|
Title:
|
EFFECTS OF ORDERED ACCESS LISTS IN FIREWALLS |
|
Author(s):
|
Faheem Bukhatwa , Ahmed Patel |
|
ISBN:
|
972-98947-1-X |
|
Editors:
|
Pedro IsaĆas and Nitya Karmakar |
|
Year:
|
2003 |
|
Edition:
|
2 |
|
Keywords:
|
Firewalls, filtering, access lists, packet classification, simulation. |
|
Type:
|
Full Paper |
|
First Page:
|
257 |
|
Last Page:
|
264 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
Firewalls are hardware and software systems that protect a network from attacks coming from the Internet. Packet filtering firewalls are efficient, fast and provide a good level of security and have withstood the test of time. Firewalls based on packet filtering provide protection through granting or denying access to passing packets. Each individual incoming or outgoing packet is inspected against a number of rules in an access list. The result of this inspection determines the decision to be made. The great expansion in communication and the increased number of users on the Internet place more pressure on firewalls to provide greater security at higher performance levels without being the bottleneck of communication. This enforces the search for better or more efficient methods of implementing firewalls. In this paper we examine the affects that ordering of the rules in access lists has on the performance of packet filtering. This is done through simulation of a network device performing packet filtering. Simulation enables more experiments to be carried out under exact repeated conditions allowing comparisons to be made which otherwise may not be possible. |
|
|
|
|
|
|
