Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2000
ACM
2000
ACM
Implementing a distributed firewall
Conventional firewalls rely on topology restrictions and controlled network entry points to enforce traffic filtering. Furthermore, a firewall cannot filter traffic it does not see, so, effectively, everyone on the protected side is trusted. While this model has worked well for small to medium size networks, networking trends such as increased connectivity, higher line speeds, extranets, and telecommuting threaten to make it obsolete. To address the shortcomings of traditional firewalls, the concept of a “distributed firewall” has been proposed. In this scheme, security policy is still centrally defined, but enforcement is left up to the individual endpoints. IPsec may be used to distribute credentials that express parts of the overall network policy. Alternately, these credentials may be obtained through out-of-band means. In this paper, we present the design and implementation of a distributed firewall using the KeyNote trust management system to specify, distribute, a...
Real-time TrafficRelated Content
| Added | 02 Aug 2010 |
| Updated | 02 Aug 2010 |
| Type | Conference |
| Year | 2000 |
| Where | CCS |
| Authors | Sotiris Ioannidis, Angelos D. Keromytis, Steven M. Bellovin, Jonathan M. Smith |
Comments (0)
Researcher Info
|
