using a firewall to control traffic in networks
play

Using a firewall to control traffic in networks 1 Example Network - PowerPoint PPT Presentation

Jan 11, 2024 •556 likes •708 views

Using a firewall to control traffic in networks 1 Example Network .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 2 Firewall

  1. Using a firewall to control traffic in networks 1

  2. Example Network .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 2

  3. Firewall on 1.1.1.12 .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 3

  4. Block Ping .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 4

  5. Block Ping IN: protocol=ICMP; action=DROP OUT: protocol=ICMP; action=DROP .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 5

  6. Firewall contains rules ● Each packet is checked against firewall rules ● If conditions in rule are true then perform action on that packet (eg. DROP, ACCEPT) ● If no rules match, then perform default action ● Multiple rules are combined to create a table 6

  7. Firewall on Router Ra .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 7

  8. Block Access to SSH Server on .11 .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 8

  9. Block Access to SSH Server on .11 .35 .12 .36 .11 3.3.3.0/24 FORWARD: Dst=1.1.1.11; Protocol=TCP; DstPort=22; 1.1.1.0/24 Action=DROP Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 9

  10. Firewall can have different rules ● INPUT: Applies only to packets destined to this computer ● OUTPUT: Applies only to packets created by this computer ● FORWARD: Applies only to packets going through this computer ● These are called chains 10

  11. Block Access to Web Servers on Network 3.3.3.0/24 for .12 .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 11

  12. Block Access to Web Servers on Network 3.3.3.0/24 for .12 .35 .12 .36 .11 3.3.3.0/24 FORWARD: Src=1.1.1.12; Dst=3.3.3.0/24; Protocol=TCP; 1.1.1.0/24 DstPort=80; Action=DROP Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 12

  13. Firewall Rules Viewed as Table Firewall table for FORWARD: Rule Source Dest. Protocol Action 1 * 1.1.1.11:22 TCP DROP 2 1.1.1.12:* 3.3.3.0/24:80 TCP DROP Default * * * ACCEPT When packet arrives at firewall, rules are checked row-by-row. If a rule matches, the ACTION is taken and no further rules are checked. Separate tables for INPUT, OUTPUT and FORWARD chains. 13

Recommend

Firewalls in FreeBSD and OpenBSD What is firewall? firewall is a method of protecting hosts

Firewalls in FreeBSD and OpenBSD What is firewall? firewall is a method of protecting hosts

Firewalls in FreeBSD and OpenBSD What is firewall? firewall is a method of protecting hosts and networks connected to other hosts and networks against attacks from the outside and from the inside. a firewall is a network security system

440 views • 30 slides
Firewall and IDS/IPS What is a firewall? firewall = wall to protect against fire propagation

Firewall and IDS/IPS What is a firewall? firewall = wall to protect against fire propagation

Firewall and IDS/IPS What is a firewall? firewall = wall to protect against fire propagation controlled connection between networks at different security levels = boundary protection ( L1 > L2 ) network at network at security

1.07k views • 67 slides
Sophos XG Firewall IP Partners ICT Systems & Services www.ippartners.gr XG Firewall

Sophos XG Firewall IP Partners ICT Systems & Services www.ippartners.gr XG Firewall

Sophos XG Firewall IP Partners ICT Systems & Services www.ippartners.gr XG Firewall Overview Todays top firewall problems What IT managers say about their existing firewall Firewall Satisfaction Survey (Spiceworks 2017) Top

548 views • 52 slides
Control of large-scale systems with applications to water distribution and road traffic networks

Control of large-scale systems with applications to water distribution and road traffic networks

MPC Distributed MPC MPC for water networks Multi-level MPC Road networks Summary Control of large-scale systems with applications to water distribution and road traffic networks Bart De Schutter, Andreas Hegyi, Rudy Negenborn, Solomon

1.52k views • 94 slides
Communication Networks and Services Quality of Service (QoS) - Identify traffic flows - Mark

Communication Networks and Services Quality of Service (QoS) - Identify traffic flows - Mark

