Firewalls & VPNs Flashcards
Network Security
What is a firewall?
A firewall filters traffic based on a set of criteria.
What is the goal of a firewall?
To control traffic that enters (from the internet and other networks) and leaves (going out to the internet and other networks) the network.
How are firewalls created?
By creating rules for inbound and outbound connections using Access Control Lists (ACLs).
What are the two main types of firewalls?
Network based Firewall & Host-based Firewall
What is a network based firewall?
Physical hardware on the edge of the network. The protects the network against other networks
What is a host-based firewall and what does it do?
Software on a computer that controls which applications and ports are allowed to talk inbound and outbound on an individual workstation or host computer.
What are some services that dedicated network firewalls can provide?
Firewalling, VPN services, Anti-Malware, Content Filtering, etc.
What are corporate dedicated network firewalls called?
Unified Threat Management (UTM) firewalls
What do Dedicated Utm Firewalls do?
Protect all corporate internet access
What’s an ACL?
Access Control List are used on routers and firewalls to create a list of rules for permitting and denying traffic.
What are stateless firewalls?
Firewalls that employ ACLs to control traffic (inbound and outbound)
What do ACLs define?
ACLs define what protocols, source networks, destination networks, and port numbers can do.
What are stateful firewalls?
Keep track of the connections on the network and can allow return traffic as long as it was first generated from inside the network.
What capabilities do modern firewalls have?
Stateful and stateless capabilities, which is creating ACLs and keeping track of network connections to make information permit decisions.
What is Deep Packet Inspection?
Allows firewalls to take apart packets that are coming onto the network, examine their contents are determine their context.
i.e. What is this connection doing? What is the purpose of this traffic?
What kind of firewalls utilize Deep-Packet Inspection?
Application Aware Firewalls or Context Aware Firewalls
How are decisions made with Deep-Packet Inspection firewalls?
Decisions can be made based on what is deep inside the packets rather than just where its coming from and where its going to.
Whats a VPN?
A virtual private network provides a private network connection between two endpoints.
How are VPN connections protected?
The VPN encrypts the tunnel between the two endpoints.
What are the two main types of VPNs?
Host-to-Site and Site-to-Site
What is Host-to-Site VPN?
VPN Client is installed on a Hosts/Users computer in order to get remote access to the corporate network through the firewall. This makes it a private extension of the main network.
What is Site-to-Site VPN?
When a VPN tunnel is configured from a remote corporate office to headquarters through a remote office VPN capable device.
What is a VPN Concentrator?
A device that is dedicated to handling large amounts of VPN connections.
What is PPTP?
Point to Point Tunneling Protocol is a VPN Protocol that uses PPP for authentication and modified GRE for the tunnel. There is no inherent encryption, its unsecure, and mostly obsolete.
