Title :
FPGA-based Internet protocol firewall chip
Author :
Kayssi, Ayman ; Harik, Louis ; Ferzli, Rony ; Fawaz, Mohammad
Author_Institution :
Dept. of Electr. & Comput. Eng., American Univ. of Beirut, Lebanon
Abstract :
We present the design of a firewall for IP networks using a field-programmable gate array (FPGA). The FPGA implements, in hardware, the accept or deny rules of the firewall. A hardware-based firewall offers the advantages of speed over a software firewall, in addition to direct interfacing with network devices, such as an Ethernet or a serial line transceiver. This paper shows how the rules are translated to VHDL and then implemented in hardware, and how the hardware is utilized to filter network traffic in a packet-by-packet fashion, or based on connection information, with a speed of more than 500,000 packets per second
Keywords :
Internet; authorisation; data communication equipment; field programmable gate arrays; protocols; FPGA-based firewall chip; IP networks; Internet protocol firewall chip; VHDL; accept rules; computer networks; data security; deny rules; direct interfacing; field-programmable gate array; hardware-based firewall; Ethernet networks; Field programmable gate arrays; Hardware; IP networks; Information filtering; Information filters; Internet; Protocols; Telecommunication traffic; Transceivers;
Conference_Titel :
Electronics, Circuits and Systems, 2000. ICECS 2000. The 7th IEEE International Conference on
Conference_Location :
Jounieh
Print_ISBN :
0-7803-6542-9
DOI :
10.1109/ICECS.2000.911545
