M. Miller and J. Morris. Centralized administration of distributed firewalls. Systems Administration Conference (Chicago, IL, 29 September -- 4 October 1996.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....must not be able to reconfigure or disable the NI s policies. Alerts about suspicious activity will be sent to administrative systems via the same secure channels. Prior work provides solid mechanisms for remote policy configuration of this sort, and recent research [4, 6, 14, 19] and practice [2, 22] clarifies their application to distributed firewall configuration. 2.3 Self securing NI features A self securing NI performs intrusion detection on a host s network traffic, impedes communication when compromise is detected (if so configured) and normalizes odd traffic. For addressing the ....

....to the destination. The administrative interface for the current prototype consists of a directly connected terminal interface. Clearly, this is not appropriate for practical management of per host self securing NIs. We plan to adopt one of the well established cryptography based protocols [2, 4, 6, 14, 19, 22] for remotely distributing policy updates and receiving alerts. 3.3 Discussion Our prototype is still young, with the main goal of allowing us to experiment with NI embedded scanners. Although it is too early to draw definitive conclusions, we believe that its software architecture is valuable. ....

[Article contains additional citation context not shown here]

Mark Miller and Joe Morris. Centralized administration of distributed firewalls. Systems Administration Conference (Chicago, IL, 29 September -- 4 October 1996.

....the NI enforced policies from the host software; even the host OS and its mostprivileged users should not be able to reconfigure or disable the NI s policies. Prior work provides solid mechanisms for remote policy configuration of this sort, and recent research [5, 7, 17, 20] and practice [2, 24] clarifies their application to distributed firewall configuration. In addition to configuration over the network, alerts about suspicious activity will be sent to administrative systems via the network. The same secure channels used for configuration can be reused for this purpose. These ....

....from use of the current prototype. The administrative interface for the current prototype consists of a directly connected terminal interface. Clearly, this is not appropriate for practical management of per host self securing NIs. Fortunately, well established cryptography based protocols [2, 5, 7, 17, 20, 24] exist for remotely distributing policy updates and receiving alerts. The current prototype also does not preclude scanners from excessive resource utilization, instead relying on the underlying FreeBSD kernel to timeshare. A real NI kernel implementation would need to explicitly prevent any ....

[Article contains additional citation context not shown here]

Mark Miller and Joe Morris. Centralized administration of distributed firewalls. Systems Administration Conference (Chicago, IL, 29 September -- 4 October 1996.

No context found.

M. Miller and J. Morris. Centralized administration of distributed firewalls. Systems Administration Conference (Chicago, IL, 29 September -- 4 October 1996.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC