• Breaking News

    VPN ,Proxies, Firewalls and DMZ

    April 08, 2018 0

    DMZ (Di militarized zone) and VPN

    DMZ(Di militarized zone)



     

                                                   
    Short brief explanation of DMZ
    ·          Organization  have internal network so we put  web server in zone protected by firewalls such that It hold the resources you want the outsiders to be able to access across the internet for example in online business we want your money but we don’t trust you.
    ·         These firewall prevent traffic from public internet to prevent internal network
    ·         This demilitarized zone make the server available for users online but they no access to internal network
    ·         If the web server is compromised then the hackers can only affect what’s inside the DMZ not internal network (LAN) which is protected by firewall
     REMOTE ACCESS :Some staff in an organization may work from home or work from other organization to which they offer service.These people will be connecting remotely to the internal systems on organizational  network .We ensure that this communication is going via VPN(VIRTUAL PRIVATE NETWORK)

                                     VIRTUAL PRIVATE NETWORK


    1->Make sure that the traffic going in is decrypted
    2->Make sure that the traffic going out is encrypted
    Short explanation of VPN
    Virtual private network ensures that traffic moving out is with in bunch of internal such that malicious person on the internet can not reach on your network ,keeping network communication strong.VPN concentrator device do encryption 




    Firewalls the protectors of computer

    What are firewalls and what is their purpose in maintaining security of computers
    Firewalls: It protects the computer from undefined access from internet and other sources

    Types of firewall:
    ·         Packet filtering
    ·         Application /proxy firewall
    ·         Hybrid firewall
    Packet filtering firewall
    Packet:It is part of actual data  between sender and receiver.
    While downloading or receiving something on computer the firewalls checks the sender and receiver port no present in data packet.The rules in access control list are used for data packet verification .If everything is fine the packet is allowed to pass to computer .
     LIMITATION:
    It does not  check payload .Payload is the actual  data.This is an advantage for hackers to send malicious data in payload .
           Application /proxy firewall
    If you have requested for website to internet using proxy.The proxy don’t let the internet know who requested(The origin of  request ) by not telling our IP address (physical address allocated  by network provider to customer). Advantage is it checks the payload and port no.
                                                              HYBRID FIREWALL
    Combines the function of both packet filtering and proxy firewall

    Forward and reverse proxies

    Forward proxy


    This proxy server hide  IP address of personal computer (client) and show public address to the server means the server does not know IP address of client on other side.
    In forward proxy the private address is converted into public address which is called network address translation
     Benefits :
    ·         -->Multiple computers can share one pubic address provided by forward proxy
    ·      --> Cauching:If one computer on the network request the proxy to ask the internet server for weather update and in return get the requested answer.Now if other computers on network ask for the same question about weather the proxy will not request the same question to internet server as it has saved the answer .So it will pass the answer to requested  computers.It allows reduced usage of our bandwidth.
    ·        ---> It offers security ,the malicious person(hacker) on the internet only see’s  proxy address i.e the public address provided by proxy they don’t see our computer’s   IP address.They can not directly attack our computer.

    Reverse proxy


     The client computer will be given access to requested server but the client does not know  that the request is forwarded to which server.In short the client does not know about to which server the reverse proxy has forwarded his request.
     Benefits:
    1.The reverse proxy protects internet server from PC user If the request is illegal it will not allow the block that traffic, reverse proxy server is set to defend the internet sever
    2.The work is divided into multiple servers(1.2.3)In case 1 server fails the next will be available





    Tags:
    Author Image

    About techo help

    No comments

    Subscribe to: Post Comments ( Atom )

    About me

    I am a university student doing bachelors in computer science.I love to discover new interesting facts about technology. I believe in creativity and believe that passion and skills together lead to success. Everybody is genius you just have to believe in yourself and discover your passion. I believe in Albert Einstein words : "Everyone is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid." I think that our educational system judge us by criteria of how much one can memorize things better it's rat race where no one is concerned about improving knowledge but only to get 1sr position and become the best one to memorize things. We have to discover technology and discover our strength that what we can contribute.