A Survey on Network Solutions

Nahid Kausar Shaikh Poonam Dhawale Asst. Prof., Department of Information Technology Asst. Prof., Department of Information Technology A.P. Shah Institute of Technology, A.P. Shah Institute of Technology, Thane, Maharashtra, India Thane, Maharashtra, India [email protected] [email protected]

Shruti Agrawal Asst. Prof., Department of Computer Engineering A.P. Shah Institute of Technology, Thane, Maharashtra, India [email protected]

Abstract — Today, as the number of online users increasing be a hardware device or a software program running on a rapidly resulting in complex networks and increase in network computer. Independent of the type of firewall, it must have at threats. Firewalls are an essential part of any information least two networks interfaces. One of its interfaces is connected security system being the first defense line against security to the private network and other is connected to the public attacks. Firewall is one of the most important parts of the network. network system which provides security in both the direction. It monitors both incoming and outgoing traffic and the specified Classification of the network firewall can be based on action. Firewalls can be categorized on the basis of usage and different parameters. features. There are a number of paid solutions present in the market but are expensive. As a result, Free or open source 1.1.1 Classification based on Firewall Usage firewall solutions can alternative to the paid solutions. Pfsense is 1.1.2 Classification based on Firewall Features free or open source firewall based on Free-BSD. Community (EFW) is also free, open source network firewall 1.1.1 Classification based on Firewall Usage which is based on . The small, medium or large organization can prefer open source firewalls as they provide The classification of the firewall based on firewall usage most of the features which are available with paid solutions. This can be of two types : paper aims to survey free or open source firewalls and identify the features provided by them. A. Hardware Firewall:

Keywords-component; Network firewall, pfSense, Endian, Open A hardware firewall is a stand-alone product but more source freshly hardware firewalls are generally found in broadband routers. In order, to set-up a network hardware firewall plays I. INTRODUCTION an important role in your system. Hardware firewalls require The number internet users are increasing rapidly. According no configuration or few configurations and with this, they can to the reports, the number of internet users worldwide was 3.58 protect the network from unauthorized access. billion in 2017, up from 3.39 billion in the previous year For providing overall security protection to the customer’s [1].This increase results in complexities in the network at the network hardware firewall manufacturers are including community as well as enterprise level have raised questions malware scanner, filters, antivirus. There are a number of about security. For internet users security dangers are present companies providing these solutions like CISCO, SonicWall, and its implication could be harmful. Firewall gives the Netgear, ProSafe, D-Link and many more. solution to this problem and can protect the organization or person from network security threats. To protect the cyber- attack because of the network they are connected to corporate organization uses firewalls. 1.1 Firewall A firewall secures networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service [2].A firewall can

Volume 1, Issue 1, January 2018

rate and low impact on network presentation. It is called as a stateless firewall.

Fig3: Packet-Filter Firewall

B. Circuit-level firewall Fig1.Hardware Firewall Circuit-level firewall works at the session layer of the OSI model, or between the application layer and the transfer layer B. Software Firewall: of the TCP/IP stack. They observe TCP handshaking between packets to decide whether a requested assembly is authentic. Software firewalls are like any software installed on Information forwarded to the client computer through circuit- the computer in order to protect from level firewall appears to be coming from the firewall itself. threats.It can be customized as per requirement; allowing This helps for hiding the data about the private network. In the some control over its use and protection features. A software circuit-level firewall, End-to-End TCP connections are not firewall will prevent any attempt to control or gain access to your system your computer from outside world. permitted rather the firewall creates two TCP connections, one between the firewall and the TCP user on a private network host and the other between the firewall and the TCP user on the outside host network.

Fig2. Software Firewall 1.1.1 Classification based on Firewall Features A. Packet Filtering Firewall Fig4.Circuit-Level Firewall [7] A packet filtering firewall applies a set of rules to control C. Application-Level Firewall network access by monitoring outgoing and incoming traffic An application-level firewall examines network packets for and allowing them to forward or drop based on the source and suitable data at the application layer before allowing a destination Internet Protocol Address, ports, protocols. connection. The firewall tests the data in all network traffic at Generally, filtering firewall is configured to sort out traffic the application layer of the TCP/IP stack and manages going from and to the inner network. Packet filtering firewalls complete connection state and sequencing information. work at the network level of the OSI model, or the IP layer of Network application protocols used by this firewall are SIP TCP/IP. The benefit of packet filtering firewalls is their low (Session Initiation Protocol) and FTP ().For example, When a client requests to a server for a

Volume 1, Issue 1, January 2018

web page or file or database, the client first get associated to pfSense services is essentially written in PHP, which makes the , which then makes a connection to the actual easy to expand the current code base, improving existing server. A proxy server serves as the end server for all features or adding new ones. is a powerful open source connection requests originated on a trusted network by a real UTM with many highly developed trait and services that client. displays a good performance in a big organization , it decreases complication and expenses, easy to manage with high consistency but need some proper and simple way that is based on user[8]. In spite of all other open source firewall, pfSense exhibited the most apt firewall since the greater part of the elements are upheld by least equipment fundamentals and adding up free consent administrations authorize the utilization of these firewall[3]. pfSense gives logging and reporting feature but full logs of websites visited by the use is not reported. The reported website in logging is ip based not the user based. Currently, one of the most efficient ways of achieving a protected wireless network authentication is by using a Captive Portal with Radius authentication method [9].pfSense Provides this functionality at a single platform.

