Firewalls and Network Security

Chapter 7

Firewalls and Network Security

7.1. Firewall and its types

7.2. Gateways

7.3. Proxy Servers and its advantages and disadvantages

7.4. Transaction Security

7.5. Types of transaction

7.6. Requirements for transaction

7.7. Encryption: asymmetric and symmetric encryption

7.8. Digital signatures

7.9. Digital certificates

7.10. Implementation and management issues

 

7.1. Firewall and its types

A firewall is a network security device, either hardware or software-based, which monitors all incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects or drops that specific traffic.

Accept : allow the traffic

Reject : block the traffic but reply with an “unreachable error”

Drop : block the traffic with no reply

A firewall establishes a barrier between secured internal networks and outside untrusted network, such as the Internet.

Types of Firewall

There are mainly three types of firewalls, such as software firewalls, hardware firewalls, or both, depending on their structure. Each type of firewall has different functionality but the same purpose. However, it is best practice to have both to achieve maximum possible protection.

A hardware firewall is a physical device that attaches between a computer network and a gateway. For example- a broadband router. A hardware firewall is sometimes referred to as an Appliance Firewall. On the other hand, a software firewall is a simple program installed on a computer that works through port numbers and other installed software. This type of firewall is also called a Host Firewall.

Besides, there are many other types of firewalls depending on their features and the level of security they provide. The following are types of firewall techniques that can be implemented as software or hardware:

 

·       Packet-filtering Firewalls

·       Circuit-level Gateways

·       Application-level Gateways (Proxy Firewalls)

·       Stateful Multi-layer Inspection (SMLI) Firewalls

·       Next-generation Firewalls (NGFW)

·       Threat-focused NGFW

·       Network Address Translation (NAT) Firewalls

·       Cloud Firewalls

·       Unified Threat Management (UTM) Firewalls Gateways

 

7.2. Gateways

A gateway is a network node that forms a passage between two networks operating with different transmission protocols. The most common type of gateways, the network gateway operates at layer 3, i.e. network layer of the OSI (open systems interconnection) model. However, depending upon the functionality, a gateway can operate at any of the seven layers of OSI model. It acts as the entry – exit point for a network since all traffic that flows across the networks should pass through the gateway. Only the internal traffic between the nodes of a LAN does not pass through the gateway.

Features of Gateways

Gateway is located at the boundary of a network and manages all data that inflows or outflows from that network.

It forms a passage between two different networks operating with different transmission protocols.

A gateway operates as a protocol converter, providing compatibility between the different protocols used in the two different networks.

The feature that differentiates a gateway from other network devices is that it can operate at any layer of the OSI model.

It also stores information about the routing paths of the communicating networks.

When used in enterprise scenario, a gateway node may be supplemented as proxy server or firewall.

A gateway is generally implemented as a node with multiple NICs (network interface cards) connected to different networks. However, it can also be configured using software.

It uses packet switching technique to transmit data across the networks.

Types of Gateways

On basis of direction of data flow, gateways are broadly divided into two categories −

Unidirectional Gateways − They allow data to flow in only one direction. Changes made in the source node are replicated in the destination node, but not vice versa. They can be used as archiving tools.

Bidirectional Gateways − They allow data to flow in both directions. They can be used as synchronization tools.

On basis of functionalities, there can be a variety of gateways, the prominent among them are as follows −

Network Gateway − This is the most common type of gateway that provides as interface between two dissimilar networks operating with different protocols. Whenever the term gateway is mentioned without specifying the type, it indicates a network gateway.

Cloud Storage Gateway − It is a network node or server that translates storage requests with different cloud storage service API calls, such as SOAP (Simple Object Access Protocol) or REST (Representational State Transfer).It facilitates integration of private cloud storage into applications without necessitating transfer of the applications into any public cloud, thus simplifying data communication.

Internet-To-Orbit Gateway (I2O) − It connects devices on the Internet to satellites and spacecraft orbiting the earth. Two prominent I2O gateways are Project HERMES and Global Educational Network for Satellite Operations (GENSO).

IoT Gateway − IoT gateways assimilates sensor data from IoT (Internet of Things) devices in the field and translates between sensor protocols before sending it to the cloud network. They connect IoT devices, cloud network and user applications.

VoIP Trunk Gateway − It facilitates data transmission between plain old telephone service (POTS) devices like landline phones and fax machines, with VoIP (voice over Internet Protocol) network.

7.3. Proxy Servers and its advantages and disadvantages

The proxy server is a computer on the internet that accepts the incoming requests from the client and forwards those requests to the destination server. It works as a gateway between the end-user and the internet. It has its own IP address. It separates the client system and web server from the global network.

In other words, we can say that the proxy server allows us to access any websites with a different IP address. It plays an intermediary role between users and targeted websites or servers. It collects and provides information related to user requests. The most important point about a proxy server is that it does not encrypt traffic.

Need of Proxy Server

·       It reduces the chances of data breaches.

·       It adds a subsidiary layer of security between server and outside traffic.

·       It also protects from hackers.

·       It filters the requests.

Advantages of Proxy Server

·       There are the following benefits of using the proxy server:

·       It improves the security and enhances the privacy of the user.

·       It hides the identity (IP address) of the user.

·       It controls the traffic and prevents crashes.

·       Also, saves bandwidth by caching files and compressing incoming traffic.

·       Protect our network from malware.

·       Allows access to the restricted content.

