Lec 8: Firewall (Dinding Berapi)

Introduction

Firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all (in and out) computer traffic between different security domains based upon a set of rules and other criteria.

Firewalls can be implemented in either hardware or software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intra nets. All messages entering or leaving the intra net pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

There are several types of firewall techniques:

1. Packet filter: Packet filtering inspects each packet passing through the network and accepts or rejects it based on user-defined rules. Although difficult to configure, it is fairly effective and mostly transparent to its users. In addition, it is susceptible to IP spoofing.





2. Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.


3. Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.

4. Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.



Firewall hosting

• 1. Bastion host = single firewall that cover a network territory


• 2. Host-base = single firewall protect a single workstation/server

Virtual Private Networks (VPNs)

• In essence, a VPN consists of a set of computers that interconnect by means of a relatively unsecure network.
• Use of a public network exposes corporate traffic to eavesdropping and provides an entry point for unauthorized users. To counter this problem, a VPN is needed.
• In essence, a VPN uses encryption and authentication in the lower protocol layers to provide a secure connection through an otherwise insecure network, typically the Internet.
• VPNs are generally cheaper than real private networks using private lines but rely on having the same encryption and authentication system at both ends.
• The encryption may be performed by firewall software or possibly by routers.
• The most common protocol mechanism used for this purpose is at the IP level and is known as IPSec.

Distributed firewall

• A distributed firewall configuration involves standalone firewall devices plus host-based firewalls, personal firewall working together under a central administrative control.

• Administrators can configure host-resident firewalls on hundreds of servers and workstation as well as configuring personal firewalls on local and remote user systems. Tools let the network administrator set policies and monitor security across the entire network.