Scribd
Upload
88 views

Data Security in Local Network Using Distributed Firewall

Distributed firewalls address problems with traditional firewalls by enforcing security policies across network endpoints rather than at centralized entry points. A distributed firewall system consists of a management center to define security policies centrally, policy actuators to enforce policies at network endpoints, remote endpoint connectors, and a log server. This architecture allows firewall filtering from both internal and external networks, overcomes single points of failure, and protects networks from internal attacks by enforcing policies at all endpoints.

Uploaded by

athar
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
88 views

Data Security in Local Network Using Distributed Firewall

Distributed firewalls address problems with traditional firewalls by enforcing security policies across network endpoints rather than at centralized entry points. A distributed firewall system consists of a management center to define security policies centrally, policy actuators to enforce policies at network endpoints, remote endpoint connectors, and a log server. This architecture allows firewall filtering from both internal and external networks, overcomes single points of failure, and protects networks from internal attacks by enforcing policies at all endpoints.

Uploaded by

athar
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 37

Data Security in Local Network

Using Distributed Firewall

Guided by:

Presented by:
Mohammad Under Supervision:
Raashid Azam Prof. Mirza Salim Beg
11-LECM-042
1 GD 1210
Abstract

 Computer and networking have become inseparable


now .

 A number of confidential transaction occur every


second and today computers are used mostly for
transaction rather than processing of data, so Data
security is needed to prevent hacking of data and to
provide authenticated data transfer

2
.Contd

 Data security can be achieved by Firewall

 Conventional firewall relay on the notion of restricted


topology and controlled entry point

 Restricting the network topology, difficulty in filtering


certain protocols, expanding network and few more
problems leads to the evolution of DISTRIBUTED
FIREWALL

3
Contents

 Introduction to Security and Firewalls


 Problems with traditional Firewalls
 Distributed Firewall Concept
 Distributed Firewall Implementation
 Conclusions

4
Firewalls

 Firewall is a device or set of instruments designed to permit


or deny network transmissions based upon a set of rules and
regulations which are frequently used to protect networks from
unauthorized access

 In most systems today, the firewall is the software that


implements the “security policy” for a system

 A firewall is typically placed at the edge of a system and acts


as a filter for unauthorized traffic

5
Security Policy

 A “security policy” defines the security rules of a system.

 Without a defined security policy, there is no way to know


what access is allowed or disallowed

 An example policy: (simple)


◦ Allow all connections to the web server
◦ Deny all other access

6
Firewall Example

Company 1 Firewall Firewall Company 2

Internet

Company 3 Firewall Firewall Company 4

7
Firewall Drawbacks

 Traditional Firewalls uses restricted topology of the network

 Donot protect networks from internal attack

 Certain protocols (FTP, Real-Audio) are difficult for


firewalls to process

 Assumes inside users are “trusted”

 single points of access make firewalls hard to manage

8
.contd

1.Restricted topology

9
.contd

2 .Assumes inside users are trusted

10
.contd

3.Single point of failure or access

11
.Data security Threats

 IP Spoofing or IP masquerading
A B
10.10.10.1 134.117.1.60
B

10.10.10.1 134.117.1.60 Any (>1024) 80


Src_IP dst_IP Src_port dst_port

spoofed
11.11.11.1 134.117.1.60 Any (>1024) 80
Src_IP dst_IP Src_port dst_port

12
.cont IP spoofing
impersonation

sender
partner

Oh, my partner
sent me a packet.
I’ll process this. victim
13
.contd

 Session hijacking

14
contd

 Denial of service(DOS)

15
Distributed Firewall Concept

 Destributed firewall is a mechanism to enforce a network


domain security policy through the use of policy language

 Security policy is defined centrally

 Enforcement of policy is done by network endpoint(s) where


is the hackers try to penetrate

16
.contd

 It filters traffic from both the internal and internet


network

 They overcome the single point of failure concept

17
18
Architecture of Distributed
Firewalls
The whole distributed firewall system consists of four
main parts:
I. The management center

II. Policy actuator

III. Remote endpoint connectors

IV. Log server

19
.contd

20
PBNA System

Policy Based Network Management System

21
Standard Firewall Example

Intranet
W e b s e rve r
External Internal Webserver (company
priva te)

Corporate
Internet Firewall
Corporate Network

Internal
External Internal
Host
Host Host
2
1
(untrusted)

