On the large-scale deployment of a distributed embedded firewall
2003
We were recently challenged to deploy a scalable network of host based defenses using the 3com embedded firewall (EFW). The goal was to test EFW scalability in a fully operational environment. A host-based, distributed firewall like EFW requires a different perspective on policy configuration and management than a conventional perimeter firewall. They can improve overall network security by pushing protection to the network endpoints. We implemented the following workaround: protecting first the critical mission assets; restrict access to a host but relax access from the host; leverage other available countermeasures. We also instrumented the internal network with a freeware intrusion detection system (IDS) to monitor the link between the enclave and the satellite connection leading to the perimeter firewall and the extranet.
Keywords:
- Correction
- Source
- Cite
- Save
- Machine Reading By IdeaReader
1
References
0
Citations
NaN
KQI