Escolar Documentos
Profissional Documentos
Cultura Documentos
Internet Internet
Network Network
access access
• Source IP address
• Destination IP address
• Source and destination transport-level address
• IP protocol field
• Interface
Advantages:
• Filtering rules can be tailored to the host
environment
• Protection is provided independent of topology
• Provides an additional layer of protection
Personal Firewall
Controls traffic between a personal computer or
workstation and the Internet or enterprise network
For both home or corporate use
Typically is a software module on a personal computer
Can be housed in a router that connects all of the home
computers to a DSL, cable modem, or other Internet
interface
Typically much less complex than server-based or stand-
alone firewalls
Primary role is to deny unauthorized remote access
May also monitor outgoing traffic to detect and block
worms and malware activity
Internet
Boundary
router
LAN
switch
Web Email DNS
server(s) server server
LAN
switch
Application and database servers
Workstations
Public (Internet)
Header Header Payload
or Private
Network
He
IP er H
yl I P
ad
Pa cure
d
oa
IP ader
Se
Se
e
c
ad c
He PSe
er
Se ayloa
I
cu
P
re d
He IP
er
IP
ad
Ethernet Ethernet
switch IP IP
switch IP IP
Header Payload Header Payload
Firewall Firewall
with IPSec with IPSec
Boundary
router
External
DMZ network
Web
server(s) External
firewall
Internal DMZ network
LAN
switch
LAN
switch
host-resident
firewall
Workstations
Figure 9.4 Example Distributed Firewall Configuration
Firewall Topologies
• Includes personal firewall software and firewall
Host-resident firewall software on servers
2. Notifications Passive
Correlation sensor Honeypot
server
1. Malware
execution
Remote sensor
Application
3. Forward
server
features
6. Application update
Instrumented applications
Routing module
VPN module
Firewall module
Anomaly
IDS engine
detection
Activity
IPS engine inspection
engine
Web filtering module
Antispam module
VPN module
Bandwidth shaping module
(Table
can be
found on
page 328
in
textbook)
Table 9.4
Sidewinder G2
Security
Appliance Attack
Protections
Summary -
Application Level
Examples (page 1 of 2)
Sidewinder
G2 Security
Appliance
Attack
Protections
Summary –
Application
Level
Examples
(page 2 of 2)