B. Endian Firewall Fig5: Application-level Firewall [7] Endian Firewall Community (EFW) is also free, D. Stateful Inspection Firewalls opensource network firewall. The base of Stateful inspection is also called as dynamic packet Endian firewall is Linux. The community version of firewall filtering. This firewall technology monitors the state of active does not contain support. Endian Firewall borrows IPCop's idea of diverse zones [6].GREEN zone is the trusted or internal connections and uses the information collected by this to network component. This zone should never be directly determine which network packets to forward through the accessed from the RED zone. RED Zone, this is the Untrusted firewall. Stateful Inspection Firewalls works on the all seven segment or can be identified as WAN.ORANGE zone is the layer of the OSI model. This firewall technology examines the demilitarized region (DMZ).This zone should host the servers entire packet including the data. that need to access the Internet to offer services like SMTP/POP, SVN and HTTP and so on. BLUE zone is the II. FREE / OPEN SOURCE FIREWALL WiFi zone. The BLUE zone should be used by wireless A. pfSense Firewall customers to access the Internet. Wireless networks are pfSense software is a free, open source customized frequent not safe, so the idea is to entrap by default all the distribution of Free-BSD specifically custumized for use as a wireless connected clients into their own zone exclusive of firewall and that is entirely managed via the web access to any other zone excluding RED. The firewall gives interface. pfSense can installed on a physical computer or a spontaneous, visual charts and graphs present improved real- virtual machine to make a dedicated firewall/router for a time and historical reporting across complete Endian UTM trait network and is noted for its reliability and be offering features stack. often only found in costly profitable firewalls. It is used as a Mingphum Arunwan, Tanachad Laong, Kiattichai UTM, Router and that adds intelligence to the Atthayuwat authors of paper titled Defensive Performance packet-filtering method of network communication control Comparison of Firewall Systems said that Endian could be [4].This can be configured through web Interface and does not used the small and less important data enterprise, while have any need of special knowledge of Free-BSD to manage pfSense could be used in a more varieties of organization. the firewall. pfSense supports the installation of third-party Endian was mor friendlier with user since its interface was packages like Snort or through its Package Manager. easier to understand while pfSense interface was a lot more FreeBSD’s network performance is significantly better than complex [8].pfsense have more configuration option than that of OpenBSD[5]. pfSense is used in about every type and Endian firewall. size of network environment imaginable, and is almost certainly suitable for your network whether it contains one III. computer or thousands[5]. pfSense can be deployed on any Based on the survey the following table represent the features hardware that is supported by the FreeBSD version in use, on provided by pfSense and Endian Firewall. i386 and amd64 hardware platforms.

PfSense uses a single XML file, called config.xml, which Features pfSense Endian stores the configuration of all services available in the pfSense Freeware Freeware License pricing machine. The code accountable for the operation of the distinct Apache GPL

Volume 1, Issue 1, January 2018

Features pfSense Endian Research in Computer Engineering & Technology (IJARCET) ,Volume 1, Issue 7, September 2012 License License [8] Mingphum Arunwan , Tanachad Laong , Kiattichai Atthayuwat, Configuration Interface CLI and GUI CLI and GUI “Defensive Performance Comparison of Firewall Systems”, The 2016 Management and Innovation Technology International Conference, Network Address Translation available available 2016. [9] F. L. Aryeh, M. Asante and A. E. Y. Danso; “Securing Wireless Routing Available Available Network Using pfSense Captive Portal with RADIUS Authentication – A Case Study at UMaT”,GDT Vol. 1, No. 1, September, 2016 Anti-virus available available

Captive portal available Not available

VPN Remote User Authentication Available Not available OpenVPN, IPsec L2TP, IPsec OpenVPN Virtual Private Networking support support available available High Availability available Not available Live RRD Live Network Graphs Monitoring Logging and Reporting support support available available via online Support Not available pfSense Protal Table 1: Comparision of firewalls

IV. CONCLUSION In this paper, Firewall is identified as security solution the threats to protected network. Firewall working on multiple layer scanning of the packets gives the high security to the network. Open source firewall can be cost effective for the organization. From the survey, it is inferred that small to average size business an open source firewall provide the best chance to secure their system from various digital dangers. pfSense and Endian provide a large amount features which can available in paid security appliances. This firewall can be installed on machine with minimum hardware requirement. Endian can be fitting for small or medium enterprise while pfSense can be used in the enterprise having complex networks.

REFERENCES [1] Number of internet users worldwide 2005- from 2005 to 2017, https://www.statista.com/statistics/273018/number-of-internet-users- worldwide/ [2] Sagar Chandola, “A Tour Of Ethical Hacking: Perfect guide of ethical hacking for beginners”. 2014. ISBN: 1502367491 [3] Krupa C. Patel, Dr. Priyanka Sharma,”A Review paper on pfsense – an Open source firewall introducing with different capabilities & customization” Vol-3 Issue-2 2017, IJARIIE-ISSN(O)-2395-4396. [4] Vahid Asghari, Shabnam Amiri,Shima Amiri “Implementing UTM based on PfSense platform” International Conference on Knowledge- Based Engineering and Innovation(KBEI), November 5-6,2015,Iran [5] Christopher M. Buechler, Jim Pingle, pFsense: The Definitive Guide, Electric Sheep Fencing LLC, 2013 [6] Endian, “http://docs.endian.com/archive/2.2/efw.system.html” [7] Mr. Sachin Taluja , Prof. Rajeshwar Lal Dua “Survey on Network Security, Threats and Firewalls”, International Journal of Advanced

Volume 1, Issue 1, January 2018