IMPROVING FIREWALL PERFORMANCE BY USING A CACHE TABLE

IMPROVING FIREWALL PERFORMANCE BY USING A CACHE TABLE

Firewalls are the cornerstone of network security. Modern firewalls not only operate at the network layer, but also at the transport and application layers to provide maximum security. Firewalls are commonly implemented as packet filters and operated by examining the incoming packets and comparing t...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:International journal of advances in engineering and technology 2014-11, Vol.7 (5), p.1-1
Hauptverfasser: Ganesh, Ashwin, Sudarsan, Anirudhan, Vasu, Ajay Krishna, Ramalingam, Dinesh
Format: Artikel
Sprache:eng
Schlagworte:
Firewalls
Lists
Networks
Performance enhancement
Routing (telecommunications)
Security
Tables (data)
Transport
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Firewalls are the cornerstone of network security. Modern firewalls not only operate at the network layer, but also at the transport and application layers to provide maximum security. Firewalls are commonly implemented as packet filters and operated by examining the incoming packets and comparing them with a set of predefined rules, called an access control list. The firewall then decides, whether to route the packet into the trusted network or to filter it. In this paper, the authors propose a method to improve firewall performance, by minimizing the average number of comparisons, required before a rule is matched to an incoming packet. The proposed method, uses a linked list data structure to cache some of the rules defined in the access control list. The proposed algorithm functions, by exploiting traffic behavior and determining which rules are matched more frequently. Such rules, are cached in the linked list, which effectively functions as a cache table. A comparison of the proposed work and the conventional static approach is also presented.
ISSN:2231-1963
2231-1963