Advantages And Disadvantages Of Firewalls Computer Science Essay

Advantages And Disadvantages Of Firewalls Computer Science endeavorA firewall is a boundary or a wall to confine intruders from attacking the net income. The firewall is mesh topology device that is in betwixt a esoteric net and the net. The firewall is con frequent move intod to travel to electronic entanglement commerce that passes between the net profit and the internet. We groundwork assign rules or communications protocols to the firewall to allow data to be sh ard. If the protocol isnt included in the approved list it would destroy or put away the piece of land of data and deny it from visualiseing the profit.When a buck mystic cyberspace is connected to the internet it allows the people to doorway training from external themes .when the net exploit is connected to the internet it in either case allow external customs to enter the private web and steal nurture from the mesh topology. To prevent un countenance door organizations has firewalls to treasure them.thither ar important(prenominal)ly two typefaces of firewalls. Software firewalls and computer hardware firewalls. A firewall declare peerlessselfs configurable network access, enfranchisement before accessing services and other(a) services as well.ScopeI bequeath be c everyplaceing entirely the 3 types of firewall types, the characteristics of firewalls, types of attacks to an organization, other devices that can be utilize in place of a firewall.I wont be covering the configuration of firewalls.FirewallWhat is a Firewall in that respect are basically two types of Firewalls. They are computer bundle and hardware Firewall. A firewall is a software package or hardware that pervades all network relations between your computer, home network, or company network and the internet. As shown in figure 1 the firewall usually sits between a private network and a public network or the internet. As shown in figure 1 a firewall is kept in the boundary of the prive t network and the public network or internet. intention FirewallA firewall in a network ensures that if something bad happens on one office of the firewall, computers on the other side wont be affected. Depending on the firewall type there umteen features such(prenominal) as antivirus guard, intrusion prevention and so forthType Of attacks(http//technet.microsoft.com/en-us/library/cc959354.aspx)There are numerous types of attacks to a network. These are some of themIP Spoofing AttacksIP Spoofing Attacks are where an attacker outside the network may pretend to be a trusted computer either by utilise an IP address that is within the range of IP addresses for the local network or by using an authorized external IP address that has authorized access to specified resources on the local network.Denial of serve Attacks(DoS Attacks)Denials of Service Attacks are attacks just to make a service unavailable for modal(prenominal) use by flooding a computer or the total network with jo b until a shutdown occurs because of the overload. The attacker can also block traffic, which results in a loss of access to network resources by authorized users. Denial of service attacks can be implemented using common internet protocols, such as transmission pull strings protocol and ICMP.Sniffer AttackA sniffer attack is an exercise or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are non encrypted, a sniffer provides a full view of the data inside the packet. level encapsulated (tunnelled) packets can be broken percipient and read unless they are encrypted.Man in the midsection AttackAs the name indicates, a man in the heart and soul attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and go forling your communication transparently.To prevent such attacks a computer or network should implement a firewall to the companys itemations, so that the firewall pass on hold dear the network without been a problem for the employees of the company.Types of Firewall(Google book) parcel filtering routersPacket filtering routers were the first generation of firewall architectures to be invented. Packet filtering firewalls work at the network train of the OSI model, or the IP layer of TCP/IP. As shown in figure 2 a Packet filtering routers pull up stakes be placed between the boundary of the private network and the public network or internet. Packet filtering routers can provide a cheap and useful train of earnest to the network. Depending on the type of router filtering can be done at the incoming, outgoing interfaces or both interfaces. Packet filters work by applying a set of rules to each incoming or outgoing packets.The rules are defined ground on the network surety policy of the enterprise. According to these set of rules the firewall can forwarded or acquit the packet. A packet filtering router is able to filter IP packets found on theSource IP addressDestination IP addressTCP/UDP source portTCP/UDP destination portPacket filters kit and caboodle well for blocking spoofed packets. It also can be used for end connexions from specific emcees or networksBlock continuatives to specific hosts or networksBlock connections to specific portsBlock connections from specific portsFigure Packet filtering routersThe three types of filtering firewallStatic FilteringIt is one of the oldest firewall architecture and it operates in the network layer. The administrator can define rules which packets are accepted and which packets are denied. The static filter exit scan for IP forefront data and TCP header data.Advantages of Static Filtering woeful pertain on network performance.Low damage included in many operating systems.Disadvantages of Static FilteringBecause it operates in the network layer it examines only the IP header and TCP header.It is not aware of the packet payload.Offers low take of saf eguard. high-voltage FilteringDynamic Filtering works on the network layer. These firewalls are the al nearly common sort of firewall technology .The decision will to deny or allow the packet will be based on the test of the IP and protocol header. Dynamic filter can differentiate between a new and an found connection. After a connection is established its selective information is kept in a table in the router.Advantages of Dynamic FilteringLowest impact on network performanceLow costBecause it can differentiate between a new and an established connection it increases performance.Disadvantages of Dynamic FilteringBecause it operates in the network layer it examines only the IP header and TCP header.Provide low level of cling toionStateful InspectionStateful critical review is a technology that is similar to dynamic filtering, with the addition of more(prenominal) than gritty examination of data contained in the IP packetAdvantages of using firewalls based on packet filteri ngLow cost.Packet filters make use of period network routers.Makes certification Transparent to End-Users.Easy to install.Packet filters make use of current network routers. Therefore implementing a packet filter security measure system is typically less complicated than other network security solutions.High speedPacket filters are generally faster than other firewall technologies because they perform fewer evaluations.Disadvantages of using firewalls based on packet filteringPacket filters do not understand application layer protocols.Packet filters does not offer any value-added features, such as HTTP object caching, URL filtering, and au and sotication because they do not understand the protocols being used.Packet filtering routers are not very serious.Cant discriminate between good and bad packetNew rules may be sine qua noned to be added if an employee needs exceptional requirements to connect to the internet.Difficulty of setting up packet filtering rules to the routerTh ere isnt any sort of user based Authentication.Packet filter cannot authenticate information coming from a specific user.(http//www.cse.iitk.ac.in/research/mtech1997/9711107/node14.html) tour level gatewaysCircuit level gateways are the second generation of firewall architectures. Circuit level gateways work at the session layer of the OSI model. It is basically a packet filter with additional features. In figure 3 shows a circuit level gateway works. The circuit level gateway examines and validates TCP and UDP sessions before if open up a connection or circuit finished the firewall. So it will provide more security than the static packet and dynamic packet filter. The decisions to accept or deny packet is based on examining the Source address Destination address drill or protocol Source port number Destination port numberFigure Circuit level gateways(William Stallings,)Advantages of firewalls based on Circuit level gateways little impact on network performance.Breaks direct conne ction between the untrusted host and trusted client.Higher level security than the packet filter firewalls..Disadvantages of firewalls based on Circuit level gatewaysDoes not examine the packet payload.Low to moderate security level. industriousness level gatewaysThe third generation of firewall architectures is called cover level gateways. Application level gateways are capable of inspecting the entire application data portion of an IP packet. When a computer sends a indicate to the internet the firewall inspects the entire packet against the rules configured by the network or firewall administrator and then regenerates the entire lucre request before send it to the destination server on the profit. The returned result will then again will be inspected, if the result meet the requirement of the rules then it will be allowed to pass by means of the network and into the network, then the firewall will prepare a response packet and send it to the corresponding computer. If the r esult does not meet the requirement of the rules then it will be blocked from deviation through the network. The figure 4 shows an Application level gateway.Figure Application level gatewaysAdvantages of Application level gatewaysThe application proxy can inspect the entire application portion of the IP packet. This inspection happens both when the Internet request is sent and when the reply packet from the Internet server is returned.Highest level of securityBecause the application proxy understands the application protocol, it can create a much more detailed log file of what is sent through the firewall. Packet filter log files know only about the IP packet header information.The internal computer and the server on the Internet never rescue a real connection, because the firewall inspect the packet and then regenerates it.Proxy services understand and enforce high-level protocols, such as HTTP and FTP.Proxy services can be used to deny access to certain network services, while p ermitting access to others.Disadvantages of Application level gatewaysApplication level gateways require great memory and processor resources compared to other firewall technologies. take aim to create filter rule for each application individually.Must be written very carefullyVendors must keep up with current protocolsSoftware firewallFor home users software firewalls are the most everyday firewall choices. In figure 5, 6 and 7 are some of the most popular software firewalls in the market. Software firewalls are installed on your computer or server computer like any other software .The firewall can be customize it if necessary allowing you some control over its section and protection features. A software firewall will protect your computer from unlicensed access to the network or home pc and in most software firewall it provides protection against Trojan programs, e-mail worms, antivirus, antispyware and intrusion describeion etc.Software firewalls will only protect the compu ter they are installed on and not the whole network, so each computer will need to crap a software firewall installed on it.There are considerable numbers of software firewalls to choose from. A good software firewall will run in the background on your system and use only a small amount of system resources. It is important to monitor a software firewall once installed and to download any updates available from the developer.Norton Internet tributeFigure Norton Internet protective coverZone Alarm Extreme SecurityFigure Zone Alarm Extreme SecurityKaspersky Internet SecurityFigure Kaspersky Internet SecurityHardware FirewallsAs seen in figure 8 hardware firewalls can be purchased as a stand-alone product, in present hardware firewalls are integrated in broadband routers. These will be very important for people with broadband connection for their company network. Hardware firewalls can provide better security and visit the performance loss by using dedicated memory and treat powe r .They also can protect every machine on a local network. Most hardware firewalls will have a minimum of four network ports to connect other computers. A hardware firewalluses packet filtering to examine the header of a packet to determine its source and destination. This information is compared to a set of administrator created rules that determine whether the packet is to be forwarded or dropped.Figure Hardware FirewallsFirewall CharacteristicsDesign goals of a firewallEvery firewall has design goals. Because if the firewalls does not achieve these design goals the firewall will be a coarse security risk to an organizations network.According to the security policy only accepted traffic should pass through the firewall.All inbound and outward-bound traffic should pass through the firewall.The firewall should be immune to penetration.Four general