| Title | Date Added | Company | |
|---|---|---|---|
 |
Explicit Mechanisms for Controlling NAT/Firewall Systems Dynamically | 2007-04-17 | Helsinki University of Technology |
| NAT/Firewall systems are very widely utilized in today's network environments, such as intranets and the Internet. Together with many security enhancements, however, the use of NATs/Firewalls has raised a number of new issues and problems. Most of them related to the complex NAT/Firewall traversal problem, where applications and services are blocked to connect to each other by NATs/Firewalls. This paper describes existing and most commonly used explicit mechanisms for controlling NAT/Firewall systems dynamically. This paper describes existing and most commonly used explicit mechanisms for controlling NAT/Firewall systems dynamically. The focus of this paper, in addition to the overview of the mechanisms, is to compare the mechanisms with each other and to give some concluding remarks.
Tags: Security Tools |
|||
|
Optimizing Firewall Performance | 2007-04-17 | Helsinki University of Technology |
| Firewalls are one key factor in network performance. If they can't process their rules fast enough then the whole network slows down. Firewalls are also required part in every network so special attention must paid to their packet matching algorithms which are studied in this paper along with other rule optimization methods. This paper found that there is no single best algorithm for every case. Therefore one needs to know all the alternatives to choose the right algorithm for the application at hand.
Tags: Security Tools |
|||
|
Firewall for the Next Generation | 2007-04-10 | O2Micro |
| The software firewall is a software product based on a single core CPU to accomplish various security functions. To enhance stability, the hardware used is usually a general-purposed CPU on an industrial-strength motherboard, with a standard PCI network card as the external network interface. In the software firewall, data are transmitted to the CPU via the PCI network card for processing, including performing various security services and related protocols. When the CPU is done, the data are then sent back to the network card via the PCI bus.
Tags: Network Security, Security Tools |
|||
|
Linux MPS Firewall Supplement | 2007-04-01 | Verio |
| A firewall monitors and controls the traffic coming into and out of the account. The traffic of the Internet consists of information which takes the form of data packets. A firewall evaluates each data packet and determines whether or not to pass the packet to one's account. A firewall prevents the account from receiving an overwhelming quantity of unwanted traffic. Some of the unwanted traffic may be simply bothersome. Other traffic may actually be sent from malicious Internet users who intend to make the account inoperable. Either way, building a firewall is an important configuration task to consider. This paper provides with the information to understand, get started, and utilize preset firewall security settings using a custom, simplified command (set_fwlevel).
Tags: Network Security, Security Tools |
|||
|
An Automated Framework for Validating Firewall Policy Enforcement | 2007-03-26 | DePaul University |
| The implementation of network security devices such as firewalls and IDSs are constantly being improved to accommodate higher security and performance standards. Using reliable and yet practical techniques for testing the functionality of firewall devices particularly after new filtering implementation or optimization becomes necessary to assure required security. Generating random traffic to test the functionality of firewall matching is inefficient and inaccurate as it requires an exponential number of test cases for a reasonable coverage. In addition, in most cases the policies used during testing are limited and manually generated representing fixed policy profiles. This paper presents a framework for automatic testing of the firewall policy enforcement or implementation using efficient random traffic and policy generation techniques.
Tags: Security Tools |
|||
|
On the Safety and Efficiency of Firewall Policy Deployment | 2007-03-10 | University of Illinois |
| Firewall policy management is challenging and error-prone. While ample research has led to tools for policy specification, correctness analysis, and optimization, few researchers have paid attention to firewall policy deployment: the process where a management tool edits a firewall's configuration to make it run the policies specified in the tool. This paper provides the first formal definition and theoretical analysis of safety in firewall policy deployment. It show that naive deployment approaches can easily create a temporary security hole by permitting illegal traffic, or interrupt service by rejecting legal traffic during the deployment. The paper defines safe and most-efficient deployments, and introduces the shuffling theorem as a formal basis for constructing deployment algorithms and proving their safety.