Communication Networks and Services Quality of Service (QoS) - Identify traffic flows - Mark traffic flows - Police and shape traffic - Apply priority (managed scheduling) 1 Open-Loop Control / QoS Model Network performance is guaranteed to

408 views • 24 slides
Traffic Measurement and Analysis of Building Automation and Control Networks Radek Krej,

Traffic Measurement and Analysis of Building Automation and Control Networks Radek Krej,

Traffic Measurement and Analysis of Building Automation and Control Networks Radek Krej, Pavel eleda, Jakub Dobrovoln rkrejci@cesnet.cz, {celeda|dobrovolny}@ics.muni.cz AIMS 2012 - 6th International Conference on Autonomous

723 views • 35 slides
Combination of Traffic-Responsive and Gating Control in Urban Networks: Effective Interactions

Combination of Traffic-Responsive and Gating Control in Urban Networks: Effective Interactions

Combination of Traffic-Responsive and Gating Control in Urban Networks: Effective Interactions Mehdi Keyvan-Ekbatani, Xueyu Gao, Vikash Gayah, Victor Knoop Challenge the future 1 Main Contributions Compared the impact s of adapt ive

296 views • 17 slides
Firewall Architectures for High-Speed Networks Errin W. Fulp DOE Network Research PI Meeting

Firewall Architectures for High-Speed Networks Errin W. Fulp DOE Network Research PI Meeting

Firewall Architectures for High-Speed Networks Errin W. Fulp DOE Network Research PI Meeting September 28, 2005 1 Project Objectives Methods that improve network firewall performance 1. Develop policy optim ization techniques Formal

221 views • 9 slides
Transbay Transit Center TG05.4R Traffic Control Package TG05.4R Traffic Control Request for

Transbay Transit Center TG05.4R Traffic Control Package TG05.4R Traffic Control Request for

Transbay Transit Center TG05.4R Traffic Control Package TG05.4R Traffic Control Request for Proposal (RFP) Package Overview Negotiated General Traffic Control & Engineering Services for Overall Project Traffic Control &

393 views • 15 slides
1 Four general techniques: Design goals: All traffic from inside to outside must pass

1 Four general techniques: Design goals: All traffic from inside to outside must pass

Firewall Design Principles Firewall Characteristics Types of Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for these slides . Fall 2008 CS 334: Computer Security 1

546 views • 5 slides
Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between

Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between

Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between NGFW and classic firewalls: Classic Firewall Next Generation Firewall Traffic filtering using Port, IP, and protocol Supported Supported VPN

533 views • 25 slides
Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between

Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between

Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between NGFW and classic firewalls: Classic Firewall Next Generation Firewall Traffic filtering using Port, IP, and protocol Supported Supported VPN

1.23k views • 26 slides
Firewall What is it? Do we need one? Oxford Hills School District March 5, 2018 What is a

Firewall What is it? Do we need one? Oxford Hills School District March 5, 2018 What is a

Firewall What is it? Do we need one? Oxford Hills School District March 5, 2018 What is a firewall? Term first used in 1851 Henry Ford used them to protect passengers from engine fires, smoke and heat. Computer networks: a part of a

500 views • 21 slides
PDE Backstepping Control Traffic Congestion Control: of Congested Traffic A PDE Backstepping

PDE Backstepping Control Traffic Congestion Control: of Congested Traffic A PDE Backstepping

PDE Backstepping Control Traffic Congestion Control: of Congested Traffic A PDE Backstepping Perspective Miroslav Krstic (with Huan Yu) Mud pump From Mud Pit Harder: PT Oil Drilling Mud-assisted drilling u c helps take cuttings away +

935 views • 46 slides
Image Recognition Traffic Patterns for Wireless Multimedia Sensor Networks Wireless Multimedia

Image Recognition Traffic Patterns for Wireless Multimedia Sensor Networks Wireless Multimedia

