A distributed firewall and active response architecture providing preemptive protection
暂无分享,去创建一个
Firewalls provide very good network security features. However, classical perimeter firewall deployments suffer from limitations due to complex network topologies and the inability to completely trust insiders of the network. Distributed firewalls are designed for alleviating these limitations. Intrusion detection is a mature technology and is very powerful when coupled with active response, which is the act of responding to intrusions without the need of human advisory. This paper describes an architecture that implements a distributed firewall with distributed active response. A fundamental result of the architecture is that it can provide proactive and preemptive security for hosts that deploy the system. Using the open-source software framework, the software implementing this proposed system will be provided to the research community so that the architecture can be extended by other researchers and so that newcomers to network security can start investigating security concepts quickly.
[1] Yu Chen,et al. Cascade of Distributed and Cooperating Firewalls in a Secure Data Network , 2003, IEEE Trans. Knowl. Data Eng..
[2] W. Gong,et al. A Firewall Network System for Worm Defense in Enterprise Networks , 2004 .
[3] Stefan Axelsson,et al. Intrusion Detection Systems: A Survey and Taxonomy , 2002 .
[4] Angelos D. Keromytis,et al. Implementing a distributed firewall , 2000, CCS.