Tags: Security Tools |
|||
|
HP Recommended Server Configurations for Microsoft Internet Security and Acceleration (ISA) Server When Protecting a Clustered Web Farm | 2007-03-01 | Hewlett-Packard (HP) |
| This paper documents HP server configurations for using Microsoft Internet Security and Acceleration (ISA) Server as a firewall server to protect a clustered web farm. The hardware recommendations in this paper are based on the ISA Server performance testing conducted by HP Engineering in the HP Houston Solutions Test Lab. These configurations are intended to assist in determining which HP server technology should be configured as an ISA firewall under varying ISA workloads.
Tags: Network Security |
|||
|
IBM Managed and Monitored Firewall Services | 2007-02-01 | IBM |
| IBM Managed and Monitored Firewall Services provides real-time security monitoring and management that deliver customized protection at a fraction of the cost of traditional solutions. This service offers a vendor-neutral approach to help maximize the existing security investments while delivering around-the-clock monitoring, management and analysis of firewall logs. And its scalability helps companies of all sizes to stay ahead of the threat while reducing risk and improving regulatory compliance. The IBM Managed and Monitored Firewall Services offering is one of a broad range of services available through the IBM Internet Security Services (ISS) protection on demand services platform. Protection on demand from IBM ISS helps organizations of all sizes proactively respond to Internet threats while integrating security with key business processes.
Tags: Network Security, Security Tools |
|||
|
The Purpose of a SIP-Aware Firewall/ALG | 2007-02-01 | Objectworld Communications |
| This paper will explore the purpose of a Session Initiation Protocol (SIP)-aware firewall/Application Layer Gateway (ALG) when having SIP trunks to a service provider. Provided in this document is a brief description of the SIP and Network Address Translation (NAT) technologies. In addition, this paper will highlight problems that NAT causes for SIP, and how SIP firewalls/ALGs resolve the problem. There are detailed examples throughout the paper to help understand the nature of the problem. The Objectworld Unified Communication (UC) Server in combination with a SIP firewall/ALG will provide SIP Trunking connectivity to various carriers/service providers.
Tags: Network Security, Security Tools |
|||
|
Interaction Between Nokia Intrusion Prevention and Nokia Firewall | 2007-02-01 | Nokia |
| Firewalls provide protection between the external networks and internal networks by blocking potentially malicious traffic from entering the internal network infrastructure. However, inherently firewalls need to allow SMTP/email, FTP, SIP/VoIP calls and other protocols with minimal payload security inspection. This also allows external threat-sources to infect internal end-points and use them as threat sources. Firewall's deep packet inspection capabilities are not as strong as an Intrusion Prevention solution. Nokia Intrusion Prevention provides the flexibility to interact with Nokia Firewall, providing the most effective strategy for threat mitigation at both the perimeter and deep within the core. This paper explains the interaction between Nokia Intrusion Prevention and Nokia Firewall.
Tags: Security Tools, Intrusion Detection Systems |
What's important from our sponsors
Webcast: Maximizing Data Protection with Disk-Based Backup
Receive a complimentary copy of the IDC Analyst Connection when you sign up
Sponsored by
Cutting-edge technology from premium sponsors
HP Simply StorageWorks D2D Backup System
Explore this disk-to-disk backup system that is fully automated and provides reliable data protection for your business.
- ZDNet.com |
- ZDNet Japan |
- ZDNet.de |
- CNET UK |
- CNET.de |
- Tech Republic |
- BNET |
- MP3.com |
- activeTechPros |
- ZDNet UK |
- ZDNet Korea |
- ZDNet France |
- CNET Australia |
- CNET France |
- Download.com |
- Builder |
- GameSpot
- ZDNet Australia |
- ZDNet Taiwan |
- CNET |
- CNET Taiwan |
- News.com |
- Silicon.com |
- TV.com |
- GameSpot Korea
News |
Insight |
Reviews |
TechGuides |
Jobs |
Blogs |
Videos |
Community |
Downloads |
IT Library |
Copyright © 2008 CNET Networks, Inc. All rights reserved. Privacy Policy.
