using a firewall to control traffic in networks
play

Using a firewall to control traffic in networks 1 Example Network - PowerPoint PPT Presentation

Jan 11, 2024 •556 likes •708 views

Using a firewall to control traffic in networks 1 Example Network .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 2 Firewall

  1. Using a firewall to control traffic in networks 1

  2. Example Network .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 2

  3. Firewall on 1.1.1.12 .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 3

  4. Block Ping .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 4

  5. Block Ping IN: protocol=ICMP; action=DROP OUT: protocol=ICMP; action=DROP .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 5

  6. Firewall contains rules ● Each packet is checked against firewall rules ● If conditions in rule are true then perform action on that packet (eg. DROP, ACCEPT) ● If no rules match, then perform default action ● Multiple rules are combined to create a table 6

  7. Firewall on Router Ra .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 7

  8. Block Access to SSH Server on .11 .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 8

  9. Block Access to SSH Server on .11 .35 .12 .36 .11 3.3.3.0/24 FORWARD: Dst=1.1.1.11; Protocol=TCP; DstPort=22; 1.1.1.0/24 Action=DROP Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 9

  10. Firewall can have different rules ● INPUT: Applies only to packets destined to this computer ● OUTPUT: Applies only to packets created by this computer ● FORWARD: Applies only to packets going through this computer ● These are called chains 10

  11. Block Access to Web Servers on Network 3.3.3.0/24 for .12 .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 11

  12. Block Access to Web Servers on Network 3.3.3.0/24 for .12 .35 .12 .36 .11 3.3.3.0/24 FORWARD: Src=1.1.1.12; Dst=3.3.3.0/24; Protocol=TCP; 1.1.1.0/24 DstPort=80; Action=DROP Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 12

  13. Firewall Rules Viewed as Table Firewall table for FORWARD: Rule Source Dest. Protocol Action 1 * 1.1.1.11:22 TCP DROP 2 1.1.1.12:* 3.3.3.0/24:80 TCP DROP Default * * * ACCEPT When packet arrives at firewall, rules are checked row-by-row. If a rule matches, the ACTION is taken and no further rules are checked. Separate tables for INPUT, OUTPUT and FORWARD chains. 13

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Firewalls in FreeBSD and OpenBSD What is firewall? firewall is a method of protecting hosts

Firewalls in FreeBSD and OpenBSD What is firewall? firewall is a method of protecting hosts

Firewalls in FreeBSD and OpenBSD What is firewall? firewall is a method of protecting hosts and networks connected to other hosts and networks against attacks from the outside and from the inside. a firewall is a network security system

440 views • 30 slides
Firewall and IDS/IPS What is a firewall? firewall = wall to protect against fire propagation

Firewall and IDS/IPS What is a firewall? firewall = wall to protect against fire propagation

Firewall and IDS/IPS What is a firewall? firewall = wall to protect against fire propagation controlled connection between networks at different security levels = boundary protection ( L1 > L2 ) network at network at security

1.07k views • 67 slides
Sophos XG Firewall IP Partners ICT Systems & Services www.ippartners.gr XG Firewall

Sophos XG Firewall IP Partners ICT Systems & Services www.ippartners.gr XG Firewall

Sophos XG Firewall IP Partners ICT Systems & Services www.ippartners.gr XG Firewall Overview Todays top firewall problems What IT managers say about their existing firewall Firewall Satisfaction Survey (Spiceworks 2017) Top

548 views • 52 slides
Control of large-scale systems with applications to water distribution and road traffic networks

Control of large-scale systems with applications to water distribution and road traffic networks

MPC Distributed MPC MPC for water networks Multi-level MPC Road networks Summary Control of large-scale systems with applications to water distribution and road traffic networks Bart De Schutter, Andreas Hegyi, Rudy Negenborn, Solomon

1.52k views • 94 slides
Communication Networks and Services Quality of Service (QoS) - Identify traffic flows - Mark

Communication Networks and Services Quality of Service (QoS) - Identify traffic flows - Mark

