Software-based unified security switch
When a network is protected by different types of security devices such as firewalls, antivirus, and intrusion prevention systems, certain issues arises that may affect the network's performance. Such security devices are placed in a linear fashion on a link to the network's edge. A common...
Saved in:
| Main Authors: | , , , |
|---|---|
| 格式: | text |
| 語言: | English |
| 出版: |
Animo Repository
2009
|
| 主題: | |
| 在線閱讀: | https://animorepository.dlsu.edu.ph/etd_bachelors/14625 |
| 標簽: |
添加標簽
沒有標簽, 成為第一個標記此記錄!
|
| 總結: | When a network is protected by different types of security devices such as firewalls, antivirus, and intrusion prevention systems, certain issues arises that may affect the network's performance. Such security devices are placed in a linear fashion on a link to the network's edge. A common approach to improve performance is to replicate the security devices using an additional link to the network's edge. Traffic is load balanced to the two links using a networking appliance such as a router. However, this approach is very expensive to implement. An alternative solution is the use of a unified security switch. A unified security switch is a device that sits in between the edge device and the internal network. All security devices are connected to it and it monitors the status of each one of them. It classifies captured packet according to the protocol of the packet and forwards the packet to the appropriate security devices the packet must undergo inspection based on the classification. The appropriate security devices are based on an XML configuration and the different packet classifiers. The unified security switch is capable of load balancing security devices of the same function. The unified security switch then consolidates all the receive packets forwarded to the appropriate security devices and then decides whether the packet is allowed to be forwarded to the other network or not. |
|---|