Next-Generation Firewall (NGFW) Concepts

Questions and Answers

What is the primary function of a kernel in an operating system?

To control all the tasks that come with a system

What is the purpose of a network interface card (NIC)?

To connect a computer to a network using an Ethernet cable

What is the main difference between a shell and a kernel?

A shell is an interface between the kernel and user, while a kernel is the core of the operating system

What are some common reasons for using networks?

Information sharing, file sharing, resource sharing, and application sharing

What is the function of a hub in a network?

To connect multiple devices in a network

What is the purpose of a firewall in a network?

To provide security and protect the network from unauthorized access

What is the role of a modem in a network?

To connect a network to the Internet or a wider network

What is the server-client architecture in a network?

A model where one or more servers provide resources or services to multiple clients

What is packet routing in a network?

The process of forwarding packets of data between devices on a network

What is a Network Operating System (NOS)?

A software component that manages and controls network resources and devices

Study Notes

NGFW (Next-Generation Firewall)

• NGFW is a combination of a traditional firewall (FW) and an Intrusion Prevention System (IPS)
• NGFW must include:
  • Standard firewall capabilities like stateful inspection
  • Integrated intrusion prevention
  • Application awareness and control to see and block risky apps
  • Threat intelligent sources
  • Upgrade paths to include future information feeds
  • Techniques to address evolving security threats

Common NGFW Examples

• Firepower 1000 series
• Firepower 2100 series
• Firepower 4100 series
• Firepower 9300 series

Server and Client

• A server is a computer or system that provides resources, data, services, or programs to other computers (clients) over a network (LAN/WAN)
• A client can be a computer, phone, or any device that consumes or generates new data
• A device can be both a server and a client at the same time

Endpoints

• Endpoints are clients that consume or generate new data
• Examples of endpoints include IP phones, web, mobile, and desktop clients
• Endpoints can also refer to end hosts or host devices such as desktops, laptops, mobile phones, and servers

Network Operating System (NOS)

• A NOS is a computer operating system that facilitates connection and communication between autonomous computers over a network
• Examples of NOS include Microsoft Windows Server 2003, Microsoft Windows Server 2008, UNIX, Linux, Mac OS X, Novell NetWare, and BSD

Protocols

• A protocol is a set of rules that governs communication between computers on a network
• Many different types of network protocols and standards are required to ensure communication between computers
• Examples of protocols include:
  • File Transfer Protocol (FTP) - port 20, 21
  • Secured Shell (SSH) - port 22
  • Telnet - port 23
  • Simple Mail Transfer Protocol (SMTP) - port 25
  • Domain Name System (DNS) - port 53
  • Dynamic host configuration protocol (DHCP) - port 67, 68
  • Trivial file transfer protocol (TFTP) - port 69
  • Hypertext Transfer Protocol (HTTP) - port 80
  • Kerberos - port 88
  • Post Office Protocol version 3 (POP 3) - port 110
  • Network time protocol (NTP) - port 123
  • Simple Network Management Protocol (SNMP) - port 161
  • Border gateway protocol (BGP) - port 179
  • Lightweight directory access protocol (LDAP) - port 389
  • Hypertext Transfer Protocol over SSL/TLS (HTTPS) - port 443
  • Syslog - port 514

Shell and Kernel

• A shell is an interface between the kernel and the user
• A kernel is the core of an operating system, controlling all tasks that come with a system

Network

• A network is a collection of devices connected together to facilitate communication and resource sharing
• Networks can be small (two computers directly connected) or large (the Internet with millions of devices)
• Networks are used for:
  • Information sharing
  • File sharing
  • Resource sharing
  • Application sharing

Computer Network Components

• Hardware components:
  • Computer
  • Network Interface Card (NIC)
  • Media/cables
  • Switch/hub
  • Router
  • Modem
  • Firewall
• Software components:
  • Network Operating System (NOS)
  • Protocol
  • Firewall

NIC (Network Interface Card)

• A NIC is a computer expansion card for connecting to a network using an Ethernet cable with an RJ-45 connector

Hub

• A hub is a physical layer networking device that connects multiple devices in a network

Description

This quiz covers the key features and capabilities of Next-Generation Firewalls, including standard firewall capabilities, intrusion prevention, and application awareness and control.