Design and Implementation of Distributed Firewall System for IPv6

The deployment of the IPv6 network becomes to be realized as the necessity of the IPv6 network is enlarged due to the limit of the IPv4 network. However, the security policy about the IPv6 network is not mature and it becomes an obstacle in the IPv6 network deployment. Attackers can detour the acces...

Full description

Saved in:
Bibliographic Details
Published in2009 International Conference on Communication Software and Networks pp. 428 - 432
Main Authors Yingxu Lai, Guangzhi Jiang, Jian Li, Zhen Yang
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.02.2009
Subjects
attack
Authentication
Cryptography
Data security
Electrostatic precipitators
Filtering
firewall
Information security
Internet
IPSec
IPv6
Protection
Prototypes
Telecommunication traffic
Online AccessGet full text

Cover

More Information
Summary:The deployment of the IPv6 network becomes to be realized as the necessity of the IPv6 network is enlarged due to the limit of the IPv4 network. However, the security policy about the IPv6 network is not mature and it becomes an obstacle in the IPv6 network deployment. Attackers can detour the access control of packet filtering system, unless packet filtering system can decrypt IPSec packet. This paper introduces the implementation of Distributed Firewall System (DFS) that can be applicable to the IPv6 network and has capabilities of processing encrypted IPSec packet. The prototype introduced in this paper has been implemented in order to be applied to the IPv6 network preferentially. Although it has a limit to forward performance, the prototype can give the basic concepts toward the IPv6-based DFS equipment.
ISBN:9780769535227
0769535224
DOI:10.1109/ICCSN.2009.121