• DocumentCode
    2694377
  • Title

    An FPGA-based coprocessor for ATM firewalls

  • Author

    McHenry, John T. ; Dowd, Patrick W. ; Pellegrino, Frank A. ; Carrozzi, Todd M. ; Cocks, William B.

  • Author_Institution
    Dept. of Defense, Fort Meade, ID, USA
  • fYear
    1997
  • fDate
    16-18 Apr 1997
  • Firstpage
    30
  • Lastpage
    39
  • Abstract
    This implementation of the firewall enables a high degree of traffic selectability yet avoids the usual performance penalty associated with IP level firewalls. This approach is applicable to high-speed broadband networks, and asynchronous transfer mode (ATM) networks are addressed in particular. Security management is achieved through a new technique of active connection management with authentication. Past approaches to network security involve firewalls providing selection based on packet filtering and application level proxy gateways. IP level firewalling was sufficient for traditional networks but causes a severe performance degradation in high speed broadband environments. The approach described in this paper discusses the use of an FPGA-based front end processor that filters relevant signaling information to the firewall host while at the same time allowing friendly connections to proceed at line speed with no performance degradation
  • Keywords
    asynchronous transfer mode; broadband networks; coprocessors; field programmable gate arrays; message authentication; performance evaluation; security of data; telecommunication traffic; transport protocols; ATM firewalls; ATM networks; FPGA-based coprocessor; IP level firewalls; active connection management; application level proxy gateways; asynchronous transfer mode networks; authentication; front end processor; high-speed broadband networks; network security; packet filtering; performance degradation; performance penalty; security management; signaling information; traffic selectability; Asynchronous transfer mode; Authentication; Broadband communication; Coprocessors; Costs; Degradation; Educational institutions; Field programmable gate arrays; Information security; Protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Field-Programmable Custom Computing Machines, 1997. Proceedings., The 5th Annual IEEE Symposium on
  • Conference_Location
    Napa Valley, CA
  • Print_ISBN
    0-8186-8159-4
  • Type

    conf

  • DOI
    10.1109/FPGA.1997.624602
  • Filename
    624602
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2694377