Development of a distributed firewall administration tool

Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2008Includes bibliographical references (leaves: 58-61)Text in English; Abstract: Turkish and Englishxi, 61 leavesToday firewalls not only guard internal computer networks but also individual personal computers against malicious and unauthorized accesses from outside. The purpose of this study is to create architecture and its corresponding application to manage distributed firewalls running on Microsoft Windows platform. Distributed Firewall Administration is about creating a management center for a network composed of the firewalls running on Microsoft Windows platform. Main important part of this work is to determine distributed firewall network topology with breadth-first search and depth-first search algorithms.The Microsoft Windows Firewall API makes it possible to programmatically manage the features of firewalls running on windows platform by allowing applications to create, enable and disable firewall exceptions. This study used the Windows Firewall API to manage the features of it. This API is only reachable using C/C++ low level programming languages.Distributed Firewall Administration Tool (DFAT) can add, modify or delete rules on the end-user firewall rule set, these rules stored on the database. This tool works on a distributed environment, there is a parent child relationship between firewalls. Parent firewalls have right to manage its child firewall.s rule set. Firewalls introduce themselves to each other with broadcast method

Trapping malicious insiders in the SPDR web

Abstract The insider threat has assumed increasing importance as our dependence on critical cyber information infrastructure has increased. In this paper we describe an approach for thwarting and attributing insider attacks. The Sense, Prepare, Detect, and React (SPDR

Design and implementation of a hardened distributed network endpoint security system for improving the security of internet protocol-based networks

This thesis proposes a distributed approach to securing computer networks by delegating the role of a conventional firewall to a collection of nodes and controllers placed throughout the networks they are intended toprotect from attack. This distributed firewall system is a specific application of a generalized distriubted system framework that is also proposed in this thesis. The design and implementation of both the generalized framework and the application of the framework in creating a distributed firewall system for use on Ethernet-based networks that rely on the Internet Protocol are discussed. Conclusions based upon the preliminary implementation of the proposed systems are given along with future directions --Abstract, pageiii

Distributed Perimeter Firewall Policy Management Framework

Title from PDF of title page viewed January 9, 2018Dissertation advisor: Vijay KumarVitaIncludes bibliographical references (pages 66-72)Thesis (Ph.D.)--School of Computing and Engineering. University of Missouri--Kansas City, 2017A perimeter firewall is the first line of defense that stops unwanted packets (based on defined firewall policies) entering the organization that deploys it. In the real world, every organization maintains a perimeter firewall between internet (which could be untrusted) and its own network (private network). In addition, organizations maintain internal firewalls to safeguard individual departments and data center servers based on various security and privacy requirements. In general, if we consider firewall setup in multinational organization's network environment, every branch has perimeter firewall and a set of internal firewalls. Every branch has its own security policies defined based on its specific security requirements, type of information, information processing systems, location-based compliance requirements, etc. As the branches of the multinational organizations span across the globe, managing the policies at every branch and ensuring the compliance and consistency of security policies are quite complex. Any misconfiguration of firewall policies even at a single branch may pose risk to the overall organization in terms of financial loss and reputation. In this dissertation, we present our framework to automate the policy management of distributed perimeter firewalls of a multi-national organization. We introduce new categories of policies to support centralized management of distributed firewalls and to ensure consistency and compliance of organizational and location-based policies. We define procedures for the initialization of firewall policies and policy updates. Our scheme is highly automatic that needs minimum human intervention to incorporate a set of new policies or update existing policies in distributed firewalls.Introduction -- Literature review -- Distributed perimeter firewall policy management -- Efficient design of Firewall temporal policies -- Identification of unsafe locations in IP and cellular based networks -- Conclusion and future wor

Roaming user-based distributed firewalls

While external attacks on the corporate LAN still pose a major obstacle to network administrators, internal attacks cause as much or more chaos. In fact, internal attacks can be potentially much more threatening as compared to external attacks since those performing the attacks are usually authenticated users who know more about the network they are attacking. Also, internal attacks can be carried out with much more ease as most organizations adopt the policy of rigorously protecting the network from the outside, but leaving the inside almost entirely unattended. Recently many different technologies have been both proposed and implemented which are designed to provide better security for the internal corporate network. Most of these implementations, though, are designed to provide security for mission critical machines such as servers which hold important company files, records, etc. Some more recent technologies have started to view security for the entire corporate network including client machines. Distributed Firewall technologies have been proposed for providing a corporate-wide client machine firewall implementation which is centrally managed. The problem here lies in the fact that many corporate users today are no longer stationary in their job function. Their job requires them to use various client machines which may be located within varying areas of the corporate network. The following paper describes a theoretical framework for implementing a distributed firewall system which is capable of following users wherever they may go within the corporate network dubbed the Roaming User-Based Distributed Firewall. A description is given as to how this firewall technology can be implemented as well as the inherent advantages it gives. A proof-of-concept implementation of this technology is also presented to help convey the implementation of this technology