Design of a load-balancing architecture for parallel firewalls
Joyner, William L.
Irvine, Cynthia E.
MetadataShow full item record
Because firewalls can become a potential choke point as network speeds and loads increase, the Navy needs a cost-effective means of increasing data rate through firewalls by placing several machines in parallel and balancing the traffic load among them. Current firewall architectures consisting of multiple machines do not balance load among machines and require that each type of traffic be allocated to a machine dedicated to processing specific protocols. This situation creates a performance bottleneck. This thesis proposes a load-balancing firewall architecture to meet the Navy's needs. It first conducts an architectural analysis of the problem and then presents a high-level system design as a solution. Finally, the thesis provides a detailed system design, targeted for the BSD/OS operating System. The detailed design describes the state transitions, data types and databases, functional interfaces, and threads of execution for a modular layered software architecture. The result of this thesis is a procedural blueprint for implementation of a firewall architecture, from both software and hardware perspectives, that should mitigate the performance bottleneck. The software architecture is easily verifiable due to its modular, layered design; does not affect either the commercial routers or firewall products; and provides an administrative interface for performance tuning.
Showing items related by title, author, creator and subject.
Schively, Jody L. (Monterey, California. Naval Postgraduate School, 1994-09);As the Naval Postgraduate School's (NPS) computer network continues to incorporate computers with a wide variety of security holes, it is vital that an Internet firewall be installed to provide perimeter security for NPS ...
Healey, A. J. (2002-08);This paper provides an overview of the Naval Postgraduate School ARIES autonomous underwater vehicle and its guidance, navigation and control performance. An attempt is made to highlight its current operational capabilities ...
Ackman, Kerri L. (Monterey, California. Naval Postgraduate School, 2012-12);The purpose of this thesis is to contribute to the development of the next generation of spacecraft attitude control systems by designing and building a prototype open-architecture control moment gyroscope (CMG). The focus ...