Stateful distributed firewalls.
A fundamental feature in current network security architectures is the monolithic firewall. This thesis presents an alternative design, consisting of a cluster of small firewall nodes, that offers better economy, scalability, failure recovery and potentially, greatly increased processing power. Thes...
| Main Author: | |
|---|---|
| Language: | en |
| Published: |
University of Canterbury. Computer Science and Software Engineering
2014
|
| Online Access: | http://hdl.handle.net/10092/9620 |
| id |
ndltd-canterbury.ac.nz-oai-ir.canterbury.ac.nz-10092-9620 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-canterbury.ac.nz-oai-ir.canterbury.ac.nz-10092-96202015-03-30T15:29:53ZStateful distributed firewalls.Verwoerd, Theuns WillemA fundamental feature in current network security architectures is the monolithic firewall. This thesis presents an alternative design, consisting of a cluster of small firewall nodes, that offers better economy, scalability, failure recovery and potentially, greatly increased processing power. These improvements allow the use of computationally expensive firewalling and IDS techniques to offer effective protection against all types of network attack. Also presented are techniques for developing fault-tolerant proxy applications, maintaining connections in spite of node failures, and a novel load balancing design. Generic Load Balancing (GLOB) uses per-node filtering to distribute network load transparently in a cluster without any single points of failure. This thesis also presents evaluations of prototype implementations of these techniquesUniversity of Canterbury. Computer Science and Software Engineering2014-09-16T02:51:40Z2014-09-16T02:51:40Z2001Electronic thesis or dissertationTexthttp://hdl.handle.net/10092/9620enNZCUCopyright Theuns Willem Verwoerdhttp://library.canterbury.ac.nz/thesis/etheses_copyright.shtml |
| collection |
NDLTD |
| language |
en |
| sources |
NDLTD |
| description |
A fundamental feature in current network security architectures is the monolithic firewall. This thesis presents an alternative design, consisting of a cluster of small firewall nodes, that offers better economy, scalability, failure recovery and potentially, greatly increased processing power. These improvements allow the use of computationally expensive firewalling and IDS techniques to offer effective protection against all types of network attack. Also presented are techniques for developing fault-tolerant proxy applications, maintaining connections in spite of node failures, and a novel load balancing design. Generic Load Balancing (GLOB) uses per-node filtering to distribute network load transparently in a cluster without any single points of failure. This thesis also presents evaluations of prototype implementations of these techniques |
| author |
Verwoerd, Theuns Willem |
| spellingShingle |
Verwoerd, Theuns Willem Stateful distributed firewalls. |
| author_facet |
Verwoerd, Theuns Willem |
| author_sort |
Verwoerd, Theuns Willem |
| title |
Stateful distributed firewalls. |
| title_short |
Stateful distributed firewalls. |
| title_full |
Stateful distributed firewalls. |
| title_fullStr |
Stateful distributed firewalls. |
| title_full_unstemmed |
Stateful distributed firewalls. |
| title_sort |
stateful distributed firewalls. |
| publisher |
University of Canterbury. Computer Science and Software Engineering |
| publishDate |
2014 |
| url |
http://hdl.handle.net/10092/9620 |
| work_keys_str_mv |
AT verwoerdtheunswillem statefuldistributedfirewalls |
| _version_ |
1716799081769074688 |