November 20, 2021

You’ve got questions, we’ve got answers.

firewall in network security

firewall in network security

firewall in network security

INTRODUCTION

A firewall is a network security device, either hardware or software-based, which monitors all incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects or drops that specific traffic.

Accept : allow the traffic .

Reject :  block the traffic but reply with an

Drop :    block the traffic with no reply

A firewall establishes a barrier between secured internal networks and outside untrusted network, such as the Internet.

firewall in network security

HOW FIREWALL WORKS

Firewall match the network traffic against the rule set defined in its table. Once the rule is matched, associate action is applied to the network traffic. Firewall match the network traffic against the rule set defined in its table. Once the rule is matched, associate action is applied to the network traffic. Incoming traffic is treated differently. Most traffic which reaches on the firewall is one of these three major Transport Layer protocols- TCP, UDP or ICMP.

Default policy:- It is very difficult to explicitly cover every possible rule on the firewall. For this reason, the firewall must always have a default policy. Default policy only consists of action (accept, reject or drop).

FIREWALL SOFTWARE AND TOOLS

Now that we’ve gone over how firewalls work, let’s take a look at common software packages that can help us set up an effective firewall.

  • Iptables
  • UFW
  • FirewallD
  • Fail2ban

Iptables:- Iptables is a standard firewall included in most Linux distributions by

default. It is actually a front end to the kernel-level netfilter hooks that can manipulate the Linux network stack. It works by matching each packet that crosses the networking interface against a set of rules to decide what to do.

UFW:- UFW, which stands for Uncomplicated Firewall, is an interface to iptables that is geared towards simplifying the process of configuring a firewall.

FirewallD:- FirewallD is a complete firewall solution available by default on CentOS 7 servers. Incidentally, FirewallD uses iptables to configure netfilter.

Fail2ban:-Fail2ban is an intrusion prevention software that can automatically configure your firewall to block brute force login attempts and DDOS attacks.

GENERATION OF FIREWALL

Firewalls can be categorized based on its generation.

 

  • First Generation- Packet Filtering Firewall
  • Second Generation- Stateful Inspection firewall
  • Third Generation- Application Layer Firewall
  • Next Generation Firewall (NGFW

First Generation(Packet Filtering Firewall) : Packet filtering firewall is used to control network access by monitoring outgoing and incoming packet and allowing them to pass or stop based on source and destination IP address, protocols and ports. It analyses traffic at the transport protocol layer. Packet firewalls treat each packet in isolation.

firewall in network security

Advantages:-

(1) It can be configured on almost all Routers.

 

  • It has minimal effect on network performance.
  • If the administrator has a good knowledge of network, it is easy to implement.

Disadvantage:-

(1) Large amount of ACLs are difficult to maintain.

firewall in network security

Second Generation(Stateful Inspection firewall: Stateful firewalls are able to determine the connection state of packet, unlike Packet filtering firewall, which makes it more efficient. It keeps track of the state of networks connection travelling across it, such as TCP streams.

Advantages:-

(1) Not susceptible to IP spoofing.

 

(2) Can be implemented on routers.

Disadvantages:-

(1) Might not be able to prevent application layer attack.

firewall in network security

Third Generation(Application Layer Firewall): Application layer firewall can inspect and filter the packets on any OSI layer, up to the application layer. It has the ability to block specific content. In other words, Application layer firewalls are hosts that run proxy servers. A proxy firewall prevents the direct connection between either side of the firewall, each packet has to pass through the proxy.

Advantages -(1) Can analyze deeper into the conversation between the server and the client.

 

  • If there is a protocol anamoly happening from standard then it can deny the packets.
firewall in network security

Next Generation Firewall : Next Generation Firewalls are being deployed these days to stop modern security breaches like advance malware attacks and application-layer attacks. NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH inspection .

The additional features which are included in Next Generation Firewall are as follows –

 

  • Application awareness and control
  • Integrated intrusion prevention
  • Deep Packet Inspection
  • Integrated Intrusion Protection System
  • Web Filtering
firewall in network security

Types of Firewall

There are many types of firewall.

  • Proxy firewall
  • Packet-filtering firewalls
  • Stateful inspection firewall
  • Circuit-level gateways
  • Software firewalls
  • Hardware firewalls
  • Next-generation firewall (NGFW)
  • Cloud firewalls

Need of Firewall:- A firewall is an essential part of your business’ security system. A firewall keeps destructive and disruptive forces out, and controls the incoming and outgoing network traffic based on security parameters that you can control and refine. Firewalls majorly reduce risk for your business.

Using a firewall can protect against

  • Remote Login
  • Email session hijacking
  • Application and Operating System backdoor vulnerabilities
  • Denial of Service
  • Malicious Macros
  • Email Bombs
  • Viruses

Firewall Benefits

Firewalls serve as a first line of defense to external threats, malware, and hackers trying to gain access to your data and systems.

 

  • Monitors Network Traffic
  • Stops Virus Attacks
  • Prevents Hacking
  • Promotes Privacy

Traditional Firewall:- A traditional firewall is network security device which typically provides stateful inspection of network traffic that entering or exiting point inside network based on state, port, and protocol. So in simple traditional firewall mainly controls flow of control. It has Virtual Private Network (VPN) capabilities.

 

Disadvantages:  

  1. Application Awareness Limitations 
  2. Issues with Network Speed

FIREWALL ALGORITHMS

  • Hashing Based Packet Matching Algorithm for firewall
  • The Geometric Efficient Matching Algorithms For Firewall

Hashing Based Packet Matching Algorithm for firewall

Packet matching in firewalls involves matching on many fields from the TCP and IP packet header. At least five fields are involved in the decision which rule applies to a given packet. That is

 

  1. protocol type(TCP/UDP)
  2. Source IP address
  3. Destination IP address
  4. Source port
  5. Destination port

The Geometric Efficient Matching Algorithms For Firewall

The firewall packet matching problem finds the first rule that matches a given packet on one or more fields from its header. Every rule consists of set of ranges [li,ri] for i = 1, . . . , d, where each range corresponds to the ith field for d levels.

  • tech movies
  • tech knowledge
  • wordpress
  • tech facts
  • blogging
top 10 animated movies

Top 10 Animated Movies

Techymaxx Jun 09, 2020
top 10 horror movies

top 10 horror movies

Techymaxx Jun 04, 2020