.
7
Click OK
and select
for which
network
profiles this
rule should
be active.
⮚ You can configure Windows Defender Firewall rules more finely from the
wf.msc console. Here you can create separate allowing or blocking rules for a
specific program, protocol (TCP/UDP/ ICMP/IPsec), IP address or port number.
8
In this example, we’ve enabled
outbound connections for the
putty.exe client.
Select Allow the connection and provide a name for the rule.
9
Best practices for configuring Windows Defender Firewall
B. Exercise
Multiple Choice. Give the correct answer from the given choices below.
1. These are the common threats when linking your computer to a network or the
internet, except.
a. Hacking c. identity theft
b. cloud storage d. online fraud
2. The most basic form of protection and is meant for smaller networks.
a. Stateful multi-layer inspection (SMLI) firewalls
b. Packet-filtering firewalls
c. Next-generation firewalls (NGFW)
d. Network address translation (NAT) firewalls
3. More sophisticated than packet-filtering and stateful inspection firewalls.
a. Stateful multi-layer inspection (SMLI) firewalls
b. Packet-filtering firewalls
c. Next-generation firewalls (NGFW)
d. Network address translation (NAT) firewalls
4. This involves using data from prior connections and packets from the same
connection.
a. Stateful multi-layer inspection (SMLI) firewalls
b. Packet-filtering firewalls
c. Next-generation firewalls (NGFW)
d. Network address translation (NAT) firewalls
5. The risk that attackers could shut down your network if without a firewall.
a. Open access c. Network crashes
b. Lost or compromised data d. None
6. The risk that you’re accepting every connection into your network from anyone if
without a firewall.
a. Open access c. Network crashes
b. Lost or compromised data d. None
7. This is a firewall that keeps track of the state of network connections traveling
through the firewall.
a. Stateful packet inspection c. Packet Filter
b. Proxy Firewall d. None
8. This is a set of rules that allows or denies traffic based on criteria such as IP
addresses, protocols, or ports used.
a. Stateful packet inspection c. Packet Filter
10
b. Proxy Firewall d. None
9. Multiple Computers can be protected in this type of firewall.
a. Proxy Firewall c. Software Firewall
b. Hardware Firewall d. Windows Defender Firewall
1. Facebook is one of the most popular social media platforms in the world. Although
it has various benefits and is one of the most powerful creations, it also contains
many disadvantages. Some of them are addiction, timewaster, and causes
distractions. Person can lead to spending his precious time on Facebook, rather than
doing something productive. For children to become productive, parents must do
something to limit the usage of these platform at home.
How do you limit the usage of social media platform like Facebook? Discuss.
2. Most of the installers are executable files which are blocked by firewall when you
attempt to download, what will you do to get your much needed installer? Explain.
References:
Allan B. Montenegro
TLE/TVL CSS Grade 12, Activity Sheet No. 5, First Edition, 2020
COMPUTER SYSTEM SERVICING NC II ACTIVITY SHEET
NETWORK INTERFACE CARD TYPES AND CONFIGURATION SETTINGS
Accompanying DepEd Textbook and Educational Sites (With Possible Materials for experiments/activities)
✔ https://www.kaspersky.com/resource-center/definitions/firewall, Retrieved on
November 4, 2020, 8:05 AM
✔ https://us.norton.com/internetsecurity-emerging-threats-what-is-firewall.html,
Retrieved on November 4, 2020, 8:15 AM
✔ https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-
firewall/best-practices-configuring, Retrieved on November 4, 2020, 8:26 AM
For more readings about Windows Defender Firewall you may open this link.
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/best-practices-
configuring
Prepared by:
EDA FLOR M. ARRABIS
Subject Teacher
11