Load Balancing Servers, Firewalls, and Caches
Load Balancing Servers, Firewalls, and Caches
Modern Operating Systems
Intranet Security with Micro-Firewalls and Mobile Agents for Proactive Intrusion Response
ICCNMC '01 Proceedings of the 2001 International Conference on Computer Networks and Mobile Computing (ICCNMC'01)
Micro-Firewalls for Dynamic Network Security with Distributed Intrusion Detection
NCA '01 Proceedings of the IEEE International Symposium on Network Computing and Applications (NCA'01)
Classification of Load Distribution Algorithms
PDP '96 Proceedings of the 4th Euromicro Workshop on Parallel and Distributed Processing (PDP '96)
UNIX Network Programming, Vol. 1
UNIX Network Programming, Vol. 1
DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
Transparent network security policy enforcement
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Ccent/ccna icnd1 official exam certification guide (ccent exam 640-822 and ccna exam 640-802), second edition
Hi-index | 0.00 |
This work presents a new cluster security model for securing switched Linux clusters. The stateful CSG improves upon the stateless CSG in the sense that it supports stateful firewalling, provides high availability, greater scalability and load balancing capability. This model combines various mechanisms like distributed sender-initiated Layer 2 per-packet firewall load balancing, firewall state synchronization, failover, MAC address takeover, Network Access Control using switch MAC ACLs and port security, and Layer 2 and Layer 3 packet filtering in order to provide robust, scalable and reliable cluster-level security. Experimental results of performance not only give an idea of the effectiveness of the new scheme at boosting firewall performance and reliability, but also at improving network performance and security. In addition, the response of the new scheme in the face of threats is assessed qualitatively and its salient characteristics like tamper resistance, anti-spoofing, anti-sniffing and low end-user host processing strain, are highlighted.