Unidirectional Security Gateways: Stronger than Firewalls
نویسنده
چکیده
In the last half decade, application integration via Unidirectional Security Gateways has emerged as a secure alternative to firewalls. The gateways are deployed extensively to protect the safety and reliability of industrial control systems in nuclear generators, conventional generators and a wide variety of other critical infrastructures. Unidirectional Gateways are a combination of hardware and software. The hardware allows information to leave a protected industrial network, and physically prevents any signal whatsoever from returning to the protected network. The result is that the hardware blocks all online attacks originating on external networks. The software replicates industrial servers to external networks, where the information in those servers is available to end users and to external applications. The software does not proxy or emulate bidirectional communications protocols. Industrial security standards and regulations are evolving to reflect this strong alternative to network firewalls.
منابع مشابه
Automated Framework for Policy Optimization in Firewalls and Security Gateways
The challenge to address in multi-firewall and security gateway environment is to implement conflict-free policies, necessary to avoid security inconsistency, and to optimize, at the same time, performances in term of average filtering time, in order to make firewalls stronger against DoS and DDoS attacks. Additionally the approach should be real time, based on the characteristics of network tr...
متن کاملUsability and Security of Personal Firewalls
Effective security of a personal firewall depends on (1) the rule granularity and the implementation of the rule enforcement and (2) the correctness and granularity of user decisions at the time of an alert. A misconfigured or loosely configured firewall may be more dangerous than no firewall at all because of the user’s false sense of security. This study assesses effective security of 13 pers...
متن کاملPerformance and Information Security Evaluation with Firewalls
Firewalls are an essential part of any information security system being the first defense line against security attacks. The sea-saw effect between firewalls and network performance is most concerning to network users; where strict security settings result in weak network performance and permeant security settings allow for a stronger one. Hence, evaluating firewall platforms and their impact ...
متن کاملAn FPGA-based coprocessor for ATM firewalls
An agile firewall coprocessor is described that is based on field programmable gate array (FPGA) technology. This implementation of the firewall enables a high degree of traffic selectability yet avoids the usual performance penalty associated with IP level firewalls. This approach is applicable to high-speed broadband networks, and Asynchronous Transfer Mode (ATM) networks are addressed in par...
متن کاملManaging Distributed Personal Firewalls with Smart Data Servers
Modern security architectures tend to become more and more complex. Not only the chances to improve Web applications using several data channels and diverse (TCP-)ports are very promising, but also the risks for criminal attacks and an intrusion into the corporate network are increasing. The classical solution to protect networks against criminal attacks with firewalls is problematic, though. O...
متن کامل