Study of methods for endpoint aware inspection in a next generation firewall  

在线阅读下载全文

作  者:Jenny Heino Antti Hakkala Seppo Virtanen 

机构地区:[1]Department of Computing,University of Turku,Turku,Finland [2]Forcepoint LLC,Helsinki,Finland

出  处:《Cybersecurity》2022年第4期56-70,共15页网络空间安全科学与技术(英文)

摘  要:Given the global increase in remote work with the COVID-19 pandemic and deperimeterization due to cloud deployment of next generation frewalls,the concept of a next generation firewall is at a breaking point.It is becoming more dificult to define the barrier between the good and the bad.To provide the best security for an endpoint with minimal false positives or false negatives it is often necessary to identify the communicating endpoint application.n this study,we present an analysis of key research and methods for providing endpoint aware protection in the context of a next generation frewall We examine both academic research as well as state-of-the-art of the existing next generation firewall implementations.We divide endpoint application identification into passive and active methods.For passive endpoint application identification,we study several traffc fingerprinting methods for different protocols.For active methods we consider active scanning,endpoint metadata analysis and content injection and reference existing implementations.We conclude that there are several open areas for future research,and that none of the considered methods is a silver bullet solution for endpoint aware inspection in the context of a next generation firewall.To our best knowledge,this is the first study to examine current research and existing implementations of endpoint aware inspection.

关 键 词:Network traffc Endpoint identification NGFW Endpoint aware inspection 

分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象