22
Standard Firewall Example
Connection to web server

Intranet
W e b s e rve r
External Internal Webserver (company
priva te)

Corporate
Internet Firewall
Corporate Network

Internal
External Internal
Host
Host Host
2
1
(untrusted)

23
Standard Firewall Example
Connection to intranet

Intranet
W e b s e rve r
External Internal Webserver
(company
p r i v a te )
blocked by
firewall connection
a llo w e d ,
b u t s h o u ld
not be
Corporate
Internet Firewall
Corporate Network

External Internal
Internal
Host Host Host
1 2
(untrusted)

24
Distributed Firewall Example

Internal Host Intranet


(telecommuting) W e b s e rve r
External Internal Webserver (company
priva te)

In t e r n e t Corporate Network

External Internal
Internal
Host Host
Host
2
1
(untrusted)

25
Distributed Firewall Example to
web server

Internal Host Intranet


(telecommuting) W e b s e rve r
External Internal Webserver (company
priva te)

In t e r n e t Corporate Network

External Internal
Internal
Host Host
Host
2
1
(untrusted)

26
Distributed Firewall Example to
intranet
Internal Host Intranet
(telecommuting) W e b s e rve r
External Internal Webserver (company
priva te)

Internet Corporate Network

Internal
External Internal
Host
Host Host
2
1
(untrusted)

27
Components of Distributed
Firewalls
A Distributed Firewall is a mechanism to enforce a network domain
security policy through the use of the following:

 Policy Language

 Policy Distributed Scheme

 Certificates

28
.contd

Policy language
 The Policy language is used to create policies for each firewall.

 These policies are the collection of rules, which guides the firewall
for evaluating the network traffic. It also defines which
inbound and outbound connections on any component
of the network policy domain are allowed.

29
.contd

Policy Distribution Scheme

 The policy distribution scheme should guarantee the integrity


of the policy during transfer.

 This policy is consulted before processing the incoming or


outgoing messages.

 The distribution of the policy can be different and varies with


the implementation. It can be either directly pushed to end systems
or pulled when necessary

30
.contd

Certificates
 There may be the chance of using IP address for the
host identification by the distributed firewalls.

 But a mechanism of security is more important.


 It is preferred to use certificate to identify hosts.
 IPSec provides cryptographic certificates. Unlike IP address,
which can be easily spoofed, the digital certificate is much more
secure and the authentication of the certificate is not easily
forged. Policies are distributed by means of these

31
Advantages

1. Provides security for internet and intranet

2. Multiple access points

3. Insiders are no longer trusted

4. Security policy rules are distributed and established on


needed basis

5 End to End can be easily done and filtering packets is easy

32
Disadvantage

1. Compliance of the security policy for insiders is one of the


major issues of the distributed firewalls. This problem
especially occurs when each ending host have the right of
changing security policy. There can be some techniques to
make modifying policies harder but it is not totally impossible
to prevent it.
2 It is not so easy to implement an intrusion detection system in
a distributed firewall environment. It is possible to log
suspicious connections on local server but these logs need to
be collected and analyzed by security experts in central service

33
Conclusions

 Distributed firewalls allows the network security policy


to remain under control of the system administrators
 Insiders may no longer be unconditionally treated as
“trusted”
 Does not completely eliminate the need for traditional
firewalls
 More research is needed in this area to increase
robustness, efficiency,

42
Future Work

 High quality administration tools NEED to exist for


distributed firewalls to be accepted

 Allow per-packet scanning as opposed to per-connection


scanning

 Policy updating

43
References

 [1] Dr.T.Pandikumar1, Mekonnen Gidey2,“ DATA SECURITY IN LAN USING


DISTRIBUTED FIREWALL”, International Research Journal of Engineering
and Technology (IRJET).
 [2] R. Maruthaveni1, R. Latha2,”Data Security in Local Networks Using
Distributed Firewalls”, International Journal of Science and Research
(IJSR)
 [3] Sotiris Ioannidis, Angelos D. Keromytis, Steve M. Bellovin, Jonathan
M. Smith, “Implementing a Distributed Firewall”, CCS ’00,Athens,
Greece.
 [4] Steven M. Bellovin, “Distributed Firewalls”, November 1999 issue of;
login: pp. 37-39.
 [5] [Robert Stepanek, “Distributed Firewalls”, [email protected], T-110.501
Seminar on Network Security, HUT TML 2001.

44
45

You might also like