Firewall

Purpose

A Firewall object is used to represent communication restrictions in a Router. One way of looking at a Firewall object is to see it as a set of rules used by the connected Router object. In order to allow a Dataflow to traverse a Router with a Firewall, you need to connect the Dataflow to either the Router or the Firewall.

Connections

Object

Connection

Description

Function

Router

Firewall Execution

A Router is connected to a Firewall object to show that the Router has restrictions regarding what communication may traverse it.

Can prevent Forwarding on the Router.

Dataflow

Permission

Connect a Dataflow to a Firewall to denote that the Dataflow is allowed to traverse the Router.

Can prevent Forwarding on the Router.

Attack Steps and Defenses

Attack Step

Description

Leads to

Compromise

The possibility to control/own it.

Router: Forwarding
Firewall: Disable

DiscoverEntrance

The possibility to find out what connections are allowed by the firewall rule set.

Router: Forwarding

Defense

Description

Impact

Default

Enabled

This defense concerns whether the firewall is functioning and performs stateful inspection and packet filtering as expected.

Can prevent Forwarding.

On

KnownRuleSet

This defense concerns whether the firewall rule set is configured properly and known to the modeler.

Prevents DiscoverEntrance.

0.5


What’s Next