Reference no: EM132411878

M7A2: Hands-on Lab: Firewall Rule Configuration

Note: Incorrect modifications to the firewall configuration could block access to legitimate communication for you and others who route through the same firewall. Please document all your steps and be prepared to roll back the changes should they cause problems to you or others on the same network.

Firewalls serve as the primary means of defense at the perimeter level. Some firewalls also come with Intrusion Prevention System (IPS) capabilities, while others do not. Many operating systems such as Windows, MacOS, and Unix come with built-in firewalls.

Here are some instructions on reviewing and changing the configuration of the firewall for different types of operating systems:
• Configure Windows Firewall in Windows 10/8/7
• OS X: About the application firewall
• The Beginner's Guide to iptables, the Linux Firewall

In case, you don't have one of the above operating systems, or would like to configure a firewall other than the default operating system firewall, you may choose to download and configure ZoneAlarm free firewall form the following resource:
ZoneAlarm. (n.d.). ZoneAlarm free firewall 2017.

Instructions for configuring this firewall can be found at the following location:

ZoneAlarm. (n.d.). Customizing program access permissions.

The following exercise requires you to configure certain rules on a firewall and provide explanations as to what these rules help to achieve. You may do this on your own laptop or on the router/firewall that your network uses to connect to the Internet. Please document your steps and responses with screenshots:

• With regards to outbound traffic, does your firewall already have certain rules to block specific ports or applications? Please list some of these rules and explain two of them in detail.
• Create a new rule to block any specific port or protocol (i.e. ICMP or HTTP, or other ports or protocols). Show the configuration steps to create such a rule.
• Explain what outbound filtering rules would you recommend? What types of attacks would you be able to block by doing this?
• With regards to inbound access to your laptop or network-can you determine what traffic (ports, protocols, IP addresses) is allowed to connect to your laptop/network?
• Create a new rule to block incoming traffic to the Windows SMB service. What are the port number(s) used by this protocol? What attacks would be mitigated by creating such a rule?
• Provide three examples of inbound traffic from the Internet to your laptop / network that you would want to block to mitigate specific attacks.
• With regards to an IPS, you could place it either between the Internet and your firewall or you could place it behind your firewall. In the first case, the IPS would analyze all traffic in and out of your network; while in the second case it would analyze only the traffic allowed in by the firewall. Which placement is better and why?
• Finally, explain briefly the differences between the following different types of firewalls:
o Normal firewall
o Unified Threat Management (UTM)
o Next Generation Firewall
Use the American Psychological Association (APA) style (6th edition) to write your assignment. The length of your assignment should be 3 to 5 pages, and you should include at least three quality references.

Attachment:- Firewall Rule Configuration.rar