Firewall Management and

Optimization
Submitted to suman kashyap
Subject : Network Security
Team member
• Harsh vardhan singh Rathore
• Hitesh chandel
• Kanishk kr sharma
• Jayesh saini
• Irfan khan
What is a Firewall ?

 A firewall is a security policy enforcement point that regulates access between

computer networks
 Filters are inherently insecure services
 Controls TCP protocols
 http, smtp, ftp, telnet etc
 Only one of many different security tool’s to control and regulate network traffic
What do Firewalls Protect?

 Data
 Proprietary corporate information
 Financial information
 Sensitive employee or customer data
 Resources
 Computing resources
 Time resources
 Reputation
 Loss of confidence in an organization
 Intruder uses an organization’s network to attack other sites
Packet Filtering Firewalls

 Packet filtering is one of the oldest, and one of the most common types of firewall
technologies. Packet filters inspect each packet of information individually,
examining the source and destination IP addresses and ports. This information is
compared to access control rules to decide whether the given packet should be
allowed through the firewall.

Packet filters consider only the most basic attributes of each packet, and they
don't need to remember anything about the traffic since each packet is examined
in isolation. For this reason they can decide packet flow very quickly.
Application Level Firewalls

 Web Proxy Severs

 Application Proxy Servers
 Products
 None that are strictly Proxy based
 “Gateway Servers”
 Second Generation Firewall Technology
 Makes connections on behalf of the client
 Not flexible
Hybrid Firewalls

 Performs Packet Filtering functions

 Performs Application Proxy functions
 Third Generation Firewall Technology
 Products
 Raptor Firewall by Symantec
 Firewall 1 by Checkpoint
 Sidewinder Firewall by Secure Computing
 Lucent Brick by Lucent
Simple Firewall

 Small Companies with limited security needs

 Only utilizes two interfaces
 Trusted
 Un-trusted
 Provides modest security
 Does not offer dmz sandbox
 Inherently allows some level of connections between trusted and un-trusted networks
Multi-Legged Firewall

 Small to large sized business

 Security need is expanded
 Provides stronger security
 Creates a secure sandbox for semi-trusted services
 Flexible and secure
Layered Firewall Approach

 Large enterprises with low risk tolerance

 Separates internal environments
 Reduces computer crimes
 Most attacks are internally based
 Deters malicious activities

 Controls overhead administrative traffic

 Allows IDS to work more effectively
Defense in depth

 Security has no single right answer

 Use every tool available to bolster security
 Layered security is always the best approach
 Strong security controls coupled with audit, administrative reviews, and an
effective security response plans will provide a strong holistic defense
THANKS