Networking & Security

Introduction to Network Security

Firewall

A firewall can be software or hardware.  A hardware firewall is a device that is plugged on to your network physically. It is a small metal box having ports. It is hooked between your network and your computer. It is more secure than a software firewall because it’s not physically on your machine. However, it is best suited for businesses and large networks and is not used commonly.

The software firewall also called application firewall is most commonly used to protect data through constant inspection of inbound and outbound IP packets passing through the firewall. The firewall acts as a gatekeeper between a secure network and an unprotected network and allows or denies passing of traffic based on the security policies configured in the firewall. It ensures that nothing private goes out and nothing malicious comes in, as shown in Figure 4:

Figure 4

The software firewall requires a proper understanding of network endpoints and organization’s day-to-day operations so that it can be configured properly. Without proper configuration, it is of no use. The firewall can be one or more of the following types:

  • Packet Filter: As the name suggests the packet filtering firewall inspects each packet passing through it for five characteristics: Source IP address, Source port, Destination IP address, Destination port, and IP protocol. You can use Packet Filter firewall to block particular type of traffic on a particular port. For example you can block web traffic on port 80 and telnet traffic on port 23.
  • Proxy Firewall: As the name suggests the application-proxy firewall impersonates the internal web server and hides internal network addresses from the outside world. It checks each packet passing the firewall against the firewall rules and if the packet is allowed then it destroys and re-creates each packet to prevent unknown attacks based upon TCP/IP weaknesses.
  • Stateful Inspection or Stateful Packet Filtering: As the name suggests the stateful packet filtering firewall keeps a track of the state of network connections. For example it examines TCP and UDP communications that passes through it and allows only those packets that match a known connection state.

Firewall can be internal or external software. The Internal firewalls are built into operating systems: such as Windows XP, Windows Vista, and Windows Server 2000/2003/2008. The example of external firewall is ISA Server

Biometrics

Biometrics is an authentication method that authenticates a person based on the unique characteristics of that person. For example, fingerprints, iris, retina, or face, as shown in Figure 5.

Figure 5

Biometrics characteristics can be divided into two classes: Psychological and behavioral.  Psychological characteristics are related to the shape of the body and the behavioral are related to the human behavior. For example voice, handwriting, or typing rhythm.

The biometric systems, as shown in Figure 6 works in the following manner:

Figure 6

Step-1: The first step of a biometrics system is to capture or collect the samples of biometric features of the people who want to get authenticated by the system.

Step-2: The second step is to uniquely extract the data from the sample and to create a biometric template for the individual.

Step-3: The third step is to compare the template created with the new sample to verify the correctness of the template. If the verification passes then the template is stored as a reference template for that person.

Step-4:  The fourth step is to match the person’s trait with the reference template, when the person comes in contact with the biometric system. The system then confirms the persons identity if the match is found else a non-match is confirmed.