Roaming user-based distributed firewalls

While external attacks on the corporate LAN still pose a major obstacle to network administrators, internal attacks cause as much or more chaos. In fact, internal attacks can be potentially much more threatening as compared to external attacks since those performing the attacks are usually authenticated users who know more about the network they are attacking. Also, internal attacks can be carried out with much more ease as most organizations adopt the policy of rigorously protecting the network from the outside, but leaving the inside almost entirely unattended. Recently many different technologies have been both proposed and implemented which are designed to provide better security for the internal corporate network. Most of these implementations, though, are designed to provide security for mission critical machines such as servers which hold important company files, records, etc. Some more recent technologies have started to view security for the entire corporate network including client machines. Distributed Firewall technologies have been proposed for providing a corporate-wide client machine firewall implementation which is centrally managed. The problem here lies in the fact that many corporate users today are no longer stationary in their job function. Their job requires them to use various client machines which may be located within varying areas of the corporate network. The following paper describes a theoretical framework for implementing a distributed firewall system which is capable of following users wherever they may go within the corporate network dubbed the Roaming User-Based Distributed Firewall. A description is given as to how this firewall technology can be implemented as well as the inherent advantages it gives. A proof-of-concept implementation of this technology is also presented to help convey the implementation of this technology