Title :
Designing an academic firewall: policy, practice, and experience with SURF
Author :
Greenwald, Michael ; Singhal, Sandeep K. ; Stone, Jonathan R. ; Cheriton, David R.
Author_Institution :
Dept. of Comput. Sci., Stanford Univ., CA, USA
Abstract :
Corporate network firewalls are well-understood and are becoming commonplace. These firewalls establish a security perimeter that aims to block (or heavily restrict) both incoming and outgoing network communication. We argue that these firewalls are neither effective nor appropriate for academic or corporate research environments needing to maintain information security while still supporting the free exchange of ideas. In this paper we present the Stanford University Research Firewall (SURF), a network firewall design that is suitable for a research environment. While still protecting information and computing resources behind the firewall, this firewall is less restrictive of outward information flow than the traditional model; can be easily deployed; and can give internal users the illusion of unrestricted e-mail, anonymous FTP, and WWW connectivity to the greater Internet. Our experience demonstrates that an adequate firewall for a research environment can be constructed for minimal cost using off-the-shelf software and hardware components
Keywords :
Internet; security of data; SURF; Stanford University Research Firewall; WWW connectivity; academic firewall; anonymous FTP; e-mail; hardware components; network communication; off-the-shelf software; security perimeter; Collaboration; Computer hacking; Computer science; Costs; Data security; Electronic mail; Information security; Protection; Web and internet services; World Wide Web;
Conference_Titel :
Network and Distributed System Security, 1996., Proceedings of the Symposium on
Conference_Location :
San Diego, CA
Print_ISBN :
0-8186-7222-6
DOI :
10.1109/NDSS.1996.492415
