what is firewall and SET

ranjanstudy November 30, 2021

 FIREWALL

A firewall is a division between a private network and an outer network, often the internet, that manages traffic passing between the two networks. It’s implemented through either hardware or software. Firewalls allow, limit, and block network traffic based on preconfigured rules in the hardware or software, analyzing data packets that request entry to the network. In addition to limiting access to computers and networks, a firewall is also useful for allowing remote access to a private network through secure authentication certificates and logins.

Firewalls are both networking and security technology. They are often considered the bare minimum and standard for network security. However, they are not the only measure an enterprise takes to secure its network. This firewall analysis describes both the benefits of firewalls and their weaknesses

TYPES OF FIREWALLS

There are many types of firewalls, and some overlap with others in the ways that they analyze, permit or reject network traffic. They range from basic private network protection to enterprise-grade packet inspection and threat intelligence.

Packet filtering firewalls, one of the original firewalls, are more simple and less expensive than other firewalls. They perform basic data packet filtering, analyzing IP and port addresses to determine whether the packets can pass. This filtering is based on user-defined configuration. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.

Proxy firewalls serve as the gateway from one network to another for a specific application. They create a new network session based on the information on the initial request, almost an imitation. This makes it more difficult for attackers to understand data from the transmission. Proxy firewalls only inspect Internet traffic from specific protocols. Proxy servers can provide additional functionality by preventing direct connections from outside the network.

Network address translation (NAT) firewalls allow multiple devices with independent network addresses to connect to the internet with a single IP address, allowing individuals’ private IP addresses to remain hidden. NAT firewalls are similar to proxy firewalls in that they act as an intermediary between a group of computers and outside traffic.

Cloud firewalls (or cloud-based firewalls) are available through the web rather than being installed directly between two networks on hardware. They’re flexible, and users can pass through the firewall and access the network from any location with internet access. Some cloud firewalls are intended for a small private network. Enterprise-grade cloud firewalls are often implemented at the network perimeter of cloud infrastructure.

Stateful inspection firewalls permit or drop packets based on the state of an attempted network connection. Bits in the packet (or network connection) label its state, and the firewall analyzes details about the attempted connection, such as the address it comes from or its size. Stateful inspection firewalls perform more detailed packet inspection than other firewalls, which is useful for better preventing malicious traffic. But they can also be slower because the inspection takes more time.

Unified threat management (UTM) firewalls are less a type of firewall than a larger security solution. Firewalls are just one feature of UTM. Unified threat management may also include machine learning for better threat intelligence, endpoint security, and intrusion prevention systems, which recognize attackers’ patterns.

What Is Secure Electronic Transaction (SET)?

Secure electronic transaction (SET) was an early communications protocol used by e-commerce websites to secure electronic debit and credit card payments. The secure electronic transaction was used to facilitate the secure transmission of consumer card information via electronic portals on the Internet. Secure electronic transaction protocols were responsible for blocking out the personal details of card information, thus preventing merchants, hackers, and electronic thieves from accessing consumer information.

  • The secure electronic transaction was an early communications protocol that was developed in 1996 and used by e-commerce websites to secure electronic debit and credit card payments.
  • Secure electronic transaction protocols allowed merchants to verify their customers' card information without actually seeing it, thus protecting the customer against account theft, hacking, and other criminal actions.
  • Other standards for digital security for online debit and credit card transactions emerged after the protocols defined by secure electronic transactions were introduced in the mid-1990s.

Below is the list of participants who are involved in the SET process:

  • Cardholder: A cardholder is an authorized holder of the payment card. The card can be a Master Card or a Visa which an issuer has issued.
  • Merchant: A merchant is any person or organization who wants to sell its goods and services to cardholders. Note that a merchant must have a relationship with the acquirer to accept the payment through the internet.
  • Issuer: An issuer is a financial organization such as a bank that issues payment card – Master card or visa to user or cardholder. The issuer is responsible for the cardholder’s debt payment.
  • Acquirer: This is a financial organization with a relationship with the merchant for processing the card payment authorization and all the payments. An acquirer is part of this process because the merchant can accept credit cards of more than one brand. It also provides an electronic fund transfer to the merchant account.
  • Payment Gateway: For payment authorization, the payment gateway acts as an interface between secure electronic transactions and existing card payment networks. The merchant exchanges the Secure Electronic Transaction message with the payment gateway through the internet. In response to that, the payment gateway connects to the acquirer’s system by using a dedicated network line.
  • Certification Authority: It is a trusted authority that provides public-key certificates to cardholders, payment gateways, and merchants.

How Secure Electronic Transaction Works?

Secure Electronic Transaction works as follows:

Step 1: Customer Open an Account

The customer opens a credit card account like a master card or visa with a bank, i.e. issuer that supports electronic payment transactions and the secure electronic transaction protocol.

Step 2: Customer Receive a Certificate

Once the customer identity is verified (Verification can be done by using a passport, business documents, or other documents), it receives a digital certificate which is issued by CA (Certificate Authority). This certificate contains customer details like name, public key, expiry date, certificate number, etc.

Step 3: Merchant Receives a Certificate

The merchant who wants to accept certain credit card brands must process a digital certificate for trustworthiness.

Step 4: Customer Place an Order

It is a shopping cart process where customers borrow an item from the available list, search for the specific item according to requirements, and place the order. Once the customer places the orders, the merchant, in return, sends the details of the order, such as a list of items selected, their quantity and price, total bill, etc., to maintain a record of the order at the customer site.

What is a Digital and Electronic signature? (click)

What is Transaction security? what is public key infrastructure?

 What are an E security system and E locking?  (click)

Thanks for joining us!

Tags
Reactions
ranjanstudy

Posted by ranjanstudy

Welcome to Ranjanstudy ! Hi there! I'm Ashish Ranjan, the creator behind ranjanstudy. I started this blog to share my knowledge, tips, and experiences with others. Whether you're looking to study pdf, certificate, courses, job, learn more about college, job, business, or find inspiration, you've come to the right place. Feel free to explore the blog and subscribe to my newsletter to get the latest updates delivered straight to your inbox. You can also follow me on social media to connect and stay updated on all things study material, certificate, job Vacancy, courses and Quiz. Thanks for visiting, and I look forward to sharing this adventure with you! Best, Ashish Ranjan Founder of Ranjan study

Post a Comment

0 Comments

Post a Comment