An unavailability analysis of firewall sandwich configurations

@article{Goddard2001AnUA,
  title={An unavailability analysis of firewall sandwich configurations},
  author={Steve Goddard and Roger M. Kieckhafer and Yongtang Zhang},
  journal={Proceedings Sixth IEEE International Symposium on High Assurance Systems Engineering. Special Topic: Impact of Networking},
  year={2001},
  pages={139-148}
}
Firewalls form the first line of defense in securing internal networks from the Internet. A Firewall only provides security if all traffic into and out of an internal network passes through the firewall. However, a single firewall through which all network traffic must flow represents a single point of failure. If the firewall is down, all access is lost. A common solution to this problem is to use firewall sandwiches, comprising multiple firewall processors running in parallel. A firewall… CONTINUE READING

Citations

Publications citing this paper.
SHOWING 1-10 OF 11 CITATIONS

A Load-Balancing and State-Sharing Algorithm for Fault-Tolerant Firewall Cluster

  • 2017 4th International Conference on Information Science and Control Engineering (ICISCE)
  • 2017
VIEW 1 EXCERPT
CITES METHODS

Fast and scalable method for resolving anomalies in firewall policies

  • 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)
  • 2011
VIEW 1 EXCERPT
CITES BACKGROUND

Towards Optimal Firewall Rule Ordering Utilizing Directed Acyclical Graphs

  • 2009 Proceedings of 18th International Conference on Computer Communications and Networks
  • 2009

Balancing Trie-Based Policy Representations for Network Firewalls

  • 11th IEEE Symposium on Computers and Communications (ISCC'06)
  • 2006
VIEW 1 EXCERPT
CITES BACKGROUND

Parallel Firewall Designs for High-Speed Networks

  • Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications
  • 2006

References

Publications referenced by this paper.
SHOWING 1-10 OF 11 REFERENCES

Kieckhafer, “Exploiting Omissive Faults in Synchronous Approximate Agreement

M. H. Azadmanesh, R.M
  • IEEE Transactions On Computers,
  • 2000
VIEW 1 EXCERPT

On the sensitivity of NMR unreliability to non-exponential repair distributions

  • Proceedings. Fifth IEEE International Symposium on High Assurance Systems Engineering (HASE 2000)
  • 2000
VIEW 1 EXCERPT

The TokenBeat Protocol

T. Schroeder, S. Goddard
  • Technical Report UNL-CSCE-99-526, Computer Science & Engineering, University of Nebraska-Lincoln, Dec. 1999.
  • 1999
VIEW 1 EXCERPT

Similar Papers