Communication Networks and Services Quality of Service (QoS) - Identify traffic flows - Mark traffic flows - Police and shape traffic - Apply priority (managed scheduling) 1 Open-Loop Control / QoS Model Network performance is guaranteed to

408 views • 24 slides
Traffic Measurement and Analysis of Building Automation and Control Networks Radek Krej,

Traffic Measurement and Analysis of Building Automation and Control Networks Radek Krej,

Traffic Measurement and Analysis of Building Automation and Control Networks Radek Krej, Pavel eleda, Jakub Dobrovoln rkrejci@cesnet.cz, {celeda|dobrovolny}@ics.muni.cz AIMS 2012 - 6th International Conference on Autonomous

723 views • 35 slides
Combination of Traffic-Responsive and Gating Control in Urban Networks: Effective Interactions

Combination of Traffic-Responsive and Gating Control in Urban Networks: Effective Interactions

Combination of Traffic-Responsive and Gating Control in Urban Networks: Effective Interactions Mehdi Keyvan-Ekbatani, Xueyu Gao, Vikash Gayah, Victor Knoop Challenge the future 1 Main Contributions Compared the impact s of adapt ive

296 views • 17 slides
Firewall Architectures for High-Speed Networks Errin W. Fulp DOE Network Research PI Meeting

Firewall Architectures for High-Speed Networks Errin W. Fulp DOE Network Research PI Meeting

Firewall Architectures for High-Speed Networks Errin W. Fulp DOE Network Research PI Meeting September 28, 2005 1 Project Objectives Methods that improve network firewall performance 1. Develop policy optim ization techniques Formal

221 views • 9 slides
Transbay Transit Center TG05.4R Traffic Control Package TG05.4R Traffic Control Request for

Transbay Transit Center TG05.4R Traffic Control Package TG05.4R Traffic Control Request for

Transbay Transit Center TG05.4R Traffic Control Package TG05.4R Traffic Control Request for Proposal (RFP) Package Overview Negotiated General Traffic Control & Engineering Services for Overall Project Traffic Control &

393 views • 15 slides
1 Four general techniques: Design goals: All traffic from inside to outside must pass

1 Four general techniques: Design goals: All traffic from inside to outside must pass

Firewall Design Principles Firewall Characteristics Types of Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for these slides . Fall 2008 CS 334: Computer Security 1

546 views • 5 slides
Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between

Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between

Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between NGFW and classic firewalls: Classic Firewall Next Generation Firewall Traffic filtering using Port, IP, and protocol Supported Supported VPN

533 views • 25 slides
Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between

Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between

Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between NGFW and classic firewalls: Classic Firewall Next Generation Firewall Traffic filtering using Port, IP, and protocol Supported Supported VPN

1.23k views • 26 slides
Firewall What is it? Do we need one? Oxford Hills School District March 5, 2018 What is a

Firewall What is it? Do we need one? Oxford Hills School District March 5, 2018 What is a

Firewall What is it? Do we need one? Oxford Hills School District March 5, 2018 What is a firewall? Term first used in 1851 Henry Ford used them to protect passengers from engine fires, smoke and heat. Computer networks: a part of a

500 views • 21 slides
PDE Backstepping Control Traffic Congestion Control: of Congested Traffic A PDE Backstepping

PDE Backstepping Control Traffic Congestion Control: of Congested Traffic A PDE Backstepping

PDE Backstepping Control Traffic Congestion Control: of Congested Traffic A PDE Backstepping Perspective Miroslav Krstic (with Huan Yu) Mud pump From Mud Pit Harder: PT Oil Drilling Mud-assisted drilling u c helps take cuttings away +

935 views • 46 slides
Image Recognition Traffic Patterns for Wireless Multimedia Sensor Networks Wireless Multimedia

Image Recognition Traffic Patterns for Wireless Multimedia Sensor Networks Wireless Multimedia

Image Recognition Traffic Patterns for Wireless Multimedia Sensor Networks Wireless Multimedia Sensor Network Application Areas: Multimedia Surveillance Sensor Networks Advance Health Care Delivery Traffic Control Systems

