On the large-scale deployment of a distributed embedded firewall

We were recently challenged to deploy a scalable network of host based defenses using the 3com embedded firewall (EFW). The goal was to test EFW scalability in a fully operational environment. A host-based, distributed firewall like EFW requires a different perspective on policy configuration and management than a conventional perimeter firewall. They can improve overall network security by pushing protection to the network endpoints. We implemented the following workaround: protecting first the critical mission assets; restrict access to a host but relax access from the host; leverage other available countermeasures. We also instrumented the internal network with a freeware intrusion detection system (IDS) to monitor the link between the enclave and the satellite connection leading to the perimeter firewall and the extranet.