Image Recognition Traffic Patterns for Wireless Multimedia Sensor Networks Wireless Multimedia Sensor Network Application Areas: Multimedia Surveillance Sensor Networks Advance Health Care Delivery Traffic Control Systems

246 views • 10 slides
Insights from Some Studies on Control in Traffic Networks Srinivas Peeta Georgia Institute of

Insights from Some Studies on Control in Traffic Networks Srinivas Peeta Georgia Institute of

Insights from Some Studies on Control in Traffic Networks Srinivas Peeta Georgia Institute of Technology peeta@gatech.edu 1 Transportation Ecosystem Infrastructure Human Vehicle 2 Transportation System Supply Demand Technology 3

882 views • 13 slides
Parallel Firewall Designs for High-Speed Networks Ryan J. Farley WAKE FOREST US Department of

Parallel Firewall Designs for High-Speed Networks Ryan J. Farley WAKE FOREST US Department of

Wake Forestp pComputer Science + DOE MICS Parallel Firewall Designs for High-Speed Networks 1 Parallel Firewall Designs for High-Speed Networks Ryan J. Farley WAKE FOREST US Department of Energy U N I V E R S I T Y Computer Science Network

1.21k views • 49 slides
Reconfiguration of Traffic Reconfiguration of Traffic Grooming Optical Networks Grooming Optical

Reconfiguration of Traffic Reconfiguration of Traffic Grooming Optical Networks Grooming Optical

Reconfiguration of Traffic Reconfiguration of Traffic Grooming Optical Networks Grooming Optical Networks Ruhiyyih Mahalati and Rudra Dutta Computer Science, North Carolina State University This research was supported in part by NSF grant #

299 views • 28 slides
Per-AS traffic stats for BGP Traffic Engineering by Manuel Kasper, Monzoon Networks AG

Per-AS traffic stats for BGP Traffic Engineering by Manuel Kasper, Monzoon Networks AG

Per-AS traffic stats for BGP Traffic Engineering by Manuel Kasper, Monzoon Networks AG mkasper@monzoon.net Background Monzoon ended up with 4 different IP transit links not all with the same CIR suboptimal traffic distribution

612 views • 17 slides
Network Security: Continued CS 236 On-Line MS Program Networks and Systems Security Peter

Network Security: Continued CS 236 On-Line MS Program Networks and Systems Security Peter

Network Security: Continued CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 10 Page 1 CS 236 Online Firewall Configuration and Administration Again, the firewall is the point of attack for intruders

375 views • 16 slides
Secure your Networks with the Opensource Firewall pfSense hagen.bauer@rusticus-consulting.de

Secure your Networks with the Opensource Firewall pfSense hagen.bauer@rusticus-consulting.de

Secure your Networks with the Opensource Firewall pfSense hagen.bauer@rusticus-consulting.de Agenda About me Why something new? My provider gave me a fjrewall. What exactly is pfSense? Its an easy start More complex

512 views • 35 slides
Lecture 18: Congestion Control in Data Center Networks 1 Overview Why is the problem

Lecture 18: Congestion Control in Data Center Networks 1 Overview Why is the problem

Lecture 18: Congestion Control in Data Center Networks 1 Overview Why is the problem different from that in the Internet? What are possible solutions? 2 DC Traffic Patterns In-cast applications Client send queries to servers

992 views • 39 slides
Panta Rhei More Quality of Traffic by centralized or decentralized Control ?! Heraclitus All

Panta Rhei More Quality of Traffic by centralized or decentralized Control ?! Heraclitus All

Panta Rhei More Quality of Traffic by centralized or decentralized Control ?! Heraclitus All things are in (540 480 B.C.) constant flux Prof. Dr.-Ing. Dr. h. c. E. Schnieder Overview Traffic System view Control arrangements and

805 views • 42 slides
Firewalls What is a firewall? A machine to protect a network from malicious external

Firewalls What is a firewall? A machine to protect a network from malicious external

Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits between a LAN/WAN and the Internet Running special software to regulate network traffic Lecture 9 Page 1

602 views • 29 slides

More recommend