1 00:00:00,560 --> 00:00:07,670 OK, so now let's talk about Farmville, you all have heard a word firewall, we know whenever you go 2 00:00:07,670 --> 00:00:13,040 to buy a new PC and the person who's going to sell you the piece, you say that do not forget to install 3 00:00:13,040 --> 00:00:19,850 the firewall on your network or if you are working in a company, sometimes a website or the application 4 00:00:19,850 --> 00:00:21,650 says you are being blocked by a firewall. 5 00:00:21,650 --> 00:00:25,610 You cannot access this website, go back and go back to the safe mode. 6 00:00:26,390 --> 00:00:28,130 So what exactly is a firewall? 7 00:00:28,850 --> 00:00:31,160 Yeah, let's answer this in this lecture. 8 00:00:31,760 --> 00:00:35,180 So basically firewalls are your networks, the security guards. 9 00:00:35,420 --> 00:00:40,520 And to be real, they're probably the most important things to implement on your network. 10 00:00:41,360 --> 00:00:47,870 That's because today's networks are almost always connected 24 by seven to the Internet, a situation 11 00:00:47,870 --> 00:00:49,860 that makes security very crucial. 12 00:00:50,600 --> 00:00:57,140 The firewall protects your land resources from invaders that use Internet for unprotected networks while 13 00:00:57,140 --> 00:01:01,140 simultaneously preventing all or some of your land's computers. 14 00:01:02,300 --> 00:01:09,320 Now you can use firewalls to filter packets based on the rules that you or a network administrator create 15 00:01:09,590 --> 00:01:15,590 and configure strictly to eliminate the type of packets which are not intended for your PC. 16 00:01:16,160 --> 00:01:24,410 For example, let's say you configure your firewall to discard all the packets having the protocol HTP, 17 00:01:24,410 --> 00:01:28,130 which is hypertext transfer protocol and it is not a secure protocol. 18 00:01:29,080 --> 00:01:36,670 OK, wait, don't get confused between NHTSA, we are going to see all these protocols in upcoming lectures 19 00:01:36,850 --> 00:01:44,410 for time being, just understand that HTP and ATP's are two different protocols, that extra DPS is 20 00:01:44,410 --> 00:01:45,590 more secure protocol. 21 00:01:46,120 --> 00:01:52,270 So now if you employ a signature or if you imply a rule that says that, please discard all the packets 22 00:01:52,270 --> 00:02:00,880 that have HTP, your firewall will not allow a packet entering from the Internet having htp a protocol. 23 00:02:02,860 --> 00:02:10,840 So far, all can operate on multiple layers of the user model and some firewalls can operate up to the 24 00:02:10,840 --> 00:02:14,070 application layer, which have a great functionality on your PC. 25 00:02:15,070 --> 00:02:21,520 A firewall can either be a standalone black box or a software implementation placed on a certain router, 26 00:02:22,120 --> 00:02:28,410 either via the firewall will have at least two network connections, one to the Internet. 27 00:02:28,420 --> 00:02:32,200 That is the public side from where all the data comes to a network. 28 00:02:32,560 --> 00:02:36,490 And the other one is the network known as the private side. 29 00:02:37,240 --> 00:02:44,380 Now, sometimes that is a second wire fall as I'm sorry, there is a second firewall, as you can see 30 00:02:44,380 --> 00:02:50,800 on the screen now, this firewall is used to connect to servers and equipment that can be considered 31 00:02:50,980 --> 00:02:54,810 both public and private, like Web email servers. 32 00:02:55,360 --> 00:02:56,200 I'll show you. 33 00:02:56,200 --> 00:02:58,270 Just give me a second and. 34 00:02:58,270 --> 00:03:00,690 Yeah, so you can see this part here. 35 00:03:01,360 --> 00:03:02,870 This is one firewall. 36 00:03:02,920 --> 00:03:04,360 This is the first firewall. 37 00:03:05,830 --> 00:03:09,390 This is the first of all, this is the second firewall in between. 38 00:03:09,400 --> 00:03:11,690 There are these servers that need to be protected. 39 00:03:12,010 --> 00:03:17,740 Now, these servers are directly accessible to the normal person, but there is a firewall in between. 40 00:03:18,040 --> 00:03:22,150 And these servers are also a private property of a company. 41 00:03:22,720 --> 00:03:32,710 So the zone between two different firewalls, OK, this zone, this zone is known as demilitarized zone. 42 00:03:33,190 --> 00:03:34,570 That is the. 43 00:03:35,600 --> 00:03:44,240 And the that is demilitarised zone firewalls are the first line of defense for an Internet connected 44 00:03:44,240 --> 00:03:51,290 network without any place a firewall, any network that is connected to the Internet is essentially 45 00:03:51,290 --> 00:03:57,400 wide open to anyone with the technical savvy who seeks to exploit all the resources. 46 00:03:57,420 --> 00:04:04,310 So, for example, if you don't have this firewall in place, an attacker here, an attacker here can 47 00:04:04,310 --> 00:04:06,260 directly access your servers. 48 00:04:06,560 --> 00:04:12,730 And if he's able to exploit one of these servers, he can directly have access to the whole Internet. 49 00:04:13,100 --> 00:04:16,610 And in this way, your whole Internet can get compromised. 50 00:04:17,210 --> 00:04:21,170 And that is why firewalls are really very important. 51 00:04:22,990 --> 00:04:29,350 In the next lecture, we'll have a look at the detection systems, intrusion detection systems and prevention 52 00:04:29,350 --> 00:04:30,240 systems as well. 53 00:04:30,670 --> 00:04:36,480 So they are also kind of firewalls which protect your network, but they function. 54 00:04:37,090 --> 00:04:42,400 There are a couple of differences between firewall and the detection and prevention systems that does 55 00:04:42,400 --> 00:04:43,950 exclude them in the next lecture.