Network Security - University of Engineering and Technology
Download
Report
Transcript Network Security - University of Engineering and Technology
Network Security
Professor
Dr. Adeel Akram
Firewalls: A Practical Guide
Outline
► ICSA
Labs
► ICSA Certified Firewalls
Kerio Winroute Firewall
Astaro Security Gateway
WatchGuard X1000 Firewall
► CASE
Study
Kerio Winroute Firewall 6
About ICSA Labs
►
For over a decade, ICSA Labs, an independent division
of Cybertrust, Inc., has been the security industry's
central authority for research, intelligence, and
certification testing of products.
►
ICSA Labs sets standards for information security
products and certifies over 95% of the installed base
of anti-virus, firewall, IPSec VPN, cryptography, SSL
VPN, network IPS, anti-spyware and PC firewall
products commonly deployed in the world today.
ICSA Labs Certification
► ICSA
Labs, formerly known as the International
Computer Security Association, manages and
sponsors security consortia that provide a forum
for intelligence sharing among the leading vendors
of security products.
► In
addition, ICSA Labs publishes surveys, security
industry studies and buyers' guides for computer
security products
ICSA Labs Certification
►
►
►
The goal for ICSA Labs Certification is to enhance and
improve security implementations of network and Internet
computing, which will improve commercial security and its
use of appropriate security products, services, policies,
techniques, and procedures.
Certification enforces overall confidence in computing and
drives enhanced security measures while at the same time,
decreasing the intrusion of security measures in everyday life.
Certification also promotes user acceptance of increased
security while improving the ease of use, and the invisible,
automatic, and seamless integration of security technology in
everyday computing.
ICSA Labs Test Areas
►
►
►
►
►
►
►
►
►
►
►
►
►
Anti-Spyware
Antivirus
Cryptography
FIPS 140-2 Cryptographic Module Testing
Firewalls
Intrusion Detection
IPsec
Network Intrusion Prevention
PC Firewalls
PIV / FIPS 201
Premier Services
SSL-TLS
Wireless
Prominent ICSA Certified Firewalls
► Kerio
Winroute Firewall for Windows
► Astaro Security Linux
► WatchGuard Firebox System Family
► Juniper Networks NetScreen Firewall Family
► Microsoft Internet Security and Acceleration Server
► CISCO PIX Firewall Family
► Check Point SecurePlatform NG
► Novell BorderManager
KERIO Winroute Firewall
► Corporate
& enterprise network firewall:
► Kerio WinRoute Firewall™ is a corporate gateway
firewall for small and medium-sized businesses.
► Equipped with VPN server, optional embedded
McAfee Anti-Virus, integrated customizable ISS
Orange Web Filter, and user-specific Internet
access management, Kerio WinRoute Firewall
provides a multi-layer architecture for protecting
networks, servers and users.
►
http://www.kerio.com
ASTARO Security Gateway
►
►
http://www.astaro.com
https://demo.astaro.com
Astaro Appliances
Astaro Software
Astaro Report Manager
Configuration Manager
Astaro Secure Client
WATCHGUARD Firebox Family
►
►
►
►
Firebox
Firebox
Firebox
Firebox
Soho
Edge
Core
Peak
} X-Series
CASE STUDY: KWF 6
► Kerio
Winroute Firewall
Comes as an installer package
►~
22 MB (kerio-kwf-6.2.0-1382-win.exe)
Installs on all current versions of Windows
KWF6: Installation
►
System Requirements
• CPU Intel Pentium II or compatible; 300 MHz
• 128 MB RAM
• 2 network interfaces
• 50 MB disc space free for the installation
• Free memory for logs (depends on traffic load and selected logging level)
The product supports for the following operating systems:
• Windows 2000
• Windows XP
• Windows Server 2003
Note: The Client for Microsoft Networks component must be installed for
all supported operating systems, otherwise WinRoute will not be available
as a service and NTML authentication will not function. The component is
included in installation packages of all supported operating systems.
Installation and Basic Configuration
► Launch
the installation program
kerio-kwf-6.2.0-1382-win.exe
Select Components
►
►
►
►
►
WinRoute Firewall Engine — core of the application
WinRoute Engine Monitor — utility for WinRoute Firewall
Engine control and monitoring
its status (icon in the system’s notification area)
VPN Support — proprietary VPN solution developed by
Kerio Technologies,
Kerio Administration Console — the Kerio Administration
Console application (universal console for all server
applications of Kerio Technologies)
► Restart
the machine when the installation has
completed. This will install the WinRoute low-level
driver into the system kernel.
► WinRoute Engine will be automatically launched
after restart.
► The engine runs as a service.
► The WinRoute Engine Monitor will be launched
after a user login. This utility monitors the Engine
status and is used to start or stop the engine.
► WinRoute Engine Monitor icon is displayed in the
system’s notification area (system tray).
Conflicting System Services
► Internet
Connection Sharing and Internet
Connection Firewall
► Universal Plug and Play Device Host and
SSDP Discovery Service
Admin Console Settings
Remote Access to Admin Console
Restart After Install
► Engine
Monitor:
Appears as system tray icon
Right Clicking shows context
Menu
First Start Setup
Configuration Wizard
Internet thru Ethernet
Internet thru Dialup
Allowed Internet Services to Clients
Local Services Publishing
Enable NAT
Lets go to the Actual Process
► Kerio
Installed on Lab PCs
References
►
►
►
►
►
►
http://download.kerio.com/archive/ Select Kerio Control
(Firewall Software / Appliance)
http://www.astaro.com/products
http://www.astaro.com/support/downloads
https://support.astaro.com/support/index.php/Main_Page
http://www.watchguard.com/products/compare.asp
https://www.icsalabs.com
Kerio Control Packages
Packages
Kerio Control - Windows (32-bit)
Download (USA) | Download
(Europe)
Kerio Control - Windows (64-bit)
Download (USA) | Download
(Europe)
Kerio Control Parallels Appliance
Download (USA) | Download
(Europe)
Kerio Control Software Appliance
Download (USA) | Download
(Europe)
Kerio Control VMware Appliance
(VMX)
Download (USA) | Download
(Europe)
Kerio Control Documentation
Documentation (for version 7.1.0)
Administrator Guide - HTML (English)
Download (USA) | Download (Europe)
Administrator Guide - PDF (English)
Download (USA) | Download (Europe)
Box Installation Guide - PDF (multilingual)
Download (USA) | Download (Europe)
Kerio Control Release Notes - HTML (English)
Download (USA) | Download (Europe)
Kerio Control Release Notes - PDF (English)
Download (USA) | Download (Europe)
Step-by-Step Guide - HTML (English)
Download (USA) | Download (Europe)
Step-by-Step Guide - PDF (English)
Download (USA) | Download (Europe)
User Guide - HTML (English)
Download (USA) | Download (Europe)
User Guide - PDF (English)
Download (USA) | Download (Europe)
Questions
???????????????
???????????????
????
[email protected]