Share Email Print

Proceedings Paper

A solution for parallel network architectures applied to network defense appliances and sensors
Author(s): Eric C. Naber; Paul G. Velez; Amanpreet S. Johal
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

Network defense has more technologies available for purchase today than ever before. As the number of threats increase, organizations are deploying multiple defense technologies to defend their networks. For instance, an enterprise network boundary often implements multiple network defense appliances, some with overlapping capabilities (e.g., firewalls, IDS/IPS, DNS Defense). These appliances are applied in a serial fashion to create a chain of network processing specifically designed to drop bad traffic from the network. In these architectures, once a packet is dropped by an appliance subsequent appliances do not process it. This introduces significant limitations; (1) Stateful appliances will maintain an internal state which differs from network reality; (2) The network manager cannot determine, or unit test, how each appliance would have treated each packet; (3) The appliance "votes" cannot be combined to achieve higherlevel functionality. To address these limitations, we have developed a novel, backwards-compatible Parallel Architecture for Network Defense Appliances (PANDA). Our approach allows every appliance to process all network traffic and cast a vote to drop or allow each packet. This "crowd-sourcing" approach allows the network designer to take full advantage of each appliance, understand how each appliance is behaving, and achieve new collaborative appliance behavior.

Paper Details

Date Published: 4 May 2012
PDF: 13 pages
Proc. SPIE 8408, Cyber Sensing 2012, 84080D (4 May 2012); doi: 10.1117/12.919470
Show Author Affiliations
Eric C. Naber, The Johns Hopkins Univ. Applied Physics Lab. (United States)
Paul G. Velez, The Johns Hopkins Univ. Applied Physics Lab. (United States)
Amanpreet S. Johal, The Johns Hopkins Univ. Applied Physics Lab. (United States)

Published in SPIE Proceedings Vol. 8408:
Cyber Sensing 2012
Igor V. Ternovskiy; Peter Chin, Editor(s)

© SPIE. Terms of Use
Back to Top
Sign in to read the full article
Create a free SPIE account to get access to
premium articles and original research
Forgot your username?