CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 8408 > Article
Paper
4 May 2012 A solution for parallel network architectures applied to network defense appliances and sensors
Eric C. Naber, Paul G. Velez, Amanpreet S. Johal
Author Affiliations +
Proceedings Volume 8408, Cyber Sensing 2012; 84080D (2012) https://doi.org/10.1117/12.919470
Event: SPIE Defense, Security, and Sensing, 2012, Baltimore, Maryland, United States
Abstract
Network defense has more technologies available for purchase today than ever before. As the number of threats increase, organizations are deploying multiple defense technologies to defend their networks. For instance, an enterprise network boundary often implements multiple network defense appliances, some with overlapping capabilities (e.g., firewalls, IDS/IPS, DNS Defense). These appliances are applied in a serial fashion to create a chain of network processing specifically designed to drop bad traffic from the network. In these architectures, once a packet is dropped by an appliance subsequent appliances do not process it. This introduces significant limitations; (1) Stateful appliances will maintain an internal state which differs from network reality; (2) The network manager cannot determine, or unit test, how each appliance would have treated each packet; (3) The appliance "votes" cannot be combined to achieve higherlevel functionality. To address these limitations, we have developed a novel, backwards-compatible Parallel Architecture for Network Defense Appliances (PANDA). Our approach allows every appliance to process all network traffic and cast a vote to drop or allow each packet. This "crowd-sourcing" approach allows the network designer to take full advantage of each appliance, understand how each appliance is behaving, and achieve new collaborative appliance behavior.
© (2012) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Eric C. Naber, Paul G. Velez, and Amanpreet S. Johal "A solution for parallel network architectures applied to network defense appliances and sensors", Proc. SPIE 8408, Cyber Sensing 2012, 84080D (4 May 2012); https://doi.org/10.1117/12.919470
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 13 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Defense and security
Network architectures
Sensors
Prototyping
Defense systems
Error control coding
Network security
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top