Mariani, 2001 - Google Patents
Firewall strategies using network processorsMariani, 2001
View PDF- Document ID
- 1591660517559470522
- Author
- Mariani M
- Publication year
External Links
Snippet
The emergence of network processors provides a broad range of new applications, particularly in the field of network security. Firewalls have become one of the basic building blocks of implementing a network's security policy; however, the security of a firewall can …
- 238000001914 filtration 0 abstract description 42
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0254—Stateful filtering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Varadharajan et al. | A policy-based security architecture for software-defined networks | |
| Oppliger | Security technologies for the world wide web | |
| US7441262B2 (en) | Integrated VPN/firewall system | |
| KR100695827B1 (en) | Integrated security device and how it works | |
| Clark et al. | Addressing reality: an architectural response to real-world demands on the evolving internet | |
| Rash et al. | Intrusion prevention and active response: deploying network and host IPS | |
| Nife et al. | Application-aware firewall mechanism for software defined networks | |
| Gheorghe | Designing and Implementing Linux Firewalls with QoS using netfilter, iproute2, NAT and l7-filter | |
| JP2006510328A (en) | System and apparatus using identification information in network communication | |
| Singh et al. | Malicious ICMP tunneling: Defense against the vulnerability | |
| Friedman et al. | Building firewalls with intelligent network interface cards | |
| Foltz et al. | Enterprise considerations for ports and protocols | |
| Sharma et al. | Firewalls: A Study and Its Classification. | |
| Mariani | Firewall strategies using network processors | |
| Mason et al. | Cisco secure Internet security solutions | |
| Frahim et al. | Cisco ASA: All-in-One Firewall, IPS, Anti-X, and VPN Adaptive Security Appliance | |
| Monteiro | How intrusion detection can improve software decoy applications | |
| van Oorschot et al. | Firewalls and tunnels | |
| Cameron et al. | Configuring Juniper Networks NetScreen and SSG Firewalls | |
| US20250039143A1 (en) | Ipv6 extension headers and overlay network metadata for security and observability | |
| Jawahar et al. | Application Controlled Secure Dynamic Firewall for Automotive Digital Cockpit | |
| WO2025029742A1 (en) | Ipv6 extension headers and overlay network metadata for security and observability | |
| Woodall | Firewall design principles | |
| Gurusamy | DIPLOMA THESIS ASSIGNMENT | |
| Agbenyegah | Investigating the firewall security and network performance relationship in a distributed system |