Firewall (Repaired)
Firewall (Repaired)
Firewall (Repaired)
Henric Johnson 1
Firewalls
Henric Johnson 2
Here’s an example:
Filtering
Stateful Stateless
A web server is sitting behind a firewall, it’s a busy server that accepts an average of 20
new TCP connections per second from different IP addresses.
The firewall keeps track of all connections, once it sees a source IP address that is
requesting more than 10 new TCP connections per second, it will drop all traffic from this
source IP address, preventing a DoS (Denial of Service).
Above we have two security zones:
INSIDE: this is our LAN
OUTSIDE: this is our WAN
The interfaces have been assigned to the correct security zone. These zones have two simple rules:
Traffic from a “high” security level to a “lower” security level is permitted.
Traffic from a “low” security level to a “higher” security level is denied.
Our LAN is our trusted network, which would have a high security level. The WAN is untrusted so it will
have a low security level. This means that traffic from our LAN > WAN will be permitted. Traffic from the
WAN to our LAN will be denied. Since the firewall is stateful, it keeps track of outgoing connections and
will permit the return traffic from our LAN.
Traffic from INSIDE to OUTSIDE is permitted.
Traffic from INSIDE to DMZ is permitted.
Traffic from DMZ to OUTSIDE is permitted.
Traffic from DMZ to INSIDE is denied.
Traffic from OUTSIDE to DMZ is denied.
Traffic from OUTSIDE to INSIDE is denied.
To ensure traffic from the OUTSIDE is able to reach the servers in the DMZ, we will use an access-list
that only permits traffic to the IP address (and port numbers) that the servers in the DMZ use. This
setup is very secure, if one of your servers in the DMZ gets hacked, your INSIDE network will still be
secure.
Firewall Design
Principles
The firewall is inserted between the
premises network and the Internet
Aims:
Establish a controlled link
Protect the premises network from
Internet-based attacks
Provide a single choke point
Henric Johnson 8
Firewall Characteristics
Design goals:
All traffic from inside to outside must
pass through the firewall (physically
blocking all access to the local network
except via the firewall)
Only authorized traffic (defined by the
local security police) will be allowed to
pass
Henric Johnson 9
Firewall Characteristics
Design goals:
The firewall itself is immune to
penetration (use of trusted system with
a secure operating system)
Henric Johnson 10
Firewall Characteristics
Henric Johnson 11
Firewall Characteristics
User control
Controls access to a service according to
which user is attempting to access it
Behavior control
Controls how particular services are
used (e.g. filter e-mail)
Henric Johnson 12
Types of Firewalls
Packet-filtering Router
Henric Johnson 13
Types of Firewalls
Packet-filtering Router
Applies a set of rules to each incoming
IP packet and then forwards or discards
the packet
Filter packets going in both directions
The packet filter is typically set up as a
list of rules based on matches to fields
in the IP or TCP header
Two default policies (discard or forward)
Henric Johnson 14
Types of Firewalls
Advantages:
Simplicity
Transparency to users
High speed
Disadvantages:
Difficulty of setting up packet filter
rules
Lack of Authentication
Henric Johnson 15
Types of Firewalls
Henric Johnson 17
Types of Firewalls
Application-level Gateway
Henric Johnson 18
Types of Firewalls
Application-level Gateway
Also called proxy server
Acts as a relay of application-level
traffic
Henric Johnson 20
Types of Firewalls
Advantages:
Higher security than packet filters
Only need to scrutinize a few allowable
applications
Easy to log and audit all incoming traffic
Disadvantages:
Additional processing overhead on each
connection (gateway as splice point)
Henric Johnson 21
Types of Firewalls
Circuit-level Gateway
Henric Johnson 23
Types of Firewalls
The main disadvantage is that unless it is combined with some other form
of filtering, any type of data requested from inside the firewall will be
allowed though.