Design of a high-performance ATM firewall
ACM Transactions on Information and System Security (TISSEC)
Effects of processing delay on function-parallel firewalls
PDCN'06 Proceedings of the 24th IASTED international conference on Parallel and distributed computing and networks
Editorial: Recent developments in high performance computing and security: An editorial
Future Generation Computer Systems
| Hi-index | 0.07 |
We present the design of a value-added ATM switch that is capable of performing packet-level (IP) filtering at the maximum throughput of 2.88 Gbit/s per port. This firewall switch nicely integrates the IP level security mechanisms into the hardware components of an ATM switch so that most of the filtering operations are performed in parallel with the normal cell processing, and most of its cost is absorbed into the base cost of the switch. The firewall switch employs the concept of “last cell hostage” (LCH) to avoid or reduce the latency caused by filtering. We analyze in detail the performance of the firewall switch in terms of the throughput and the latency and address related design issues. Applications of our firewall switch as Internet and intranet security solutions are also discussed