Implementing a Distributed Firewall
Oh la la
Your session has expired but don’t worry, your message
has been saved.Please log in and we’ll bring you back
to this page. You’ll just need to click “Send”.
Your evaluation is of great value to our authors and readers. Many thanks for your time.
When you're done, click "publish"
Only blue fields are mandatory.
Your mailing list is currently empty.
It will build up as you send messages
and links to your peers.
besides you has access to this list.
Enter the e-mail addresses of your recipients in the box below. Note: Peer Evaluation will NOT store these email addresses log in
Your message has been sent.
Full text for this article was not available? Send a request to the author(s)
: Implementing a Distributed Firewall
Abstract : Conventional firewalls rely on topology restrictions and controlled network entry points to enforce traffic filtering. Furthermore, a firewall cannot filter traffic it does not see, so, effectively, everyone on the protected side is trusted. While this model has worked well for small to medium size networks, networking trends such as increased connectivity, higher line speeds, extranets, and telecommuting threaten to make it obsolete. To address the shortcomings of traditional firewalls, the concept of a "distributed firewall" has been proposed. In this scheme, security policy is still centrally defined, but enforcement is left up to the individual endpoints. IPsec may be used to distribute credentials that express parts of the overall network policy. Alternately, these credentials may be obtained through out-of-band means. In this paper, we present the design and implementation of a distributed firewall using the KeyNote trust management system to specify, distribute, and resolve policy, and OpenBSD, an open source UNIX operating system.
: Computer Science
Leave a comment
This contribution has not been reviewed yet. review?