Academic Commons

Articles

Distributed Firewalls

Bellovin, Steven Michael

Conventional firewalls rely on the notions of restricted topology and controlled entry points to function. More precisely, they rely on the assumption that everyone on one side of the entry point—the firewall—is to be trusted, and that anyone on the other side is, at least potentially, an enemy. The vastly expanded Internet connectivity in recent years has called that assumption into question. We propose a "distributed firewall", using IPSEC, a policy language, and system management tools. A distributed firewall preserves central control of access policy, while reducing or eliminating any dependency on topology.

Subjects

Files

More About This Work

Academic Units
Computer Science
Published Here
June 24, 2010

Notes

;login:, special issue (November 1999), pp. 39-47.

Academic Commons provides global access to research and scholarship produced at Columbia University, Barnard College, Teachers College, Union Theological Seminary and Jewish Theological Seminary. Academic Commons is managed by the Columbia University Libraries.