ASSIGNMENT - 2

TOPIC : FIREWALLS

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
 FIREWALL

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
DEFINITION
• A firewall is a network security device that monitors incoming and outgoing network traffic and permits or
blocks data packets based on a set of security rules.
• It establishes a block between the trusted computer network and untrusted computer network
• Its purpose is to establish a barrier between your internal network and incoming traffic from external sources
(such as the internet) in order to block malicious traffic like viruses and hackers.

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
TYPES OF FIREWALLS

1. Packet Filters Firewalls

2. Application or Proxy Firewalls
3. Circuit-level gateways
4. Stateful Inspection Firewalls
5. Cloud Firewall
6. Software Firewalls
7. Hardware Firewalls

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
 Packet Filters Firewalls

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
 Packet Filters Firewalls

• A packet filtering firewall is the most basic type of firewall. It acts like a management program that monitors
network traffic and filters incoming packets based on configured security rules. These firewalls are designed
to block network traffic IP protocols, an IP address, and a port number if a data packet does not match the
established rule-set.
• While packet-filtering firewalls can be considered a fast solution without many resource requirements, they
also have some limitations. Because these types of firewalls do not prevent web-based attacks, they are not
the safest.

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
 Application or Proxy Firewalls

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
 Application or Proxy Firewalls

• Proxy firewalls operate at the application layer as an intermediate device to filter incoming traffic between
two end systems (e.g., network and traffic systems). That is why these firewalls are called 'Application-level
Gateways'.
• Unlike basic firewalls, these firewalls transfer requests from clients pretending to be original clients on the
web-server. This protects the client's identity and other suspicious information, keeping the network safe from
potential attacks. Once the connection is established, the proxy firewall inspects data packets coming from
the source. If the contents of the incoming data packet are protected, the proxy firewall transfers it to the
client. This approach creates an additional layer of security between the client and many different sources on
the network.

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
 Circuit-level gateways

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
 Circuit-level gateways

• Circuit-level gateways are another simplified type of firewall that can be easily configured to allow or block
traffic without consuming significant computing resources. These types of firewalls typically operate at the
session-level of the OSI model by verifying TCP (Transmission Control Protocol) connections and
sessions. Circuit-level gateways are designed to ensure that the established sessions are protected.
• Typically, circuit-level firewalls are implemented as security software or pre-existing firewalls. Like packet-
filtering firewalls, these firewalls do not check for actual data, although they inspect information about
transactions. Therefore, if a data contains malware, but follows the correct TCP connection, it will pass
through the gateway. That is why circuit-level gateways are not considered safe enough to protect our
systems.

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
 Stateful Inspection Firewalls

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
 Stateful Inspection Firewalls

• Stateful multi-layer inspection firewalls include both packet inspection technology and TCP handshake
verification, making SMLI firewalls superior to packet-filtering firewalls or circuit-level gateways.
Additionally, these types of firewalls keep track of the status of established connections.
• In simple words, when a user establishes a connection and requests data, the SMLI firewall creates a database
(state table). The database is used to store session information such as source IP address, port number,
destination IP address, destination port number, etc. Connection information is stored for each session in the
state table. Using stateful inspection technology, these firewalls create security rules to allow anticipated
traffic.

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
 Cloud Firewall

A cloud firewall is a security product

that, like a traditional firewall, filters out
potentially malicious network traffic.
Unlike traditional firewalls, cloud
firewalls are hosted in the cloud. This
cloud-delivered model for firewalls is
also called firewall-as-a-service
(FWaaS).
Cloud-based firewalls form a virtual
barrier around cloud platforms,
infrastructure, and applications, just as
traditional firewalls form a barrier
around an organization's internal
network. Cloud firewalls can also
protect on-premise infrastructure.

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
 Difference between Hardware and Software firewall
S. No Parameters Software Firewall Hardware Firewall

A software Firewall operates on the Hardware Firewall do not operate on

1. Operates on system. the system.

Configuration of a software firewall is Configuration of hardware firewall is

2. Configuration easy. not easy.

It is less expensive to install though the It is more expensive than a software

3. Cost cost may increase in case of variation in firewall as an initial investment is
computers. required based on the protection level.

It is flexible i.e., you can choose which

4. Flexibility application has to be installed.
It is not flexible like software firewall.

5. Installation It is installed inside the individual system. It is installed outside the system.

It protects one system at a time and is not

6. Protects enabled for smart TVs, gaming consoles, It protects a whole network at a time.
and other devices.

It makes the performance of computers It doesn’t affect the performance of the

7. Performance slows down. computer.

It is needed to be installed on every It needs only one hardware to be

8. Requirement individual system on a network. installed for a whole network.

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
 FIREWALL DESIGN PRINCIPLES

1.Developing Security Policy

 Security policy is a very essential part of firewall design. Security policy is designed according to the requirement of
the company or client to know which kind of traffic is allowed to pass.

 Without a proper security policy, it is impossible to restrict or allow a specific user or worker in a company network
or anywhere else.

 A properly developed security policy also knows what to do in case of a security bleach. Without it, there is an
increase in risk as there will not be a proper implementation of security solutions.

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC
2. Simple Solution Design
 If the design of the solution is complex. then it will be difficult to implement it. If the solution is easy. then it will be
easier to implement it.

 A simple design is easier to maintain. we can make upgrades in the simple design according to the new possible
threats leaving it with an efficient but more simple structure.

 The problem that comes with complex designs is a configuration error that opens a path for external attacks.

3.Choosing the Right Device

Every network security device has its purpose and its way of implementation. if we use the wrong device for the
wrong problem, the network becomes vulnerable.

 if the outdated device is used for a designing firewall, it exposes the network to risk and is almost useless.

 Firstly the designing part must be done then the product requirements must be found out, if the product is already
available then it is tried to fit in a design that makes security weak.
 4.Layered Defense
 A network defense must be multiple-layered in the modern world because if the security is broken, the network
will be exposed to external attacks.

 Multilayer security design can be set to deal with different levels of threat. It gives an edge to the security design
and finally neutralizes the attack on the system.

5.Consider Internal Threats

 While giving a lot of attention to safeguarding the network or device from external attacks. The security becomes
weak in case of internal attacks and most of the attacks are done internally as it is easy to access and designed
weakly.

 Different levels can be set in network security while designing internal security. Filtering can be added to keep
track of the traffic moving from lower-level security to higher level.
 THANK YOU

Approved by AICTE |Affiliated to VTU | Recognized by UGC with 2(f) & 12(B) status |Accredited by NBA and NAAC