Logo
programming4us
programming4us
programming4us
programming4us
Windows XP
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone
 
 
Windows Server

Windows Server 2003 : Protecting Hosts with Windows Host Firewalls - Firewall Basics

12/5/2012 4:41:20 PM
Firewalls were originally implemented at the perimeters of networks to protect hosts on a trusted network against hosts on an untrusted network. The firewall was implemented on a device with multiple interfaces. One interface connected to the Internet or public (untrusted) network, and the other connected to the organization's trusted or private network. These early firewalls often allowed all outbound packets to pass from the private network to the public and blocked all inbound communications.

If a web server, DNS server, FTP server, or other host offered services that should be accessible from the public network, the host sat outside the firewall. Later, a second firewall was added to protect these public-facing hosts, and still later the single-perimeter firewall model added filters that allowed inbound packets to specific services available on the private network. The firewall inspected, rejected, or passed on all traffic attempting to pass through it, based on rules configured on the firewall.

Perimeter firewalls are still the most common example of firewalls today. However, a growing number of organizations are implementing firewalls on internal network segments, and organizations and individuals are implementing host-level firewalls. In some cases, the host firewall may be the only perimeter protection the host receives. These implementations recognize that there is risk on every network, even one placed behind a perimeter firewall.

Windows Server 2003 and Windows XP provide a native host firewall, as well as several ways to create rudimentary firewall services on the host. To implement Windows host firewalls correctly, and to determine if they are the best firewalls for the job, you must consider their capabilities.

The first firewalls were little more than packet-filtering routers . The firewall filtered all traffic bound from one network to the other and blocked or permitted packets based on internal rules that designated the ports and IP addresses that were unacceptable. Modern firewalls also provide stateful filtering and possibly application layer filtering . Stateful filtering only permits inbound packets that are responses to requests from hosts on the private network. The firewall maintains a table of current outbound connections, including source and destination IP addresses and ports. When an inbound packet arrives, its information is compared to entries on the list. If a match is found, the packet is allowed; if not, it is dropped. An application layer firewall blocks and permits based on packet content, not just header information. Traffic bound for port 80 on an internal web server must meet additional conditions beyond IP address and port information.

Some host firewalls offer all these services and some do not. Another difference between perimeter firewalls and host-level firewalls is that some host-level firewalls only offer ingress (or inbound) traffic filtering, while others offer both ingress and egress (or outbound) filtering.

Figure 1 illustrates a packet-filtering router/firewall. In the figure, a short rule list indicates the traffic that is allowed to pass. This firewall's job is to block all port 80 traffic, except traffic bound to the web server at IP address 192.168.5.60. Note that the log sample included shows that access to port 80 on 192.168.5.60 is allowed, but access to port 80 on 192.168.5.10 is blocked.

Figure 1. A simple packet-filtering router

Figure 2 shows a firewall with stateful inspection. Traffic may be passed to hosts on the internal network in response to their requests. In the figure, workstation 192.168.5.10 requests a web page from the Internet-based server and a response is returned.

Figure 3 shows an example of an application layer firewall. Packets are inspected not just by port and IP address, but also by content. Note that access to the web server, while permitted, is blocked after examination of the packet. The description in the log, of course, will be determined by the programming of the application layer firewalls.

Ingress and egress filtering is an important part of network protection. While ingress filtering seeks to protect hosts on the internal network from the actions of hosts on the external network, egress filtering seeks to protect hosts on all networks from hosts on the internal network. Recent malicious software (or malware) may require connection to external hosts to complete the infection, may provide remote control to external attackers, or may infect additional hosts. By provided egress filtering, you are not only being a good "Internet citizen" but also containing your losses by preventing the completion of the infection.

Each of these capabilities forms an important part of firewall protection and should be a part of your decisions on which type of firewall, perimeter firewall, or a host firewall, to select. It may appear to be a simple decision (that is, select the firewall that offers all of these services). However, other factors to consider including ease of

Figure 2. Stateful firewalls allow incoming responses to the requests of internal computers

Figure 3. The application layer firewall uses the content of the packet for filtering decisions

management, protection during startup, cost, and support make that decision more complicated. In addition, some factors such as ease of management more important to host-level protection. 

A good starting point is an examination of Internet Connection Sharing.

Other -----------------
- Collaborating Within an Exchange Environment Using Microsoft Office SharePoint Server 2007 : Exploring Basic MOSS Features
- Collaborating Within an Exchange Environment Using Microsoft Office SharePoint Server 2007 : Understanding the History of SharePoint Technologies, Identifying the Need for MOSS 2007
- Managing SharePoint 2010 with Windows PowerShell : Managing SharePoint 2010 Web Applications
- Managing SharePoint 2010 with Windows PowerShell : Managing Permissions in SharePoint 2010, Managing Content Databases in SharePoint 2010
- BizTalk 2010 : ASDK SQL adapter examples (part 4) - Composite Operations
- BizTalk 2010 : ASDK SQL adapter examples (part 3) - Query notification and multiple result sets
- BizTalk 2010 : ASDK SQL adapter examples (part 2) - Select, Table Valued Function, and Execute Reader
- BizTalk 2010 : ASDK SQL adapter examples (part 1) - TypedPolling and debatching
- Microsoft Dynamics AX 2009 : Integration with Microsoft Office - Sending email using Outlook
- Microsoft Dynamics AX 2009 : Integration with Microsoft Office - Exporting data to Microsoft Project
 
 
Video tutorials
- How To Install Windows 8 On VMware Workstation 9

- How To Install Windows 8

- How To Install Windows Server 2012

- How To Disable Windows 8 Metro UI

- How To Change Account Picture In Windows 8

- How To Unlock Administrator Account in Windows 8

- How To Restart, Log Off And Shutdown Windows 8

- How To Login To Skype Using A Microsoft Account

- How To Enable Aero Glass Effect In Windows 8

- How To Disable Windows Update in Windows 8

- How To Disable Windows 8 Metro UI

- How To Add Widgets To Windows 8 Lock Screen
programming4us programming4us
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 windows Phone 7 windows Phone 8
programming4us programming4us
 
Popular keywords
HOW TO Swimlane in Visio Visio sort key Pen and Touch Creating groups in Windows Server Raid in Windows Server Exchange 2010 maintenance Exchange server mail enabled groups Debugging Tools Collaborating
programming4us programming4us
 
programming4us
Girls
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone