Chapter 15: Firewall Concepts

ATHENA

Objective

 What is firewall?  Functions of Firewall  What is IDS ?  Functions of IDS

ATHENA

Function of Firewall

 Protecting data and network resources is critical to successful e-business.

 Firewalls are mandatory network security devices.

 When connecting to the Internet, you need a firewall in every location with

Internet access.

ATHENA

Firewalls provide: • Access Control • Authentication • VPN • Network Segmentation • DoS protection and some network layer attack detection • Recording Syslog

Location of Firewall

Internet

Router

outside

dmz Firewall

inside

Switch

Syslog Server RAS

ATHENA

Switch

Some Firewall Types

CISCO PIX FIREWALL

1 – Pix Firewall 501

2 – Pix Firewall 506E

3 – Pix Firewall 515E

4 – Pix Firewall 525

5 – Pix Firewall 535

ATHENA

INTRUSION DETECTION & PREVENTION SYSTEM OVERVIEW

1 – Function

2 – Location of IDP

ATHENA

Function

Functions

Intrusion Detection & Prevention (IDP) system is designed as dedicated devices for comprehensive intrusion detection, dropping and prevention:

 Detects and Prevents intrusions

 Prevents attacks before it is too late

 Multiple response mechanisms

 Allow the user to decide how to respond to individual attacks

ATHENA

Location of IDP

HR  Servers

Users

Finance Servers

Web Server

Mail Server

User

d

e

R

e

d

o

C

Firewall

Firewall

SPAN

Protected network Internet LAN Switch

IDP Attacker Victim Mail Server

ATHENA

LAN

Summary

 Firewall  IDS/IDP

ATHENA