Firewalls are an excellent security mechanism to protect networks from intruders, and they can establish a relatively secure barrier between a system and the external environment. Firewall products are available with a variety of functionality and features, such as strong authentication, the ability to create VPNs, and easy-to-use interfaces. Selecting the appropriate firewall for an organizati...

security and QoS are the two most precious objectives for network systems to be attained. Unfortunately, they are in conflict, while QoS tries to minimize processing delay, strong security protection requires more processing time and cause packet delay. This article is a step towards resolving this conflict by extending the firewall session table to accelerate NAT, QoS classification, and routi...

IDS are becoming the logical next step for many organizations after deploying firewall technology at the network perimeter. IDS can offer protection from external users and internal attackers, where traffic doesn't go past the firewall at all. However, the following points are very important to keep in mind. 1. Strong identification and authentication: An IDS uses very good signature analysis m...

IDS are becoming the logical next step for many organizations after deploying firewall technology at the network perimeter. IDS can offer protection from external users and internal attackers, where traffic doesn't go past the firewall at all. However, the following points are very important to keep in mind. 1. Strong identification and authentication: An IDS uses very good signature analysis m...

Using statistical analysis strategy, a large-scale firewall log files is analyzed and two main characteristics, the protocol field and the IP address field, is extracted in this paper. Based on the extracted features and the characteristics of multi-tree and dual-index strategy, we design a better firewall optimization algorithm. Compared with the Stochastic Distribution Multibit-trie (SDMTrie)...

IDS are becoming the logical next step for many organizations after deploying firewall technology at the network perimeter. IDS can offer protection from external users and internal attackers, where traffic doesn't go past the firewall at all. However, the following points are very important to keep in mind. 1. Strong identification and authentication: An IDS uses very good signature analysis m...

The LANL transparent web proxy lets authorized external users originating from the Internet to securely access internal intranet web content and applications normally blocked by a firewall. Unauthenticated access is still, of course, denied. The proxy is transparent in that no changes to browsers, user interaction, or intranet web servers are necessary. The proxy, a few thousand lines of C runn...

Firewalls are widely adopted for protecting private networks by filtering out undesired network traffic in and out of secured networks. Therefore, they play an important role in the security of communication systems. The verification of firewalls is a great challenge because of the dynamic characteristics of their operation, their configuration is highly error prone, and finally, they are consi...

The increasing complexity of networks, and the need to make them more open due to the growing emphasis on and attractiveness of the Internet as a medium for business transactions, mean that networks are becoming more and more exposed to attacks, both from without and from within. The search is on for mechanisms and techniques for the protection of internal networks from such attacks. One of the...

Web services security has been a challenging issue in recent years because current security mechanisms, such as conventional firewalls, are not sufficient for protecting service-oriented systems from XML-based attacks. In order to provide effective security mechanisms for service-oriented systems, XML firewalls were recently introduced as an extension to conventional firewalls for web services ...