Associating network flows with user and application information
MULTIMEDIA '00 Proceedings of the 2000 ACM workshops on Multimedia
Microsoft ISA Server 2006 Unleashed
Microsoft ISA Server 2006 Unleashed
Cisco asa, pix, and fwsm firewall handbook, second edition
Cisco asa, pix, and fwsm firewall handbook, second edition
Hi-index | 0.00 |
Classical firewalls provide network security by matching a network flow's 5-tuple information against user defined packet filters loaded into memory. In today's dynamic network environments where threats can be both outside and inside a network, it is not sufficient to simply identify the originator of a data packet by a source address and port pair. It is necessary to identify the user or entity responsible for the transmission. An open and vendor neutral authentication scheme inspired by the IPSEC Authentication Header is presented which allows for the creation of firewall packet filters based on user identity.