Implementing a distributed firewall
Proceedings of the 7th ACM conference on Computer and communications security
Intranet Security with Micro-Firewalls and Mobile Agents for Proactive Intrusion Response
ICCNMC '01 Proceedings of the 2001 International Conference on Computer Networks and Mobile Computing (ICCNMC'01)
Architecture and Applications for a Distributed Embedded Firewall
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Micro-Firewalls for Dynamic Network Security with Distributed Intrusion Detection
NCA '01 Proceedings of the IEEE International Symposium on Network Computing and Applications (NCA'01)
UNIX Network Programming, Vol. 1
UNIX Network Programming, Vol. 1
DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
Ccent/ccna icnd1 official exam certification guide (ccent exam 640-822 and ccna exam 640-802), second edition
| Hi-index | 0.00 |
Distributed firewalls have been developed in order to provide networks with a higher level of protection than traditional firewalling mechanisms like gateway and host-based firewalls. Although distributed firewalls provide higher security, they too have limitations. This work presents the design & implementation of a new distributed firewall model, based on stateful Cluster Security Gateway (CSG) architecture, which addresses those shortcomings. This distributed security model adopts a bottom-up approach such that each cluster of end-user hosts is first secured using the CSG architecture. These different CSGs are then centrally managed by the Network Administrator. A file-based firewall update mechanism is used for dynamic real-time security. IPsec is used to secure the firewall policy update distribution while X.509 certificates cater for sender/receiver authentication. The major benefits of this approach to distributed security include tamper resistance, anti-spoofing, anti-sniffing, secure real-time firewall updating, low overall network load, high scalability and low firewall convergence times.