Firewalls


 * Firewalls**

Firewall - a computer, router, or software component implemented to control access to a protected network. It enables organizations to protect their network and control traffic.

Packet filters - devices that filter traffic based on IP addresses. Hackers use spoofing tools and other programs that are easily availabe on the Internet to bypass packet filters. These devices inspect the TCP/IP headers and make decision based on a set of predefined rules. They configured by compiling an access controll list.

Stateful firewalls - devices keep track of every communications channel by means of a state table. They are considered intelligent firewalls.

Proxy servers - hardware or software device that can perform address translation and that communicates with the Internet on behalf of the network. The real IP address of the user remain hidden behind the proxy server. Proxy server can alsow be configured to filter higher layered traffic to determine whether the traffic is allowed to pass.

Steps taken by a Proxy server:
 * 1) Accept packets from the external network
 * 2) Copy the packets
 * 3) Inspect them for irregularities
 * 4) Change the addresses to the correct internal device.
 * 5) Put them back on the wire to the destinatin device

Demilitarized Zone (DMZ) - prevents outsiders from getting direct access to internal services. Typically set up to allow external users access to services within the DMZ. They provide no other access to services located within the local network.

Network Address Translation (NAT) - device or router provides a pool of addresses for use by your local network. Unique IP address is required to represent this group of computers. - The service was developed because of the explosive growth of the internet and the increase in home and business networks; the number of available public IP addresses is insufficient to support everyone.

Virtual Private Networks (VPN) - are used to connect devices through the public internet. Primary benefit is that they offer a cost advantage over private lines and T1 by providing the same capabilities as a private network at a much lower cost. Three Protocols used to provide VPN tunneling:
 * 1) Point-to-Point tunneling (PPTP)
 * 2) L2TP
 * 3) IPSec
 * LAN - to LAN tunnels - Users can tunnel transparently to each other on separate LANS.
 * Client - to - LAN tunnels - Mobile users can connect to the corporate LAN.
 * Authenication header (AH)- protects data against modifications; does not provide privacy
 * Encapsulating security payload (ESP) - provides privacy and protects against malicious modification
 * Internet key exchange (IKE) - allows secret keys to be exchanged securely before communications begin
 * 1) IPSec is a layer 3 protocol.