3Com. 3Com Embedded Firewall Architecture for E-Business. Technical Brief 100969-001. 3Com Corporation, April 2001.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....their host if necessary, and can actively normalize [16, 21] the traffic. We refer to NIs extended with intrusion detection and containment functionality as self securing network interfaces. Self securing NIs enjoy the scalability and coverage benefits of recent distributed firewall systems [14, 19, 1]. They also offer an excellent vantage point for looking inward at a host and watching for misbehavior. In particular, many of the difficulties faced by NIDSs [30] are avoided: there are no topology or congestion vagaries on an NI s view of packets moved to from its host and there are no packets ....

....switches in a LAN, DSL or cable modems, and NI emulators within a virtual machine monitor [37] The benefits of embedding detection and containment functionality in an NI applies to all of these. Self securing NIs enforce policies set by the network administrator, much like distributed firewalls [14, 19, 1]. In fact, administrators would configure and manage self securing NIs over the network, since they must obviously be connected directly to it this approach is necessary for an administrator to use the NI to protect the network from its host system; even the host OS and its most privileged ....

[Article contains additional citation context not shown here]

3Com. 3Com Embedded Firewall Architecture for E-Business. Technical Brief 100969-001. 3Com Corporation, April 2001.

....occurs within an NI, it can also prevent basic spoofing (e.g. of IP addresses) and sniffing (e.g. by listening with the NI in promiscuous mode ) of network traffic. Previous researchers [17, 20] have made a strong case for distributing such rules among the endpoints, and at least one product [1] has been put on the market. Traditional firewall rules, however, barely scratch the surface of what can be done with selfsecuring NIs. The reduced aggregation and reduced link rate usage make it possible to analyze more deeply the traffic seen. Examples include reconstructing and examining ....

....and borrow ideas from previous work. In particular, network intrusion detection, virus detection, and firewalls are well established, commonlyused mechanisms [6, 10] Also, many of the arguments for distributing firewall functions [17, 20, 28] and embedding them into network interface cards [1, 17] have been made in previous work. This previous work and others [2, 7, 24] also address the issue of remote policy configuration for such systems. We extend previous work with examples of more detailed traffic analysis and a system software structure for supporting them. There are few examples of ....

3Com. 3Com Embedded Firewall Architecture for E-Business. Technical Brief 100969-001. 3Com Corporation, April 2001.

No context found.

3Com. 3Com Embedded Firewall Architecture for E-Business. Technical Brief 100969-001. 3Com Corporation, April 2001.

No context found.

3Com. 3Com Embedded Firewall Architecture for E-Business. Technical Brief 100969-001. 3Com Corporation, April 2001.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC