🏷️ LIMITED TIME OFFER: GET 20% OFF GRADE+ YEARLY SUBSCRIPTION →
Log in
HomeClass Notes1,200,000AU40,000

FIT3031 Lecture Notes - Lecture 11: Trac, Ipsec, T Third Street

250 views pages
scarletalpaca804
22 Jun 2018
School
Monash University
Department
Information Technology
Course
FIT3031
Professor
Malik Khan

For unlimited access to Class Notes, a Class+ subscription is required.

L11: Firewall
Types of Firewall
Packet filtering
Stateful inspecon
Circuit level proxy
Applicaon proxy
What is a Firewall?
Adds to the security scheme
Erects an outer security wall
Provide a singe point where security and audit can imposed
Acts as the first line of defense
Services:
Service Control: determines the types of Internet Services that can accessed, inbound and
outbound
Direcon Control: determines the direcon in which parcular service requests may be
iniated and allows to flow through the firewall
User control: controls access to a service by authorized users
Behaviour control: controls how parcular services are used
Firewall Design Goals
All traffic in both direcon much through the firewall (by physically blocking all accesses to
the local network except via the firewall)
Only authorized traffic, define by the local security policies, will be allowed to pass
Firewall itself must be immune to penetraon
What Firewalls Can Do
Manage access between the organisaon’s network (trusted) and Internet (untrusted)
Allow the network administrator to define a centralized “choke point
Offer access control protecon from vulnerable services and roung aacks
Offer a convenient network point where security-related events can be monitored and
alarms can be generated
Audit or log Internet usage
Implement VPNs using IPsec
Immune to any penetraon aack
What Firewalls Can’t Do
Protect from aacks bypassing it
Protect against internal threats
Protect against access via WLAN
Protect against malware imported via laptop, PDA
Unlock document

This preview shows of the document.
Unlock all pages and 3 million more documents.

Already have an account? Log in

Document Summary

P(cid:396)o(cid:448)ide a si(cid:374)ge poi(cid:374)t (cid:449)he(cid:396)e se(cid:272)u(cid:396)it(cid:455) a(cid:374)d audit (cid:272)a(cid:374) i(cid:373)posed. A(cid:272)ts as the (cid:396)st li(cid:374)e of defe(cid:374)se. E(cid:396)(cid:448)i(cid:272)e co(cid:374)t(cid:396)ol: dete(cid:396)(cid:373)i(cid:374)es the t(cid:455)pes of i(cid:374)te(cid:396)(cid:374)et e(cid:396)(cid:448)i(cid:272)es that (cid:272)a(cid:374) a(cid:272)(cid:272)essed, i(cid:374)(cid:271)ou(cid:374)d a(cid:374)d out(cid:271)ou(cid:374)d. Di(cid:396)e(cid:272)(cid:415)o(cid:374) co(cid:374)t(cid:396)ol: dete(cid:396)(cid:373)i(cid:374)es the di(cid:396)e(cid:272)(cid:415)o(cid:374) i(cid:374) (cid:449)hi(cid:272)h pa(cid:396)(cid:415)(cid:272)ula(cid:396) se(cid:396)(cid:448)i(cid:272)e (cid:396)e(cid:395)uests (cid:373)a(cid:455) (cid:271)e i(cid:374)i(cid:415)ated a(cid:374)d allo(cid:449)s to o(cid:449) th(cid:396)ough the (cid:396)e(cid:449)all. Use(cid:396) (cid:272)o(cid:374)t(cid:396)ol: (cid:272)o(cid:374)t(cid:396)ols a(cid:272)(cid:272)ess to a se(cid:396)(cid:448)i(cid:272)e (cid:271)(cid:455) autho(cid:396)ized use(cid:396)s. Beha(cid:448)iou(cid:396) (cid:272)o(cid:374)t(cid:396)ol: (cid:272)o(cid:374)t(cid:396)ols ho(cid:449) pa(cid:396)(cid:415)(cid:272)ula(cid:396) se(cid:396)(cid:448)i(cid:272)es a(cid:396)e used. All t(cid:396)a (cid:272) i(cid:374) (cid:271)oth di(cid:396)e(cid:272)(cid:415)o(cid:374) (cid:373)u(cid:272)h th(cid:396)ough the (cid:396)e(cid:449)all (cid:894)(cid:271)(cid:455) ph(cid:455)si(cid:272)all(cid:455) (cid:271)lo(cid:272)ki(cid:374)g all a(cid:272)(cid:272)esses to the lo(cid:272)al (cid:374)et(cid:449)o(cid:396)k e(cid:454)(cid:272)ept (cid:448)ia the (cid:396)e(cid:449)all(cid:895) O(cid:374)l(cid:455) autho(cid:396)ized t(cid:396)a (cid:272), de (cid:374)e (cid:271)(cid:455) the lo(cid:272)al se(cid:272)u(cid:396)it(cid:455) poli(cid:272)ies, (cid:449)ill (cid:271)e allo(cid:449)ed to pass. Fi(cid:396)e(cid:449)all itself (cid:373)ust (cid:271)e i(cid:373)(cid:373)u(cid:374)e to pe(cid:374)et(cid:396)a(cid:415)o(cid:374) Ma(cid:374)age a(cid:272)(cid:272)ess (cid:271)et(cid:449)ee(cid:374) the o(cid:396)ga(cid:374)isa(cid:415)o(cid:374)"s (cid:374)et(cid:449)o(cid:396)k (cid:894)t(cid:396)usted(cid:895) a(cid:374)d i(cid:374)te(cid:396)(cid:374)et (cid:894)u(cid:374)t(cid:396)usted(cid:895) Allo(cid:449) the (cid:374)et(cid:449)o(cid:396)k ad(cid:373)i(cid:374)ist(cid:396)ato(cid:396) to de (cid:374)e a (cid:272)e(cid:374)t(cid:396)alized (cid:862)(cid:272)hoke poi(cid:374)t(cid:863) O e(cid:396) a(cid:272)(cid:272)ess (cid:272)o(cid:374)t(cid:396)ol p(cid:396)ote(cid:272)(cid:415)o(cid:374) f(cid:396)o(cid:373) (cid:448)ul(cid:374)e(cid:396)a(cid:271)le se(cid:396)(cid:448)i(cid:272)es a(cid:374)d (cid:396)ou(cid:415)(cid:374)g a(cid:425)a(cid:272)ks.

Get access

Grade+20% off
$8 USD/m$10 USD/m
Billed $96 USD annually
Grade+
Homework Help
Study Guides
Textbook Solutions
Class Notes
Textbook Notes
Booster Class
40 Verified Answers
Class+
$8 USD/m
Billed $96 USD annually
Class+
Homework Help
Study Guides
Textbook Solutions
Class Notes
Textbook Notes
Booster Class
30 Verified Answers