Disadvantages of Proxy Server

·       Tracking: The cache data the proxies use can remember all of the personal informations including that of passwords. This will not be a problem unless someone from outside gathers them. However the problem may comes from the side of proxy itself. There are chances where employees working under proxy misuses these informations. Therefore, it is always recommended to invest in a proxy from a legitimate service provider.

·       Security: Although proxies provide the benefits of anonymity, it lacks on the side of encryption. Most proxies use SSL certificates for encrypting the data. This isn't strong enough to prevent today's attacks. Especially from the attacks known as SSL stripping. Hence, when the SSL type encryptions are used, the data traveling through the server will be less secure.

·       Incompatibility: Proxy may not always be compatible with your local network. Both the proxy and the network has its own configurations. In this case if you need to use the proxy in your location network, you have to either configure them or go with a proxy that completely matches with the network you are using.

·       Cost: Setup and maintenance of a proxy server can be costly. Even though large organizations can easily cover up this expense it will be not for small businesses. Besides installation there are various other expenses involved here.

·       Configurations: The configurations of the proxies are pre programmed for one specific goal. Therefore, there must be some coding that must be done to fulfill one's requirement. But the configurations of a proxy can be quite difficult. It must be made perfectly in a way that no any ports are left open, so that no hackers can spy on your personal information.

 7.4. Transaction Security

7.5. Types of transaction

7.6. Requirements for transaction

7.7. Encryption: asymmetric and symmetric encryption

 

7.8. Digital signatures

As the name suggests, a digital signature is an advanced alternative of electronic signatures used for signing documents. It uses cryptographic technology to ensure the authenticity of documents and digital communication happening over the internet.

Digital signature uses a unique mathematical technique that verifies if the document has been forged or modified in any manner.

Digital signature in eCommerce ensures the security of online transactions and helps build the trust of buyers. It helps in validating the authenticity of a buyer. Digital signature in eCommerce provides the evidence to validate any transaction, digital message, or document.

Role of Digital Signature Software in eCommerce

As e-commerce deals with buying and selling of products online, all the records of these transactions are in the form of digital documents. A digital signature software enables businesses to speed up their processes as they can share invoices, receipts, and other transaction related documents with customers directly. You can use customizable templates for the standard documents and save time.

Most digital signature software solutions support bulk actions like deletion and sharing. You don’t have to email these documents separately on a one-by-one basis. Also, digital signatures ensure legal validity of these documents. So, you do not have to spend money on printing hard copies of these documents.

Also, the digital signatures created for the documents using digital signature software come with a tamper evident seal. Every change in activity log is tracked and time stamped so that no alterations can be made without your knowledge. By ensuring data security and privacy, e-commerce businesses can also avoid regulatory penalties.

 

7.9. Digital certificates

A Digital Certificate is an electronic "password" that allows a person, organization to exchange data securely over the Internet using the public key infrastructure (PKI). Digital Certificate is also known as a public key certificate or identity certificate.

Digital certificates are a proof of an endpoint’s authenticity, like a server or a user. For example, if a browser requests a website, how do we know that the page that’s returned to us is the genuine one? Digital certificates provide the stamp of genuineness by binding the public key with the entity (server or client) that owns it, provided the entity possesses the corresponding private key. Digital certificates are issued by a Certificate Authority (CA).

A digital certificate contains the name of the certificate holder, a serial number, expiration dates, a copy of the certificate holder’s public key (used for encrypting messages and digital signatures) and the digital signature of the certificate-issuing authority (CA) so that a recipient can verify that the certificate is real.

There are three types of Digital Certificates; namely

TLS/SSL Certificate

Code Signing Certificate

Client Certificate

 

TLS/SSL Certificate

TLS/SSL (Transport Layer Security/Secure Socket Layer) Certificates are installed on the server. The purpose of these certificates is to ensure that all communication between the client and the server is private and encrypted. The server could be a web server, app server, mail server, LDAP server, or any other type of server that requires authentication to send or receive encrypted information. The address of a website with a TLS/SSL certificate will start with “https://” instead of “http://”, where the “s” stands for “secure.

Code Signing Certificate

Code Signing Certificates are used to sign software or files that are downloaded over the internet. They’re signed by the developer/publisher of the software. Their purpose is to guarantee that the software or file is genuine and comes from the publisher it claims to belong. They’re especially useful for publishers who distribute their software for download through third-party sites. Code signing certificates also act as a proof that the file hasn’t been tampered with since download.

Client Certificate

Client Certificates or Digital IDs are used to identify one user to another, a user to a machine, or a machine to another machine. One common example is emails, where the sender digitally signs the communication, and the recipient verifies the signature. Client certificates authenticate the sender and the recipient. Client certificates also take the form of two-factor authentication when the user needs to access a protected database or arrives at the gateway to a payment portal, where they’ll be expected to enter their passwords and be subjected to further verification

 

Need of Digital Certificate

Identification / Authentication: The persons/entities with whom we are communicating are really who they say they are.

Confidentiality: The information within the message or transaction is kept confidential. It may only be read and understood by the intended sender and receiver.

Integrity: The information within the message or transaction is not tampered with accidentally or deliberately end route without all parties involved being aware of the tampering.

Non-Repudiation: The sender cannot deny sending the message or transaction, and the receiver cannot deny receiving it.

Access Control: Access to the protected information is only realized by the intended person or entity.

 

7.10. Implementation and management issues