D. Nessett and P. Humenn. The Multilayer Firewall. In Proc. of Network and Distributed System Security Symposium (NDSS), pages 13--27, March 1998.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....follow more closely the actual communication and transaction patterns of the network. Furthermore, only a small subset of rules (those provided by the user) need to be considered with each independent request, making processing cheaper than otherwise. 4 Related Work Traditional firewall work ([5, 17, 21, 16, 7, 19]) has focused on nodes and enforcement mechanisms rather than overall network protection and policy coordination. In OASIS[11] policy coordination is achieved with a role based system where each principal may be issued with a name by one service, on the condition that it has already been issued ....

D. Nessett and P. Humenn. The Multilayer Firewall. In Proc. of Network and Distributed System Security Symposium (NDSS), pages 13--27, March 1998.

....places firewall functionality within a network to protect it against internal attack. This strategy is presently limited, since systems used to implement firewalls are generally slow. The multi layer firewall(MLF) uses filtering functionality at layer 3 and layer2 to implement the security policy [6]. The MLF concept is implementend by using a network traffic analyzer and monitoring tool called Traffix allong with Tartan, the MLF policy management tool. Tartan consis ts of a graphical user interface to create and edit policy and a policy engine that compiles the high level MLF policy. The ....

Dan Nessett and Pola Humenn. Multilayer Firewall. 1999.

....of the Firewall Switch: We are now ready to calculate using (1) According to NLANR s traffic statistics, bytes and packets flow . Then calculated from , cells packet based on AAL 5 encapsulation. A survey on the performance of the state of the art software based IP firewall technology [8] [12], 13] shows that (packets s) What is still missing from (1) is . As we discussed in Section IV A1, the value of depends on the size of the policy cache and the cache replacement policy being used. We conducted a simulation on the NLANR s Internet trace data to examine the miss ratio of FIFO. We ....

D. Nessett and P. Humenn, "The multilayer firewall," in Proc. NDSS '98, San Diego, CA.

No context found.

D. Nessett and P. Humenn. The Multilayer Firewall. In Proc. of Network and Distributed System Security Symposium (NDSS), pages 13--27, March 1998.

No context found.

D. Nessett and P. Humenn. The Multilayer Firewall. In Proc. of Network and Distributed System Security Symposium (NDSS), pages 13--27, March 1998.

No context found.

D. Nessett and P. Humenn. The Multilayer Firewall. In Proc. of Network and Distributed System Security Symposium (NDSS), pages 13--27, March 1998.

No context found.

D. Nessett and P. Humenn. The Multilayer Firewall. In Proc. of Network and Distributed System Security Symposium (NDSS), pages 13-- 27, March 1998.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC