Tesis doctoral de Pablo Neira Ayuso
Nowadays, stateful firewalls are key parts of the critical infrastructure of the internet. Basically, they help to protect network services and users against attackers by means of access control and protocol conformance checkings. However, stateful firewalls cover network security aspects at the cost of introducing more problems in terms of network performance, availability and complexity. Many research has been done with regards to firewalls during the last decades to appropriately address these concerns. Specifically, these works have focused on improving network performance, through efficient packet classification and specialized hardware, and complexity, by means of model-based filtering policy representations and the detection of rule-set inconsistencies. However, high availability of stateful firewalls have remained barely studied by the research community according to the existing academic works. This dissertation aims to fill the gap in the field of high availability and stateful firewalls. In several research articles that we have compiled in this thesis, we present the fault-tolerant stateful firewall (ft-fw) architecture to provide high availability, we survey existing fault-tolerant firewall architectures and we provide experimental results that allow network arquitects to select what solution fulfills their requirements. We also provide a software implementation released as free software that the it industry widely use these days. Moreover, we have applied our research work in the context of wireless mesh networks. In this challenging scenario, we provide a distributed firewalling architecture that helps to improve network-resource management. This architecture is based on bloom filters and it considers aspects such as efficient filtering policy distribution and mobility.
Datos académicos de la tesis doctoral «Architectures for the high availability of stateful firewalls«
- Título de la tesis: Architectures for the high availability of stateful firewalls
- Autor: Pablo Neira Ayuso
- Universidad: Sevilla
- Fecha de lectura de la tesis: 22/07/2010
Dirección y tribunal
- Director de la tesis
- Laurent Lefevre
- Tribunal
- Presidente del tribunal: Antonio Maña gómez
- leonardo Maccari (vocal)
- eduardo Fernandez-medina paton (vocal)
- geoffroy Vallée (vocal)