|
| This Article | ||
| ||
| Share | ||
| Bibliographic References | ||
| Add to: | ||
 Digg  Furl  Spurl  Blink  Simpy  Google  Del.icio.us  Y!MyWeb | ||
| Search | ||
| ||
First International Conference on Availability, Reliability and Security (ARES'06)
High Availability support for the design of stateful networking equipments
Vienna, Austria
April 20-April 22
ISBN: 0-7695-2567-9
| ASCII Text | x | ||
| P. Neira, Laurent Lef`evre, R.M. Gasca, "High Availability support for the design of stateful networking equipments," 2012 Seventh International Conference on Availability, Reliability and Security, pp. 254-261, First International Conference on Availability, Reliability and Security (ARES'06), 2006. | |||
| BibTex | x | ||
| @article{ 10.1109/ARES.2006.71, author = {P. Neira and Laurent Lef`evre and R.M. Gasca}, title = {High Availability support for the design of stateful networking equipments}, journal ={2012 Seventh International Conference on Availability, Reliability and Security}, volume = {0}, year = {2006}, isbn = {0-7695-2567-9}, pages = {254-261}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2006.71}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, } | |||
| RefWorks Procite/RefMan/Endnote | x | ||
| TY - CONF JO - 2012 Seventh International Conference on Availability, Reliability and Security TI - High Availability support for the design of stateful networking equipments SN - 0-7695-2567-9 SP254 EP261 A1 - P. Neira, A1 - Laurent Lef`evre, A1 - R.M. Gasca, PY - 2006 KW - High Availability KW - Firewall KW - OpenSource KW - Security KW - Stateful VL - 0 JA - 2012 Seventh International Conference on Availability, Reliability and Security ER - | |||
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2006.71
The availability of some critical equipments like gateways, firewalls and proxies must be guaranteed in operational networks. In early equipments, the routing and filtering decisions were based on the packet information, nowadays this static approach is not longer safe. Existing High Availability (HA) solutions do not cover all the aspects to ensure availability of advanced settings that are being deployed these days. Some important issues like the reduction of the downtime and the need for failure detection in such scenarios must be studied. This paper describes the implementation of high available stateful network equipments: these systems apply policies based on the state of the connections, such information is gathered in runtime by means of packet inspection. This work specifically focus on Linux systems and firewalls because the IT industry is trusting more and more OpenSource solutions to deploy critical services because of its quality and the access to the source code. We propose the SNE library (Stateful Network Equipment), which is an add-on to current HA protocols, to solve the existing limitations. In this paper, we describe the proposed architecture and we detail a set problematic scenarios supported by our library, as well as first experiments and the evaluation.
Index Terms:
High Availability, Firewall, OpenSource,Security, Stateful
Citation:
P. Neira, Laurent Lef`evre, R.M. Gasca, "High Availability support for the design of stateful networking equipments," ares, pp.254-261, First International Conference on Availability, Reliability and Security (ARES'06), 2006
Usage of this product signifies your acceptance of the Terms of Use.