Title :
Demystifying Cluster-Based Fault-Tolerant Firewalls
Author :
Ayuso, Pablo Neira ; Gasc, Rafael M. ; Lefevre, Laurent
Author_Institution :
Univ. of Seville, Seville, Spain
Abstract :
Firewalls are perimeter security solutions that are useful for addressing the unwanted traffic issue. However, designers must also appropriately address the network performance, availability, and complexity problems that firewalls introduce. The authors survey existing cluster-based fault-tolerant firewall architectures and discuss their trade-offs in these three areas. They present a preliminary evaluation of these architectures and discuss the need for state replication in stateful firewall clusters. They also discuss the difficulties of providing a simple, performance, and fault-tolerant cluster-based firewall solution.
Keywords :
Internet; authorisation; computer network reliability; fault tolerance; telecommunication security; telecommunication traffic; Internet; cluster-based fault-tolerant firewall architecture; security solution; state replication; stateful firewall cluster; unwanted traffic issue; Availability; Fault tolerance; Telecommunication traffic; fault tolerance; firewalls; networks; unwanted traffic;
Journal_Title :
Internet Computing, IEEE
DOI :
10.1109/MIC.2009.128
