Data Security Using Firewall
Chapter One
Preamble of the Study
Traditional firewalls ( Conventional firewalls ) are devices often placed on the edge of the network that act as a bouncer allowing only certain types of traffic in and out of the network which often called perimeter firewalls. They divide the network into two parts; trusted on one side and un-trusted on the other side. For this reason they depend heavily on the topology of the network. Moreover, firewalls are a mechanism for policy control and permit a site administrator to set a policy on external access. Just as file permissions enforces an internal security policy and can enforces an external security policy.
Michael, (2011), Distributed firewalls are host-resident security software applications that protect the enterprise network’s servers and end-user machines against unwanted intrusion. They offer the advantage of filtering traffic from both the Internet and the internal network. This enables them to prevent hacking attacks that originate from both the Internet and the internal network This is important because the most costly and destructive attacks still originate from within the organization.
A feature of distributed firewalls is centralized management. The ability to populate servers and end-users machines, to configure and “push out” consistent security policies helps to maximize limited resources. The ability to gather reports and maintain updates centrally makes distributed security practical. Distributed firewalls help in two ways. Remote end-user machines can be secured . Secondly, they secure critical servers on the network preventing intrusion by malicious code and “jailing” other such code by not letting the protected server be used as a launch pad for expanded attacks (Gatus, 2014).
CHAPTER TWO
LITERATURE REVIEW
Conventional Firewall
Firewall
Li, Wei. (2020), A firewall is a system or group of systems (router, proxy, or gateway) that implements a set of security rules to enforce access control between two networks to protect “inside” network from “outside network”. It may be a hardware device or a software program running on a secure host computer. In either case, it must have at least two network interfaces, one for the network it is intended to protect, and one for the network it is exposed to. A firewall is essentially a security enforcement point that separates a trusted network from an un-trusted one Manish G. (2017), Firewalls screen all connections between two networks, determining which traffic should be allowed and which should be disallowed based on some form of security policy decisions determined in advanced by the security administrator.
Conventional firewalls
Michael, (2011), Conventional firewalls are devices often placed on the edge of the network that act as a bouncer. The firewall is used to enforce a central policy of what traffic is allowed in and out of the network. When traffic flows through the firewall it is evaluated by a set of rules based on IP address, port, etc. and either allowed or denied. All traffic entering or leaving the network must pass through this point. This requirement itself is often one of the downfalls of the firewall. For example, users might go around the firewall by using a modem or some other connection to the Internet. Another problem is encrypted tunnels, which provide a hole through the firewall where the traffic isn’t evaluated and flows freely.
Conventional firewalls Drawbacks.
Depends on the topology of the network.
Do not protect networks from the internal attacks (Assumes inside users are “trusted”).
- Firewalls can become a bottleneck\
- Multiple entry points make firewalls hard to manage
- Unable to handle protocols like FTP and Real-Audio.
- Single points of access make firewalls hard to manage.
- Unable to stop spoofed transmissions (i.e., using false source addresses).
- Unable to log all of the network’s activity and
- Unable to dynamically open and close the networking ports.
To solve these problems of the firewall the evolution of the distributed firewall comes into picture. In the distributed firewall scheme, policy is still centrally defined: enforcement, however takes place on each endpoints.
Distributed Firewall Concepts
Michael, (2011), Distributed firewalls are host-resident security software applications that protect the enterprise network’s servers and end-user machines against unwanted Intrusion and secure the network by protecting critical points, exactly where hackers want to penetrate. They are like personal firewalls except they offer several important advantages like central management, logging, and in some cases, access-control granularity. These features are necessary to implement corporate security policies in larger enterprises.
Distributed firewalls overcome the single point-of-failure problem presented by the firewall. A feature of distributed firewalls is centralized management. The ability to populate Servers and end-users machines to configure and push out consistent security policies helps to maximize limited resources. The ability to gather reports and maintain updates centrally makes distributed security practical. Distributed firewalls help in two ways (Oguzhan, 2018). Remote end-user machines can be secured. Secondly, they secure critical servers on the network preventing intrusion by malicious code and jailing other such code by not letting the protected server be used as a launch pad for expanded attacks. As the name implies, the distributed firewall is installed throughout the network to all endpoints.
