Download Understanding Firewalls: Packet Filtering, Circuit Level, Application Gateway, Proxy, VPN and more Exercises Information Technology in PDF only on Docsity!
Lesson 21 FIREWALLS
A firewall is a combination of hardware and software that sits between the internet and internal network of an organization to protect the network from outside attack (Fig. 1). It can examine the data entering or leaving from the network and can filter the data according to certain rules, thus, protects the network from an attack. There are three main types of firewalls detailed as follows:
Fig. 1
Packet filter firewall
It uses a set of rules to determine whether outgoing or incoming data packets are allowed to pass through the firewall. For example, we can, as a rule, specify IP addresses of sending devices such that packets from these IP addresses are not allowed to enter the network. The Firewall would stop them from entering. A packet filter firewall is the simplest type of firewalls which operates at data link and network layers of the OSI model.
Circuit level firewall
It is quite similar to the packet filter firewall. It also works on the basis of a set of rules for filtering packets but operates at the transport layer of the OSI Model so has greater functionality. As a rule, the higher the layer of OSI model where a firewall operates, the more sophisticated is the firewall. It can make packets sent from internal network to a destination outside the firewall appear as if they originated at the firewall. Thus information regarding hosts on the internal network remains secret. It can also determine whether TCP/IP connection between a host and a machine outside firewall has been properly established. Thus it can cut off any connection which has been hijacked by a hacker trying to pass through the firewall.
Application gateway firewall
It operates at application layer of the OSI Model. It uses strong user authentication to verify identity of a host attempting to connect to the network using application layer protocols such us FTP. In contrast to packet filter firewall, it filters the requests rather than packets entering/leaving the network. It can block any outgoing HTTP or FTP requests. It can prevent employees of a company inside a firewall from
downloading potentially dangerous programs from the outside. In other words, this type of firewall is used docsity.com
to control connections thus employees of a company can be restricted from connecting to certain web sites. We can combine circuit level capabilities with application gateway services to form Hybrid type of a firewall.
Proxy server
A proxy server sits between an internal trusted network and the untrusted network, that is, internet, as you can see in Fig. 2 below.
Fig. 2
Mainly, it can do three things: An http request from the browser goes to proxy server. It can affix its own IP address instead of IP address of the requesting machine; thus, it hides the information of the host. It downloads the requested page itself and afterwards supplies it to the user. It can also act as a firewall filtering requests for certain web pages.
An important job it can do is to speed up the processing of http requests by caching web pages. Caching means that it can store the requested web pages in its memory (cache memory) for a certain period. The advantage of caching is that for subsequent web page requests the time of supply of the web pages is reduced. Instead of sending the request to actual web server, the proxy server can quickly supply the web page stored in its cache memory, thus, it saves the time of downloading the page.
Virtual private network (VPN)
Suppose that a client is sitting at a local branch network of a company and wants to become part of a bigger, head office network of that company located far away. One option for him is to set up a dial up connection, which means that he can be connected to a server machine lying in the head office network through a direct telephone line. That server machine may be called a Remote Access Server (RAS) and the client may be called a Remote Access Client (RAC). Remote access is a two way process so both RAS and RAC must be configured, first. Some windows operating systems provide the facility to configure the RAS and RAC. Basically, the client specifies the phone no. of RAS while configuring. After both RAS and RAC are configured, the client enters identification information (password etc.) and clicks at “Dial”. Accordingly, phone no. of RAS is dialed and connection with RAS is setup. Once clients are connected to RAS, they can access the remote company network and its resources – servers, printers etc. A protocol,
Fig. 3
Historically, cryptography has long been used as a military technology. Julis Ceaser used a simple transposition cipher to scramble messages to give instructions to his commanders in the battlefield. Similarly, Hitler used Enigma encryption cipher to scramble messages sent by radio to German armies and u-boats during the Second World War. Cryptography has also been used for non-military purposes over the centuries. There are records of people using cryptography to protect religious secrets and to hide secrets of science and industry. In recent years, the use of cryptography in business and commerce appears to have surpassed its earlier use. It has made the rapid commercialization of internet possible. Without cryptography, it is doubtful that banks, businesses and individuals would feel safe doing business online.
