Data Security Using Firewall Seminar Report PDF Download
Computers and Networking have become inseparable by now. A number of confidential transactions occur every second and today computers are used mostly for transmission rather than processing of data. It needed to involves the corrective action taken to ease of use protect from the viruses, prevent hacking of data and to provide authenticated data transfer. Firewall is a device or set of instruments designed to permit or deny network transmissions based upon a set of rules and regulations which are frequently used to protect networks from unauthorized access while permitting legitimate communications to pass or during the sensitive data transmission and it is a collection of components, which are situated between two networks that filters traffic between them by means of some security policies. A firewall can be an effective means of protecting a local system or network systems from network based security threats while at the same time affording access to the outside world through wide area networks and the internet (Bellovin, 2019).
Traditional firewalls ( Conventional firewalls ) are devices often placed on the edge of the network that act as a bouncer allowing only certain types of traffic in and out of the network which often called perimeter firewalls. They divide the network into two parts; trusted on one side and un-trusted on the other side. For this reason they depend heavily on the topology of the network. Moreover, firewalls are a mechanism for policy control and permit a site administrator to set a policy on external access. Just as file permissions enforces an internal security policy and can enforces an external security policy.
Michael, (2011), Distributed firewalls are host-resident security software applications that protect the enterprise network’s servers and end-user machines against unwanted intrusion. They offer the advantage of filtering traffic from both the Internet and the internal network. This enables them to prevent hacking attacks that originate from both the Internet and the internal network This is important because the most costly and destructive attacks still originate from within the organization.
A feature of distributed firewalls is centralized management. The ability to populate servers and end-users machines, to configure and “push out” consistent security policies helps to maximize limited resources. The ability to gather reports and maintain updates centrally makes distributed security practical. Distributed firewalls help in two ways. Remote end-user machines can be secured . Secondly, they secure critical servers on the network preventing intrusion by malicious code and “jailing” other such code by not letting the protected server be used as a launch pad for expanded attacks (Gatus, 2014).
Usually deployed behind the traditional firewall, they provide a second layer of defense. They work by enabling only essential traffic into the machine they protect, prohibiting other types of traffic to prevent unwanted intrusions. Whereas the perimeter firewall must take a generalist, common denominator approach to protecting servers on the network, distributed firewalls act as specialists.
Firewall is a device or set of instruments designed to permit or deny network transmissions based upon a set of rules and regulations which are frequently used to protect networks from unauthorized access while permitting legitimate communications to pass or during the sensitive data transmission. Distributed firewalls allow enforcement of security policies on a network without restricting its topology on an inside or outside point of view. Use of a policy language and delegating its semantics to all members of the network domain supports application of firewall technology for organizations which network devices communicate over insecure channels and still allow a logical separation of hosts in- and outside the trusted domain.
The requirements of data security have undergone three major changes in the last decades. The first major change was the introduction of the computer. The need for protecting files and information became evident. Collection of tools designed to protect data and to avoid hacker attacks has the generic name computer security. The second major change was the introduction of distributed systems, networks and communication facilities for data communication. Data security measures are needed to protect data during transmission. The third change is the current, rapid development of wireless networks and mobile communications. Data security is therefore of high priority today (Jayesh 2017).
1.2 Evolution of Distributed Firewall from the Conventional Firewall
Firewall is a device or set of instruments designed to permit or deny network transmissions based upon a set of rules and regulation is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass or during the sensitive data transmission. Distributed firewalls allow enforcement of security policies on a network without restricting its topology on an inside or outside point of view (Li, Wei. (2020). Use of a policy language and centralized delegating its semantics to all members of the networks domain support application of firewall technology for organizations, which network devices communicate over insecure channels and still allow a logical separation of hosts in- and outside the trusted domain.
We introduce the general concepts of such distributed firewalls, its requirements and implications and introduce its suitability to common threats on the Internet, as well as give a short discussion on contemporary implementations.
A firewall is a collection of components, interposed between two networks, that filters traffic between them according to some security policy.
Basic structure of a firewall
Some problems with the conventional firewalls that lead to Distributed Firewalls are as follows.
- Depends on the topology of the network.
- Do not protect networks from the internal attacks.
- Unable to handle protocols like FTP and RealAudio.
- Has single entry point and the failure of this leads to problems.
- Unable to stop “spoofed” transmissions (i.e., using false source addresses).
In order to solve these problems while still retaining the advantages of the conventional firewalls, the concept of “distributed firewall” is proposed.
1.3 Advantages and Disadvantages of Data Security using Firewalls
The introduction of distributed firewalls offered some solutions to the problems cannot be easily handled by conventional firewalls. The advantages of distributed firewalls Can be stated as follows ((Jayshri ,2017):
Topological independence is one of the main advantages of distributed firewalls. Since network security no longer depends on network topology, it provides more flexibility in defining the security perimeter. Security perimeter can easily be extended to cover remote hosts and networks whenever required.
Opposing to conventional firewalls, network security is no more dependent on the single firewall so that problems like performance bottleneck and traffic congestion are resolved. Besides, the load on the traditional firewall is reduced since a large amount of filtering is performed at the end hosts (Jayshri ,2017)
As mentioned earlier, filtering of certain protocols such as FTP are not so easy on a conventional firewall. Such kind of a process is much easier on distributed firewalls since all of the required information is available at the decision point, which is the end host in general.
The number of outgoing connections does not create so many difficulties in terms of network administration. Adding new links or removing existing links does not affect the network security. Similarly, backdoor connections that are created by insiders intentionally or inadvertently do not create new threats to network security in distributed firewalls (Jayshri ,2017)
Advantages of Data Security:
- The data protection helps to keep personal data secure and protected.
It protects valuable information such as business transactions and financial statements. Hence it increases confidence in consumers to purchase items or things online. Hence it increases revenue of the businesses both offline and online.
- It increases quality of stored data as well data during transaction.
- It does not depends on any particular technology. It can be applied to all.
- It reduces risk of financial loss.
- It prevents company recipes, project/product documents and software being stolen by competitor companies.
Drawbacks or disadvantages of Data Protection
Following are the challenges or drawbacks or disadvantages of Data Protection during its implementation:
- Poor data protection processes or procedures lead to lack of confidence in consumers. Moreover stringent protection of data leads to adverse effects on the digital economy. Hence data protection should be optimum.
- There is no single global agreement on data protection.
- Data protection is challenged and influenced by advances in technologies and business practices. The relationship between data protection and online activities changes all the time.
- It is costly and time consuming to maintain data protection principles.
- Employees and stake holders of business establishments are required to be trained by providing appropriate training courses.
- It is essential to use appropriate technical and organisational measures in order to protect unauthorised or unlawful processing of personal data. This is very difficult to manage.
- Personal data shall not be transferred to a country or territory outside from where it has originated. Doing so will breach the data protection laws unless the country ensures adequate level of protection to the data and processing of the data