Basis of distributed firewalls
Distributed firewalls are based on three main points.
- Policy Language:The policy language is used to create polices for each of the firewalls. These policies are the collection of rules, which direct the firewall in how to evaluate the network traffic.
- System Management Tools:The system management tools are used to distribute the policy to the firewalls and to collect logging and reporting information.
- IPSec:IPSEC provides network-level encryption used to secure network traffic and the transmission of policies. It also provides a more important function of providing a way to cryptographically verify the sender of information. Senders can then be uniquely verified by their certificate. It is about constructing and analyzing protocols that overcome the influence of adversaries and which are related to various aspects in information security such as data confidentiality, data integrity, authentication and non-repudiation.
Components of distributed firewall
There are three components of distributed firewall.
- Policy language:Policy language used to create policies for each firewall. These policies are the collections of rules, which guide the firewall for evaluating the network traffic and also defines which inbound and outbound connections are allowed or rejected.
- Policy distribution scheme:Policy distribution scheme is used to enable policy control from central point. This policy is consulted before processing the incoming or outgoing messages. It should guarantee the integrity of the policy during transfer. It can be either directly pushed to end systems, or pulled when necessary with the implementation.
- Certificate: Certificate enables making decisions without knowledge of the physical location of the host. There may be the chance of using IP address for host identification by the DFW, it is preferred to use certificate to identify hosts. IPSec provides cryptographic certificates, unlike IP address which can be easily spoofed, the digital certificate is much more secure and the authentication of certificate is not easily forged.
CHAPTER THREE
ARCHITECTURE AND APPLICATIONS AREAS
Architecture of distributed firewall
Peter, (2018), while the security policies are deployed in a decentralized way their management is not allowing system administrators to set policies from a central host and therefore still fulfill the requirements of efficient system and network administration. The whole distributed firewall system consists of four main parts:
- The management center: The management center is responsible for the management of all endpoints in the network, security policy constitution and distribution, log file receiving from the host and analysis, intrusion detection and certain measure adoption.
- Policy actuator: Policy actuator is installed in each host or gateway to receive the security policy issued by the management center, and to explain and implement the policy. It interprets and runs the security policy program. It is the real program to protect the endpoint host, and it is mainly to realize the function of the traditional firewall. Additionally, it is also to achieve the functions of communicating with the management control center and establishing communication link request for the remote endpoint.
- Remote endpoint connectors: The remote endpoint connectors are the programs specifically designed for the remote endpoint host, to prove their identity to Maintaining the Integrity of the Specifications.
- Log server: The log server is responsible for the collection of the various events occurred in the whole network, such as protocol rule log, user login event logs, user Internet access logs, for audit analysis.
A Distributed Approach to Firewall Design
As a result of dramatic increase in network complexity and development of new technologies like wireless networks and VPNs, it is not easy to maintain a fixed network topology anymore. Additionally, there are increasing user demands like mobility, security, performance and reliability. As a result of these and the disadvantages mentioned above, conventional firewalls have started to become inadequate. In order to remove such kind of problems, Bellovin and Ioannidis, et al. introduced the concept of distributed firewall. The distributed firewall design is based on the idea of enforcing the policy rules at the endpoints rather than a single entry point to network. The security policies are still defined centrally (Gatus, 2014).
CHAPTER FOUR
SUMMARY, CONCLUSION, RECOMMENDATION AND FUTURE WORK
Summary
The examined the solution of computer crime means user can transfer his sensitive and important data or information that time firewalls and distributed firewalls provides the security during the data transmission.
They provide the legal infrastructure for internet access. Firewalls provides the facility like only authentic user can access the computer or internet for his personal use they provides the authentication. In this paper we have tried to explain or prove the internet problems and solution of that problem with the help of distributed firewalls. Its also called filtering process.
Firewalls is useful in many place like college or any institution for data security or network security purpose. so, it’s our solo paper for trying to awareness and provides the solution for networking through the distributed firewalls.
