Firewalls are a well-established security mechanism to restrict the traffic exchanged between networks to a certain subset of users and applications. In order to cope with new application types like multimedia, new firewall architectures are necessary. The performance of these new architectures is a critical factor because Quality of Service (QoS) demands of multimedia applications have to be taken into account. We show how the performance of firewall architectures for multimedia applications can be determined. We present a model to describe the performance of multimedia firewall architectures. This model can be used to dimension firewalls for usage with multimedia applications. In addition, we present the results of a lab experiment, used to evaluate the performance of a distributed firewall architecture and to validate the model.
This paper summarizes the PhD work of Utz Roedig, on how multimedia applications can be used in computer networks that are secured by firewalls. The obtained results influence the work of the IETF working group MIDCOM which standardizes a firewall control protocol. The results are used by Germany`s National Research and Education Network (DFN) to enable their video-conferencing services for universities. Some of the described mechanisms are also used by industry (Bosch, Siemens) and are published additionally as patents (EP1180888, EP1168749, EP1146711). RAE_import_type : Journal article RAE_uoa_type : Computer Science and Informatics
