Firewalls

What are they and what do they (not) do?

Firewalls

• What is a firewall?– A firewall is any mechanism that acts to restrict

access to a network according to a set of defined rules.

– Function as “front doors” to a network.

Firewalls

• How do they work?– By inspecting traffic that travels across/through

them according to the policy that’s been set.

Firewalls

• How are they set up?– Act as a go-between for any two given

networks

The Internet

Firewall

Your Network

Have Rules been met?

Yes? You can go.

No, you can’t.

Firewalls

– Two main types• Routing based filters

– From where did you come?

– Where are you going?

– Don’t care what you do once you get there.

• Content based filters– What are you trying to do?

– Not as common as Routing based because it’s harder to implement successfully

– Steps have been taken to create hybrids

Firewalls

• Two ways to approach the rule sets:– Allow all except what is defined as unwanted

• Place roadblocks/watch gates along a wide open road.

– Deny all except what is defined as wanted• Build a wall and carve paths for everyone you like.

Firewalls

• Problems:– Firewalls as filters can be considered for most

part to be infallible... but as a security measure? They can only enforce rules (generally static)

The Internet

FirewallYour Network

Firewalls

• “Crunchy on the outside, but soft and chewy on the inside.”

Your network

Your firewall

The Internet

Your hacker

Your trusted friends who aren’t security

aware

Step 1

Step 2

Firewalls

• Conclusions– People don’t just put up a thick front door for

their sensitive belongings, you shouldn’t for your network either.

– Firewalls are an effective start to securing a network. Not a finish.

– Care must be taken to construct an appropriate set of rules that will enforce your policy.