FT-FW: A cluster-based fault-tolerant architecture for stateful firewalls - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Article Dans Une Revue Computers and Security Année : 2012

FT-FW: A cluster-based fault-tolerant architecture for stateful firewalls

Résumé

Nowadays, stateful firewalls are part of the critical infrastructure of the Internet. Basically, they help to protect network services and users against attackers by means of access control and protocol conformance checkings. However, stateful firewalls are problematic from the fault-tolerance perspective since they introduce a single point of failure in the network schema. In this work, we summarize and enhance our previous research efforts that aim to provide a full fault-tolerant solution for stateful firewalls. These efforts have focused on the design and the implementation of the cluster-based Fault-Tolerant stateful Firewall (FT-FW) architecture. We provide details on our proposed solution and we extensively evaluate important network performance and availability aspects that we did not cover so far. The evaluation experiments are based on our Free/OpenSource implementation that has become the most popular solution for Linux-based stateful firewalls.1

Dates et versions

hal-00766074 , version 1 (17-12-2012)

Identifiants

Citer

Pablo Neira, M. Rafael, Laurent Lefevre. FT-FW: A cluster-based fault-tolerant architecture for stateful firewalls. Computers and Security, 2012, 31 (4), pp.524-539. ⟨10.1016/j.cose.2012.01.011⟩. ⟨hal-00766074⟩
201 Consultations
0 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More