Conclusion
As networks continue to change and expand new tools are needed to keep them secure. Distributed firewalls take a new approach by securing every host on the network. They also have no trouble handling the changing topology of today’s networks. This makes them a perfect match for telecommuters that work from remote locations and often use a VPN to connect to the corporate network. As they continue to develop, new features will be added that will only increase their security and ease of use. Distributed firewalls just may be the tool to secure next generation networks.
Data Security along with a fast technological change is a demanding field. This overview shows that Data Security in itself must be seen as a whole. The adopted network security policy forms the basis. A proper choice of systems, protocols, standards and techniques gives the guidelines for a more secure networking. The security levels of current networks must be constantly enhanced to meet the growing security threats. Wired and wireless networks use in principal the same type of basic security methods. This means that security measures taken to ensure the integrity and security of data in the wired local area network environment are also applicable to wireless LANs. Information systems are strongly affected by secure wireless technology.
In the near future we will see a rapid growth of wireless technology, devices and equipment. Security aspects will enhance this change and the effect on information systems will be significant.
In their simplest form, policies in a distributed firewall are functionally equivalent to packet filtering rules. However, it is desirable to use an extensible system (so that other types of applications and security checks can be specified and enforced in the future). The language and resolution mechanism should also support credentials for delegation of rights and authentication purposes.
Recommendation
- A mechanism for safely distributing security policies may be the IPsec key management protocol when possible, or some other protocol. The integrity of the policies transferred must be guaranteed, either through the communication protocol or as part of the policy object description (g.they may be digitally signed).
- As mentioned, in conventional firewalls there is an assumption on that insiders are trustable. However, this assumption is source of several problems. With the distributed firewall architectures, the insiders are no longer treated as “unconditionally trusted”. Dividing network into parts having different security levels is much easier with distributed firewalls.
- Security policy rules are distributed and established on an as-needed basis. Only the host that needs to communicate with the external network should determine the relevant policy. This approach dramatically eases the policy updating process and does not require each firewall to maintain the complete policy set.
- End-to-end encryption is possible without affecting the network security in distribut\ed firewall systems. In conventional firewalls, the use of end-to-end encryption was causing some problems in network security. On the other hand, end-to-end encryption significantly improves the security of the distributed firewall.
- On the other hand, there are some drawbacks of distributed firewalls that can be summarized as follows.
- Compliance of security policy for insiders is one of the major issues of distributed firewalls. This problem especially occurs when each ending host have the right of changing security policy. There can be some techniques to make modifying policies harder but it is not totally impossible to prevent it.
- It is not so easy to implement an intrusion detection system in a distributed firewall environment. It is possible to log suspicious connections on local server but these logs need to be collected and analyzed by security experts in central services.
- Future Work
- High quality administration tools NEED to exist for distributed firewalls to be accepted.
- Allow per-packet scanning as opposed to per-connection scanning.
- Need for policy updating.
REFERENCES
- Bellovin, S. M. (2019). Distributed Firewalls. http://www.seminarprojects.com/Thread-data-security-in-local-network-using-distributed-firewalls
- Deshmukh, Q. (2017) “Roll of distributed firewalls in local network for data Security”. India International Journal of Computer Science and Applications.3(6).
- Gatus, G. E. (2014). Policy Distribution Using COPSPR in a Distributed Firewall. In Australian Telecommunication Networks and Applications Conference.
- Jayesh A.P. (2017). “Approach of data security in local network using distributed firewalls”. International Journal of P2P Network Trends and Technology: 1(3).
- Jayshri V. (2017) “Data security based on LAN using distributed firewalls. International Journal of Computer Science and Mobile Computing.
- Li, Wei. (2020). Distributed Firewall. GeoInformatica. 4(3):253
- Manish G. (2017). “A survey paper data security in local networks using distributed firewalls”. International Journal on Computer Science and Engineering.90(1):52-97
- Michael A. (2011). “Reliably Erasing Data From Flash-Based Solid State Drives” (PDF). FAST ’11: 9th USENIX Conference on File and Storage Technologies.
- Oguzhan ÇAKI, (2018).Thesis on “Access Monitoring System For Distributed Firewall Policies”
- Peter, F. (2018). “Celebrating data privacy”. Google Blog.
- Pritish A. (2017). Data security in local network using distributed firewalls” [National Conference on Emerging Trends in Computer Technology (NCETCT-2014)]