Validating firewalls using flow logics

Validating Firewalls in Mobile Ambients

Tamper-Resistant, Application-Aware Blocking of Malicious Network Connections

Application-level firewalls block traffic based on the process that is sending or receiving the network flow. They help detect bots, worms, and backdoors that send or receive malicious packets without the knowledge of users. Recent attacks show that these firewalls can be disabled by knowledgeable attackers. To counter this threat, we develop VMwall, a fine-grained tamper-resistant process-orie...

Multiprimary Support for the Availability of Cluster-Based Stateful Firewalls Using FT-FW

Many research has been done with regards to firewalls during the last decade. Specifically, the main research efforts have focused on improving the computational complexity of packet classification and ensuring the rule-set consistency. Nevertheless, other aspects such as faulttolerance of stateful firewalls still remain open. Continued availability of firewalls has become a critical factor for...

Rfc 5973 Nat / Fw Nsis Nslp

This memo defines the NSIS Signaling Layer Protocol (NSLP) for Network Address Translators (NATs) and firewalls. This NSLP allows hosts to signal on the data path for NATs and firewalls to be configured according to the needs of the application data flows. For instance, it enables hosts behind NATs to obtain a publicly reachable address and hosts behind firewalls to receive data traffic. The ov...

Towards Secured Firewalls for Software Defined Networks

Software-Defined Networking (SDN) offers programmers network-wide visibility and direct control over the underlying switches from a logically-centralized controller. SDN provides a promising way for the future development of Internet. SDN, however, also has some new security challenges. A critical challenge among them is how to build a reliable firewall application for SDN. Due to the stateless...