Report on

Advance Firewall

Subject Code: CS828 Internet Technology & E-Commerce

Submitted by: Suhagiya Saumyakumar Dilipbhai Class: M. Tech, 1st year, CSE-IS Registration No: 11IS23F

Department of Computer Science & Engineering National Institute of Technology Karnataka, Surathkal

What is a firewall?
A firewall may be a standalone system, a software application or a hardware device that blocks/permits traffic, prevents unauthorized users or malicious traffic from accessing a network or a system. It acts as a barrier or a membrane between two or more networks. The primary job of a firewall is to secure the inside network from the outside [it can be another network or more often the internet].Depending upon the policies or access control lists configured in the firewall, it can monitor inbound/outbound traffic & plus more.

A Novel Firewall Policy Management In the latest years firewalls have seen some impressive technological advances (e.g. statefull inspection, transparency, performance, etc.) and wide-spread deployment. In contrast, firewall and security management technology is lacking. The paper proposes a secure model for firewall policy management. A secure MVC model can be used as a framework for managing the firewall policy. We believe that our approach is an important step towards streamlining the process of configuring and managing firewalls, especially in complex, multi-firewall installations.

Like any other network device, a firewall has to be managed by someone. Security policy should state who is responsible for managing the firewall, how will be managed and the access method. Management of firewall policy configurations can be complex, error-prone, costly and inefficient for many large networked organizations. Implementing a firewall configuration policy involves either writing low-level command syntax via a Command Line Interface (CLI) or the use of a graphical management console. Typical errors in a firewall configuration policy range from invalid syntax to errors in properly comprehending the configuration, given its scale and complexity. The Graphical User Interface (GUI) is the most commonly used method to configure a firewall in a timely manner, especially amongst inexperienced administrators. Actual firewall configuration tools allow individual management of the security policy. When the management of different firewall policies is required it must established one administrative session with each firewall. Each firewall will have its own security policy without any correlation with the policies of firewall from the security area. Design of the sequence of rules in a firewall must assure that these are consistent, complete, and compact. Consistency means that the rules are ordered correctly, completeness means that every packet satisfies at least one rule in the firewall, and compactness means that the firewall has no redundant rules. Firewalls are the first line of defense visible to an attacker and, by design, are generally difficult to attack directly, causing attackers to often target the administrative accounts on a firewall.

Figure 1 Global MVC architecture

SECURE AND FLEXIBLE MODEL MVC : GENERAL ARCHITECTURE

The secure and flexible model proposed in this paper describes a general practical solution capable to be used for network security management systems. Functional and architectural requirements used in the design phase of this model are: Modular design following natural Input - Processing Output flow; Accept only secure management operations; Allow administration of firewall policies from the same interface; Firewall security policy definition must be rule based; Firewall rules must be analyzed for security policy compliance; Full audit of operations.

Components of the MVC architecture are: Model - represents data and the activities that govern access this data providing in the same time facilities to update data. Often the model serves as a software approximation to a real-world process, so simple realworld modeling techniques apply when the model is defined. View - renders the contents of a model. It accesses enterprise data through the model and specifies how that data should be presented. It is the view's responsibility to maintain consistency in its presentation when the model changes. This can be achieved by using a push model, where the view registers itself with the model for change notifications, or a pull model, where the view is responsible for calling the model when it needs to retrieve the most current data. Controller - the controller translates interactions with the view into actions to be performed by the model. In a Web application, they appear as GET and POST HTTP requests. The actions performed by the controller include changing the state of the model. Based on the user interactions and the outcome of the model actions, the controller responds by selecting an appropriate view.

COMMON USAGE FOR THE SECURE MANAGEMENT MODEL

Proposed secure management model can be used as a framework for different firewall policy management systems, but it can also be used for other systems like Sessions Border Controllers (SBC) management.

Figure 2 MVC model files

Management system software implemented using the proposed model is installed and configured on the application server. Data transmitted between the client web browser and server is encrypted using SSL tunnel with a 1024-bit private key, and is figured out as secure MVC operations. After user authentication and HTTP session establishment the management system administrator can define and manage firewalls within a security area. This area of security is defined in organization security policy and can be distributed over the internet or private VPNs. Once the firewalls are defined the next step is to define the firewall security policy by setting the rules. Rules are created one by one through the rules. model.php page for the entire security area. Modular design of the application allows integration with any formal rules verification or correlation algorithms. In the context of rising security requirements and the continuing need for firewall configuration, the proposed secure management system appears with his simplicity and usability. The ability to easily manage a rewall configuration is very important in any circumstances. Our proposed secure management system provides a different approach on configuring firewalls.

Figure 3 A common usage of secure management model

Conclusion
The management system can be extended with additional modules for formal rules verification and global security correlation. It can be easily integrated with other Operations Support Services (OSS) or ServiceDesk applications in order to satisfy any enterprise requirements.