Showing papers on "IPsec published in 1994"

On Internet Authentication

Abstract: This document describes a spectrum of authentication technologies and provides suggestions to protocol developers on what kinds of authentication might be suitable for some kinds of protocols and applications used in the Internet. This document provides information for the Internet community. This memo does not specify an Internet standard of any kind.

Building firewalls with intelligent network interface cards

Abstract: "The primary method for protecting networks today is to use a firewall: a boundary separating the protected network from the untrusted Internet However, these firewalls offer no protection from internal attacks, scale poorly due to limited firewall processing capacity, and do not support mobile computing Distributing a firewall to each network host avoids many of these problems, but weakens the security guarantees of the network since it places the firewall under the control of the host OS Leveraging the increasing capability of embedded-VLSI, including network-specific processors, we propose a Network Interface Card (NIC) based distributed firewall Supporting the same (and more) functions as a centralized firewall, NIC-based firewalls provide significant benefits including: scalability, easier client customization, sharing application/OS state to enable application-level filtering, and the ability to block misbehaving hosts at the source, the host itself We describe the architecture of a Network Interface Card-based distributed firewall and our implementation, which uses an i960-based NIC and IPsec for management and policy distribution The firewall currently supports basic packet filtering and some application policies as well as secure policy distribution"