Video Converter
Audio Converter
Image Converter
PDF Converter
File Compressor
using a firewall to control traffic in networks

Using a firewall to control traffic in networks 1 Example Network - PowerPoint PPT Presentation

Jan 11, 2024 •556 likes •711 views

Using a firewall to control traffic in networks 1 Example Network .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 2 Firewall

  1. Using a firewall to control traffic in networks 1

  2. Example Network .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 2

  3. Firewall on 1.1.1.12 .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 3

  4. Block Ping .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 4

  5. Block Ping IN: protocol=ICMP; action=DROP OUT: protocol=ICMP; action=DROP .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 5

  6. Firewall contains rules ● Each packet is checked against firewall rules ● If conditions in rule are true then perform action on that packet (eg. DROP, ACCEPT) ● If no rules match, then perform default action ● Multiple rules are combined to create a table 6

  7. Firewall on Router Ra .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 7

  8. Block Access to SSH Server on .11 .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 8

  9. Block Access to SSH Server on .11 .35 .12 .36 .11 3.3.3.0/24 FORWARD: Dst=1.1.1.11; Protocol=TCP; DstPort=22; 1.1.1.0/24 Action=DROP Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 9

  10. Firewall can have different rules ● INPUT: Applies only to packets destined to this computer ● OUTPUT: Applies only to packets created by this computer ● FORWARD: Applies only to packets going through this computer ● These are called chains 10

  11. Block Access to Web Servers on Network 3.3.3.0/24 for .12 .35 .12 .36 .11 3.3.3.0/24 1.1.1.0/24 Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 11

  12. Block Access to Web Servers on Network 3.3.3.0/24 for .12 .35 .12 .36 .11 3.3.3.0/24 FORWARD: Src=1.1.1.12; Dst=3.3.3.0/24; Protocol=TCP; 1.1.1.0/24 DstPort=80; Action=DROP Rd .1 Ra .4.1 .4.4 1.1.0.0/16 Rc 2.2.2.0/24 .1 .4.2 .1 .23 Rb .47 Re .15.6 .99 1.1.2.0/24 4.4.4.0/24 .24 12

  13. Firewall Rules Viewed as Table Firewall table for FORWARD: Rule Source Dest. Protocol Action 1 * 1.1.1.11:22 TCP DROP 2 1.1.1.12:* 3.3.3.0/24:80 TCP DROP Default * * * ACCEPT When packet arrives at firewall, rules are checked row-by-row. If a rule matches, the ACTION is taken and no further rules are checked. Separate tables for INPUT, OUTPUT and FORWARD chains. 13

Recommend

Sophos XG Firewall IP Partners ICT Systems & Services www.ippartners.gr XG Firewall

Sophos XG Firewall IP Partners ICT Systems & Services www.ippartners.gr XG Firewall

Sophos XG Firewall IP Partners ICT Systems & Services www.ippartners.gr XG Firewall Overview Todays top firewall problems What IT managers say about their existing firewall Firewall Satisfaction Survey (Spiceworks 2017) Top

552 views • 52 slides
Firewall and IDS/IPS What is a firewall? firewall = wall to protect against fire propagation

Firewall and IDS/IPS What is a firewall? firewall = wall to protect against fire propagation

Firewall and IDS/IPS What is a firewall? firewall = wall to protect against fire propagation controlled connection between networks at different security levels = boundary protection ( L1 > L2 ) network at network at security

1.07k views • 67 slides
Firewalls in FreeBSD and OpenBSD What is firewall? firewall is a method of protecting hosts

Firewalls in FreeBSD and OpenBSD What is firewall? firewall is a method of protecting hosts

Firewalls in FreeBSD and OpenBSD What is firewall? firewall is a method of protecting hosts and networks connected to other hosts and networks against attacks from the outside and from the inside. a firewall is a network security system

447 views • 30 slides
Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between

Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between

Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between NGFW and classic firewalls: Classic Firewall Next Generation Firewall Traffic filtering using Port, IP, and protocol Supported Supported VPN

1.24k views • 26 slides
Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between

Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between

Palo Alto Firewall What are next generation firewalls and how do they operate? Difference between NGFW and classic firewalls: Classic Firewall Next Generation Firewall Traffic filtering using Port, IP, and protocol Supported Supported VPN

539 views • 25 slides
Firewalls 1 Outline What are firewalls? Types of Firewalls Building a simple

Firewalls 1 Outline What are firewalls? Types of Firewalls Building a simple

Firewalls 1 Outline What are firewalls? Types of Firewalls Building a simple firewall using Netfilter Iptables firewall in Linux Stateful Firewall Application Firewall Evading Firewalls 2 Firewalls

816 views • 55 slides
Transbay Transit Center TG05.4R Traffic Control Package TG05.4R Traffic Control Request for

Transbay Transit Center TG05.4R Traffic Control Package TG05.4R Traffic Control Request for

Transbay Transit Center TG05.4R Traffic Control Package TG05.4R Traffic Control Request for Proposal (RFP) Package Overview Negotiated General Traffic Control & Engineering Services for Overall Project Traffic Control &

400 views • 15 slides
Traffic Shaping, Traffic Policing Peter Puschner, Institut fr Technische Informatik Traffic

Traffic Shaping, Traffic Policing Peter Puschner, Institut fr Technische Informatik Traffic

Traffic Shaping, Traffic Policing Peter Puschner, Institut fr Technische Informatik Traffic Shaping, Traffic Policing Enforce compliance of traffic to a given traffic profile (e.g., rate limiting) By delaying or dropping certain

392 views • 11 slides
Traffic signal optimization and traffic assignment Traffic signals Traffic signal optimization

Traffic signal optimization and traffic assignment Traffic signals Traffic signal optimization

Dagstuhl, October 2015 Traffic Signals and User Equilibria Martin Strehler , Ekkehard K ohler BTU Cottbus-Senftenberg { martin.strehler,ekkehard.koehler } @b-tu.de Traffic signal optimization and traffic assignment Traffic signals Traffic

581 views • 55 slides
Lane ESD Technology Services Core Firewall Overview Districts Behind Firewall Blachly

Lane ESD Technology Services Core Firewall Overview Districts Behind Firewall Blachly

Lane ESD Technology Services Core Firewall Overview Districts Behind Firewall Blachly Creswell Crow-Applegate-Lorane Fern Ridge Junction City Lowell Mapleton Screened, but exempt from policies Marcola

540 views • 15 slides
Firewall vs. Scrambling 2 1 Review of Firewall argument Review of Hayden-Preskill 4 3

Firewall vs. Scrambling 2 1 Review of Firewall argument Review of Hayden-Preskill 4 3

Firewall vs. Scrambling 2 1 Review of Firewall argument Review of Hayden-Preskill 4 3 State-independent interior operators Interior operator from HP recovery 6 5 Resolution of the puzzle Effect of infalling observer 7 Discussions Beni

1.61k views • 106 slides
Overview Firewall Security Perimeter Security Devices H/W vs. S/W Packet Filtering vs.

Overview Firewall Security Perimeter Security Devices H/W vs. S/W Packet Filtering vs.

Overview Firewall Security Perimeter Security Devices H/W vs. S/W Packet Filtering vs. Stateful Inspection Firewall Topologies Chapter 8 Firewall Rulebases Lecturer: Pei-yih Ting 1 2 Perimeter Security Devices Routers

294 views • 7 slides
FIREMAN: A Toolkit for FIREwall Modeling and ANalysis Michael Lin All about firewalls A

FIREMAN: A Toolkit for FIREwall Modeling and ANalysis Michael Lin All about firewalls A

FIREMAN: A Toolkit for FIREwall Modeling and ANalysis Michael Lin All about firewalls A firewall is only as good as its configuration Big deal, it should be easy to configure a firewall, right? Basically... no. A Quantitative

515 views • 14 slides
Java Card Applet Firewall Java Card Applet Firewall Exploration and Exploitation Exploration and

Java Card Applet Firewall Java Card Applet Firewall Exploration and Exploitation Exploration and

Java Card Applet Firewall Java Card Applet Firewall Exploration and Exploitation Exploration and Exploitation Wojciech Mostowski and Erik Poll Digital Security Radboud University Nijmegen The Netherlands http://www.cs.ru.nl/~{woj,erikpoll}/

819 views • 42 slides
Parallel Firewall Designs for High-Speed Networks Ryan J. Farley WAKE FOREST US Department of

Parallel Firewall Designs for High-Speed Networks Ryan J. Farley WAKE FOREST US Department of

