Rights statement: The original publication is available at www.link.springer.com
Submitted manuscript, 116 KB, PDF document
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - A distributed firewall for multimedia applications
AU - Roedig, Utz
AU - Ackermann, Ralf
AU - Rensing, Christoph
AU - Steinmetz, Ralf
N1 - The original publication is available at www.link.springer.com
PY - 2000/9/1
Y1 - 2000/9/1
N2 - Firewalls are a widely used security mechanism to provide access control and auditing at the border between "open" and private networks or administrative domains. As part of the network infrastructure they are strongly affected by the development and deployment of new communication paradigms and applications. Currently we experience a very fast rise in the use of multimedia applications. These differ in many aspects from "traditional applications", for example concerning bandwidth usage, dynamic protocol elements or multiple data flows for one application session. Corresponding firewall mechanisms and techniques did not change with the same dynamics though. Currently existing firewalls have problems supporting these new type of applications because to some extent they try to map the new characteristics to the manner of conventional applications which they are able to handle. We strongly believe that new application types require new firewall techniques and mechanisms. In this paper, we identify typical characteristics of multimedia applications that cause problems using traditional firewalls. Based on this analysis we deduce enhancements to existing firewalls that can be used to better adapt to a communication environment in which multimedia applications are used. We describe these enhancements in general, show a adequate systems architecture and present a implementation based on this design. The feasibility of that approach has been shown in the example scenario that we finally present.
AB - Firewalls are a widely used security mechanism to provide access control and auditing at the border between "open" and private networks or administrative domains. As part of the network infrastructure they are strongly affected by the development and deployment of new communication paradigms and applications. Currently we experience a very fast rise in the use of multimedia applications. These differ in many aspects from "traditional applications", for example concerning bandwidth usage, dynamic protocol elements or multiple data flows for one application session. Corresponding firewall mechanisms and techniques did not change with the same dynamics though. Currently existing firewalls have problems supporting these new type of applications because to some extent they try to map the new characteristics to the manner of conventional applications which they are able to handle. We strongly believe that new application types require new firewall techniques and mechanisms. In this paper, we identify typical characteristics of multimedia applications that cause problems using traditional firewalls. Based on this analysis we deduce enhancements to existing firewalls that can be used to better adapt to a communication environment in which multimedia applications are used. We describe these enhancements in general, show a adequate systems architecture and present a implementation based on this design. The feasibility of that approach has been shown in the example scenario that we finally present.
U2 - 10.1007/978-3-642-58346-9_1
DO - 10.1007/978-3-642-58346-9_1
M3 - Conference contribution/Paper
SN - 9783540679264
T3 - Informatik aktuell
SP - 3
EP - 16
BT - Sicherheit in Netzen und Medienströmen
A2 - Schumacher, Markus
A2 - Steinmetz, Ralf
PB - Springer Verlag
CY - Berlin
ER -