FIREWALL AND

NETWORK SECURITY
BY NUPUR
WHAT IS FIREWALL?

• A firewall is a network security device that monitors and controls incoming and
outgoing network traffic based on predetermined security rules.
• These are computer security networks that protects our computer & network
from intruders, hackers & malicious code.
• It separates the internal network from the Public Internet.
 HARDWARE & SOFTWARE FIREWALL
• New gen operating systems come with built in firewalls, or firewall software
can be bought online
• Hardware firewalls are usually routers with a built-in Ethernet card and hub,
our computers are connected to this router to access the web.
Why
"WHY USE A FIREWALL?"

• Protects against unauthorized access: Acts as a barrier between your internal

network and external threats.
• Controls traffic: Filters and blocks specific types of traffic based on defined
rules.
• Enhances security: Safeguards sensitive data from potential cyber threats.
TYPES OF FIREWALLS

• Packet Filter
• Application-level gateway
• Circuit-level gateway
PACKET FILTER

• Most basic type of firewall

• Acts like a management program that monitors network traffic and filters incoming
packets based on configured security rules.
• Inspects and filter data packet by packet
• Applies a set of rule on incoming and outgoing packets, to either forward or discard it.
• The internal network is connected to the external network/Internet via a router firewall
• Blocks/allow packets based on IP addresses, protocol, source/ destination port no.s &
various other parameters within IP header.
• Advantages
• Cost Effective
• Low resource usage
• Best suited for smaller networks

• Disadvantages
• Doesn’t support complex rule based support
• Can work only on the network layer
APPLICATION-LEVEL GATEWAY

• Also called Application Proxy, acts as a relay node for the application-level traffic.
• Functions as a proxy server.
• Accepts packets generated by only specified application for which they are
designed to copy, forward and filter.
• Advantages
• More secure than Packet filters
• Easy to log and audit incoming traffic

• Disadvantages
• Additional Processing overhead on each
connection
CIRCUIT-LEVEL GATEWAY

• It is an intermediate solution between the packet filter and the application

gateway.
• Does not permit an end-to-end TCP connection, rather gateway sets two TCP
connections
• Used in a situation where system administrator trusts internal users.
• Does not examine data like application Gateway.
• Advantage
• Comparatively inexpensive
• Provides secrecy to the private network

• Disadvantage
• Do not filter individual Packets
PROXY SERVER

• A proxy server acts as an intermediary between clients and servers,

forwarding client requests to the appropriate servers and returning responses
to the clients.
• Proxy server evaluates the request according to its filtering rules.
• Most proxies are web proxy, allowing access to content on www.
Why?
FUNCTIONS OF PROXY SERVER
• Keeps machines behind it secure
• Speed up access to resources (using caching)
• To block undesired sites
• To log/audit usage
• Bypass security and parental controls
• Scans transmitted content for malware before delivery
• Scans outbound content
• Circumvent regional restrictions
TYPES OF PROXY SERVERS
• Transparent Proxy
• A transparent proxy intercepts network traffic without altering it, providing caching and
access control without requiring any configuration on the client side.

• Anonymous Proxy
• Identifies itself as a proxy server but doesn’t makes our original IP address available
providing reasonable anonymity to users.

• Distorting Proxy
• A distorting proxy server provides anonymity by altering the client's IP address when
accessing websites, making it appear as if the request is coming from a different location.

• High Anonymity Proxy

• A high anonymity proxy server hides both the client's IP address and the fact that it is using a
proxy, providing the highest level of anonymity.
TRANSACTION SECURITY

• Transaction security refers to measures put in place to protect financial

transactions from unauthorized access, fraud, and data breaches.
• Protects sensitive information.
• Builds trust.
• Prevents financial losses.
REQUIREMENTS FOR TRANSACTION SECURITY
• Confidentiality
• Protects data from unauthorized access through encryption and access controls.
• Integrity
• Ensures data remains unchanged and reliable using checksums and digital signatures.
• Authenticity
• Verifies the identity of entities through authentication mechanisms like passwords or
biometrics.

• Non-Repudiation
• Prevents denial of actions or transactions with digital signatures and audit trails.
SECURITY PROTOCOLS FOR SAFE TRANSACTION
• Secure Socket Layer (SSL)
• SSL is a cryptographic protocol that ensures
secure communication over a computer network.

• It provides encryption and authentication

between client and server, preventing eavesdropping
and tampering.

• SSL is commonly used for securing web traffic,

email communication, and other online transactions
i.e credit card transactions, system login etc.
• Hyper Text Transfer Protocol Secure (HTTPS)
• HTTPS is the secure version of HTTP, the protocol used for transferring data between a
web browser and a website.
• It uses SSL/TLS protocols to encrypt data transmitted between the browser and the
website, ensuring privacy and integrity.
• HTTPS is indicated by a padlock icon in the browser's address bar, providing users with
assurance of secure communication. Uses port 443 to transfer information.
• Secure Electronic Transaction (SET)
• SET is a open-source protocol for securing electronic payments over the internet.
• It provides confidentiality, integrity, and authentication for online transactions.
• SET uses digital certificates and encryption to ensure secure transmission of payment
information between the customer, merchant, and payment gateway
Quiz
Time!
1) What is the primary function of a firewall?
• a) Encrypt data transmissions
• b) Filter network traffic
• c) Manage software updates
• d) Block spam emails
2) Which type of firewall is a physical device placed between an internal
network and the internet?
3) What's the primary function of a proxy firewall?
• a) To encrypt all network traffic
• b) To act as an intermediary between internal and external systems
• c) To filter web content based on URLs
4) What does HTTPS indicate in a web address?
• a) The website is hosted on a secure server
• b) The website is optimized for mobile devices
• c) The website uses hypertext transfer protocol
5) What is the purpose of a transparent proxy?
• a) To mask the client's IP address
• b) To cache frequently accessed web content
• c) To intercept network traffic without altering it
6) What does SSL stand for?
• a) Secure Socket Layer
• b) Secure Server Link
• c) Safe Security Layer
THANK YOU
FOR YOUR TIME AND ATTENTION