Firewalls Technologies and Administration
Are control devices that can restrict internal users from unlimited access to the Internet.
Application proxies:
Another type of firewall protection ,also known as proxy server.
Application-Level Gateways:
Another approach,it operates at the Transport Layer ,and is different from both packet-filtering firewalls and application-level gateways .
Circuit-Level Gateways:
Every firewall should be configured to provide information to the network administrator in the form of log files.
Enabling an Audit Trail:
Is not necessarily a single router, computer,VPN gateway,or software program.Is a combination of multiple software and hardware components and is designed for a number of crucial security tasks.Restrict traffic between networks.Provides checkpoints for all activities can be directed to it.Records network activity,in cases of abuse or intrusion,they can reveal the who,when ,and how of network traffic.
Firewall
Looks at network communication to or from the system on which it's installed.
Firewall software:
Are stand-alone ,self-contained combinations of computing hardware and sofware.
Firewalls Appliances:
A commercial -grade firewall system consist of application software that is configured for the firewall application and runs on a general-purpose computer.
Firewalls Systems:
recognize the malicious attacks and prevent this type of attacks from leaving your network.
Firewalls can be configured to:
Performing two basic functions:Packet Filter(firewall determine whether allow or deniy the passage of packets of digital information ,based on established security policy rules.)Application proxy(breaking the IP flow between the network being protected and the network outside.
How Firewalls Works?
Is the falsification of the source IP address in packet's header to appears to come from a legitimate sender.
IP spoofing:
Is the key function of any firewall.
Packet Filtering Firewall:
Which virtually all firewalls do, protects networks from port scanning and other types of attacks.
Packet Filtering:
Is a boundary between two zones of trust.
Perimeter
Also centralizes security for the organization it protects.
Perimeter Firewall
It enables you to set up a checkpoint where you can block attacks and malware before they pass the perimeter.
Placing the firewall at the perimeter has one obvious benefit:
Work like apartment numbers in that they allow many network services to share a network address.
Ports:
It is sometimes easier to protect a network from the Internet than from an inside attack ,because inside users could exploit security tools to conduct attacks against other organizations from your network.
Preventing Malicious Traffic from leaving the Network:
In order to provide true defense in depth ,organizations deploy firewalls to segment networks within the organization.
Protecting Critical Resources:
A firewall's primary job is to keep the viruses from infecting files and prevent Trojan horses from entering the system through hidden openings called backdoors.Regulate which packets of information can enter the network.
Protecting a System
Firewalls affect the transmission packets based on the protocols used. IP control the overall flow of IP traffic through your network. ICMP(Internet Control Message Protocol),the danger is that ICMP packets can be filled with false information that trick your host into redirecting or stopping communications.UDP(User Data Protocol)Handles the addressing of a message without error-checking or waiting for an aknowledgement that the message has been recieved.
Protocols:
The process of logging in to a server with credentials before being allowed access to protected information.
Providing for Authentication:
The most obvious goal of a firewall is to regulate which packets of information can enter the network.As a professional network administrator or security expert , you need to become familiar with:firewalls that function as checkpoints,protecting large companies or other organizations from outside attackers and thieves.
Restricting access to the Network
Is an examination of the data contained in the packet to the connection between external and internal computer.
Stateful Packet-Filtering Firewalls:
Ignores the state of the connection between the internal computer and the external computer.
Stateless Packet-Filtering Firewalls:
