Title :
Design and implementation of stateful packet inspection firewall based on ForCES architecture
Author :
Zhou, Furong ; Huang, Guanren ; Pan, Xiaoming ; Dong, Ligang
Author_Institution :
Coll. of Inf. & Electron. Eng., Zhejiang Gongshang Univ., Hangzhou, China
Abstract :
With the rapid development of information technology, network security issues become increasingly serious. Forwarding and Control Elements Separation (ForCES) architecture advanced by ForCES working group of IETF routing area can solve network security problems well, which has become an important research direction of next generation Internet. This paper first illustrates the design of stateful packet inspection firewall (SPIF) based on ForCES architecture, and then focuses on the implementation based on network processor. Finally, we test our work and the result verifies the correctness and feasibility of SPIF based on ForCES architecture.
Keywords :
computer networks; telecommunication security; ForCES Architecture; IETF routing area; forwarding and control elements separation; network security; stateful packet inspection firewall; Fires; Iron; Logic gates; Matched filters; Virtual private networks; ForCES; LFB; Micro-module; firewall; network processor;
Conference_Titel :
Information Networking and Automation (ICINA), 2010 International Conference on
Conference_Location :
Kunming
Print_ISBN :
978-1-4244-8104-0
Electronic_ISBN :
978-1-4244-8106-4
DOI :
10.1109/ICINA.2010.5636423