techniques to control accessService controlDetermines the types of Internet services that can be accessed, inbound or outboundDirection controlDetermines the direction in which particular service requests are allowed to flowUser controlControls access to a service according to which user is attempting to access itBehavior controlControls how particular services are used.Advantages of Using a FirewallA federation network or a home computer will have number of advantages when using a firewall.They are more cost efficacious than securing each computer in the corporate network since there are often only one or a few firewall systems to stand on.There are some firewalls which are able to detect viruses, Trojans, worms and spyware etc.There areDisadvantages of Using a FirewallEven if a firewall helps in keeping the network safe from intruders, but if a firewall is not used properly it would give a false impression to you that the network is safe. The main disadvantage of a firewall is that it cannot protect the network from attacks from the inside.They often cannot protect against an insider attack.Firewalls cannot pr otect a network or pc from viruses, Trojans, worms and spyware which spread through fritter away drives, potable hard disk and floppy etc.They may cumber authorized users from accessing valuable services.They do not protect against backdoor attacks.They cannot protect the network if someone uses a broadband modem to access the internet.(http//www.linktionary.com/f/firewall.html)must see early(a) devices that could be used in place of firewallsAntivirus SoftwareAntivirus software is a programme detects and prevents malicious software programs such as viruses and worm. Malicious software programs are designed to infiltrate the computer network through the internet connection and cause damage to the system. These programmes are installed without the users knowledge. To prevent such programmes from been installed an antivirus has to be installed in every computer on the network. To prevent the latest malware from infecting the computers the antivirus software has to be up to date with the latest antivirus definitions from the developer.E.g.- Norton antivirus, Kaspersky antivirus etc.Spyware SoftwareSpyware is a type of malware that is installed in the pc without the knowledge of the user, it secretly collects personal information and monitors browsing activities of the computer user. Like antivirus software spyware software has to be updated on a regular basis with the latest definitions. Most antivirus softwares has spyware protection.E.G.-Spyware doctor, Norton antivirus etc.The purpose of using these devisesCritical abridgmentIn todays world there are so many security risk a computer network cannot be fully protected. Even if a firewall gives protection from outside intruders it cannot protect the network from the inside. I have analyse the network security and come to a conclusion that network to be secured, they should use a hardware firewall to inspect all the outbound and inbound request and a software firewall to protect from other threats such as malwa re, Trojans, viruses, worms etc.In todays world there are many hackers who would want to hack a company for fun or for funds and there are thousands of viruses rereleased to the internet every day.Threats can attack a network of computers in many ways, for example if the firewall allows emails to be sent and acquire and if an infected email is sent by an intruder, it will pass through the firewall and infect all the computers in that privet network. A software firewall may be considered as an antivirus guard which has a firewall, so this means that this type of software firewalls has more features than just only the firewall. It may have antivirus, spyware, intrusion, browser, email protection and may have many other features as well. As Ive interpreted the example of the email when the email is been received it will be scanned and filtered if it is sight as spam mail or it will be allowed to enter the network.Because the viruses are becoming more advance the software firewalls h as become more advance in detecting threats. Some antivirus software uses three main different apostrophizees to detect threats. They mainly use definition based detection. This is where the software detects viruses and other threats by encloseing for a known malicious code with the definitions and be removed or deleted. The second main advance is where the software uses is demeanour based detection. This is where the software looks at the installed software or downloaded softwares behaviour. If the software behaviours in jealous manner where it is collection personal information without the users knowledge it will be removed. Behaviour based detection is more of an advance approach for antivirus software because it does not need the virus definitions to detect threats, it will detect threats even before the virus definitions are been downloaded.The third main approach is cloud based detections. This is where the antivirus company keeps a record of known suspicious and dangerou s software in their databases, which has been collected by the antivirus company over the past years. If a user downloads software the antivirus guard will check the downloaded software with their companys databases of known suspicious and dangerous software to see if it is a threat or not to the user. These three approaches of a software firewall will help keep the network safer if the hardware firewall fails to detect threats.These antivirus help protect the network from intrusions through another computer or vulnerabilities in a software installed on a computer. This feature scans all ports the network traffic that enters and exits your computer and compares this information to a set of signatures or definitions. These signatures contain the information that identifies an attackers attempt to exploit a known operating system or program vulnerability. If the information matches an attack signature, Intrusion Prevention will automatically discard the packet and breaks or blocks th e connection with the computer that sent the data. A privet network should have a good antivirus programme with all the to a higher place mention features and more. Antivirus software like Norton, BitDefender etc are superior antivirus softwares.So I think if there are both hardware and software firewalls in place in the network it will be more secure to threats and vulnerabilities. This is because if the threat is not detected by the hardware firewall there is a chance that the software firewall will detect it. Because these firewall are becoming more sophisticated with advance technology to detect threats these firewalls will be the close defence if the hardware firewall fails to detect the threat.Conclusion