Wake Forestp pComputer Science + DOE MICS Parallel Firewall Designs for High-Speed Networks 1 Parallel Firewall Designs for High-Speed Networks Ryan J. Farley WAKE FOREST US Department of Energy U N I V E R S I T Y Computer Science Network

1.21k views • 49 slides
Adaptive Distributed Distributed Traffic Traffic Adaptive Adaptive Distributed Traffic Control

Adaptive Distributed Distributed Traffic Traffic Adaptive Adaptive Distributed Traffic Control

Adaptive Distributed Distributed Traffic Traffic Adaptive Adaptive Distributed Traffic Control Service Service for for DDoS DDoS Attack Attack Control Control Service for DDoS Attack Mitigation Mitigation Mitigation Bernhard Plattner,

480 views • 24 slides
Adaptive and Proactive Security Assessment on Energy Delivery Systems Carlos Rubio-Medrano, Vu

Adaptive and Proactive Security Assessment on Energy Delivery Systems Carlos Rubio-Medrano, Vu

Adaptive and Proactive Security Assessment on Energy Delivery Systems Carlos Rubio-Medrano, Vu Coughlin , Josephine Lamp, Ziming Zhao, Gail-Joon Ahn and Anna Scaglione Outline Activity Current/ OntoEDS ExSol EDSGuard Refresher Future Work

1.38k views • 41 slides
A seman(c firewall for Content Centric Networking IFIP/IEEE

A seman(c firewall for Content Centric Networking IFIP/IEEE

A seman(c firewall for Content Centric Networking IFIP/IEEE Integrated Network Management Symposium (IM 2013) - MC2: Security Management and Recovery May 27 - 31, 2013 David Goergen Thibault Cholez Jrme

672 views • 39 slides
Fast and Scalable Method for Resolving Anomalies in Firewall Policies Hassan Gobjua

Fast and Scalable Method for Resolving Anomalies in Firewall Policies Hassan Gobjua

Fast and Scalable Method for Resolving Anomalies in Firewall Policies Hassan Gobjua Kamal Ahmat Verizon City University of New York Introduction Firewalls Types of Anomalies Related

385 views • 21 slides
Firewalls Summary Brief History of Firewalls What is a Firewall? Why Firewalls?

Firewalls Summary Brief History of Firewalls What is a Firewall? Why Firewalls?

Firewalls Summary Brief History of Firewalls What is a Firewall? Why Firewalls? Network Address Translation Types of Firewalls Linux/Windows Firewalls pfSense Blue Team Activity Brief History Firewall

351 views • 30 slides
GASPP: A GPU-Accelerated Stateful Packet Processing Framework

GASPP: A GPU-Accelerated Stateful Packet Processing Framework

GASPP: A GPU-Accelerated Stateful Packet Processing Framework Giorgos Vasiliadis, FORTH-ICS, Greece Lazaros Koromilas, FORTH-ICS, Greece Michalis Polychronakis,

954 views • 56 slides
Firewalls Chester Rebeiro IIT Madras Some of the slides borrowed from the book Computer

Firewalls Chester Rebeiro IIT Madras Some of the slides borrowed from the book Computer

Firewalls Chester Rebeiro IIT Madras Some of the slides borrowed from the book Computer Security: A Hands on Approach by Wenliang Du Firewall Block unauthorized traffic flowing from one network to another Separate trusted and

904 views • 58 slides
Composition of SDN applications: Options/challenges for real implementations Arne Schwabe Pedro

Composition of SDN applications: Options/challenges for real implementations Arne Schwabe Pedro

Composition of SDN applications: Options/challenges for real implementations Arne Schwabe Pedro A. Aranda Gutirrez Holger Karl Computer Networks Group Universitt Paderborn Modernizing the setup Simple standard network setup

414 views • 21 slides
Security CS 4720 Web & Mobile Systems CS 4720

Security CS 4720 Web & Mobile Systems CS 4720

Security CS 4720 Web & Mobile Systems CS 4720 The Tradi/onal Security Model The Firewall Approach Keep the good guys in and the

443 views • 25 slides

More recommend

Explore More Topics

Stay informed with curated content and fresh updates.

animals pets art culture automotive transportation business finance computer internet construction architecture education-career electronics communication

Logo Sambuz

Unleash a World of Digital Possibilities—Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Contact

Newsletter

Stay Informed & Inspired—Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2026 SAMBUZ, All right reserved.