Implementation Firewall Combined With IPS To Prevent Dos/Malicious Attack

With the growing popularity and usage of internet along with reliance on data and communication systems, network security has become highly essential for users, organizations, government and the armed forces. The internet structure itself, can be seen as permitting numerous security threats. So the possibility of attacks across network can be reduced by modifying the architecture of the internet. For the purpose, businesses and individuals today tend to protect themselves from the internet security threats by employing Firewalls and IPS. Security in this sense includes protecting data from any form of breaches, as well as securing the system from potential hackers. There are numerous attacks which are even today remain a threat to networks: TCP SYN; an attack in which an aggressor sends a bunch of SYN requests to a victim system with the purpose of utilizing resources that make the system not respond to legitimate traffic, In IP spoofing; the attacker attempts to gain access to hosts via messages sent to the system which has IP set to that of a trusted host; Smurf attack, in which large numbers of ICMP packets with the victim’s spoofed source IP are broadcasted to a network via an IP Broadcast, DDoS Attack the end victim and all systems used in the process are victimized.In this thesis we deal with such issues by offering enhanced configuration which provides a more comprehensive solution to effectively detect and prevent such attacks. In particular, our focus remains on DDoS, IP spoofing, TCP SYN and Smurf attacks. TCP SYN, IP spoofing, and Smurf attacks are a type of Denial of Service attack. To mitigate these attacks we propose and implement in this research a combined policy by employing Dynamic NAT Interface Overload and setting up Combined Dynamic NAT/PAT Policy in addition to Static NAT, Static Policy NAT, and Static NAT along with Port translation and many-to-many Static NAT in a Firewall.We also implement IPS configuration for the purpose. IPS is an option which helps avoid malicious traffic from reaching the victim. Detection Intended systems, although extensively used are still unable to protect the system completely because of their reactive nature. But we deal with this by adopting Intrusion Prevention, which uses proactive measures to guard a network. The implementation, in order to check the advantages of this research has been done on a real time environment of LDB (Laos Development Bank)in Laos PDR, a developing nation facing numerous security problems but very little work done to address it. For the purpose4branches of the bank have been successfully secured by our implementation in firewalls which have been installed in the branches. NAT/PAT has been used to connect the branches and Firewall’s with our proposed configuration using IPS to provide security.Actual feedback from the branch staff and IT personnel monitoring the network provides us with the success rate of this study. According to the response this has successfully secured all these branches from the above mentioned attacks and their internal departments (for example Financial Intermediation Department, Industry and Services Department etc) compared to the primitive security implementations.