246 views • 10 slides
Insights from Some Studies on Control in Traffic Networks Srinivas Peeta Georgia Institute of

Insights from Some Studies on Control in Traffic Networks Srinivas Peeta Georgia Institute of

Insights from Some Studies on Control in Traffic Networks Srinivas Peeta Georgia Institute of Technology peeta@gatech.edu 1 Transportation Ecosystem Infrastructure Human Vehicle 2 Transportation System Supply Demand Technology 3

882 views • 13 slides
Adaptive and Proactive Security Assessment on Energy Delivery Systems Carlos Rubio-Medrano, Vu

Adaptive and Proactive Security Assessment on Energy Delivery Systems Carlos Rubio-Medrano, Vu

Adaptive and Proactive Security Assessment on Energy Delivery Systems Carlos Rubio-Medrano, Vu Coughlin , Josephine Lamp, Ziming Zhao, Gail-Joon Ahn and Anna Scaglione Outline Activity Current/ OntoEDS ExSol EDSGuard Refresher Future Work

1.38k views • 41 slides
A seman(c firewall for Content Centric Networking IFIP/IEEE

A seman(c firewall for Content Centric Networking IFIP/IEEE

A seman(c firewall for Content Centric Networking IFIP/IEEE Integrated Network Management Symposium (IM 2013) - MC2: Security Management and Recovery May 27 - 31, 2013 David Goergen Thibault Cholez Jrme

665 views • 39 slides
Fast and Scalable Method for Resolving Anomalies in Firewall Policies Hassan Gobjua

Fast and Scalable Method for Resolving Anomalies in Firewall Policies Hassan Gobjua

Fast and Scalable Method for Resolving Anomalies in Firewall Policies Hassan Gobjua Kamal Ahmat Verizon City University of New York Introduction Firewalls Types of Anomalies Related

380 views • 21 slides
Firewalls Summary Brief History of Firewalls What is a Firewall? Why Firewalls?

Firewalls Summary Brief History of Firewalls What is a Firewall? Why Firewalls?

Firewalls Summary Brief History of Firewalls What is a Firewall? Why Firewalls? Network Address Translation Types of Firewalls Linux/Windows Firewalls pfSense Blue Team Activity Brief History Firewall

348 views • 30 slides
GASPP: A GPU-Accelerated Stateful Packet Processing Framework

GASPP: A GPU-Accelerated Stateful Packet Processing Framework

GASPP: A GPU-Accelerated Stateful Packet Processing Framework Giorgos Vasiliadis, FORTH-ICS, Greece Lazaros Koromilas, FORTH-ICS, Greece Michalis Polychronakis,

949 views • 56 slides
Firewalls Chester Rebeiro IIT Madras Some of the slides borrowed from the book Computer

Firewalls Chester Rebeiro IIT Madras Some of the slides borrowed from the book Computer

Firewalls Chester Rebeiro IIT Madras Some of the slides borrowed from the book Computer Security: A Hands on Approach by Wenliang Du Firewall Block unauthorized traffic flowing from one network to another Separate trusted and

898 views • 58 slides
Composition of SDN applications: Options/challenges for real implementations Arne Schwabe Pedro

Composition of SDN applications: Options/challenges for real implementations Arne Schwabe Pedro

Composition of SDN applications: Options/challenges for real implementations Arne Schwabe Pedro A. Aranda Gutirrez Holger Karl Computer Networks Group Universitt Paderborn Modernizing the setup Simple standard network setup

409 views • 21 slides
Firewalls 1 Outline What are firewalls? Types of Firewalls Building a simple

Firewalls 1 Outline What are firewalls? Types of Firewalls Building a simple

Firewalls 1 Outline What are firewalls? Types of Firewalls Building a simple firewall using Netfilter Iptables firewall in Linux Stateful Firewall Application Firewall Evading Firewalls 2 Firewalls

811 views • 55 slides

More recommend