FT-FW: A cluster-based fault-tolerant architecture for stateful firewalls

Abstract : Nowadays, stateful firewalls are part of the critical infrastructure of the Internet. Basically, they help to protect network services and users against attackers by means of access control and protocol conformance checkings. However, stateful firewalls are problematic from the fault-tolerance perspective since they introduce a single point of failure in the network schema. In this work, we summarize and enhance our previous research efforts that aim to provide a full fault-tolerant solution for stateful firewalls. These efforts have focused on the design and the implementation of the cluster-based Fault-Tolerant stateful Firewall (FT-FW) architecture. We provide details on our proposed solution and we extensively evaluate important network performance and availability aspects that we did not cover so far. The evaluation experiments are based on our Free/OpenSource implementation that has become the most popular solution for Linux-based stateful firewalls.1
Type de document :
Article dans une revue
Computers and Security, Elsevier, 2012, 31 (4), pp.524-539. 〈10.1016/j.cose.2012.01.011〉
Liste complète des métadonnées

https://hal.inria.fr/hal-00766074
Contributeur : Laurent Lefèvre <>
Soumis le : lundi 17 décembre 2012 - 15:09:25
Dernière modification le : vendredi 20 avril 2018 - 15:44:26

Identifiants

Collections

Citation

Pablo Neira, M. Rafael, Laurent Lefevre. FT-FW: A cluster-based fault-tolerant architecture for stateful firewalls. Computers and Security, Elsevier, 2012, 31 (4), pp.524-539. 〈10.1016/j.cose.2012.01.011〉. 〈hal-00766074〉

Partager

Métriques

Consultations de la notice

255