Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Distributed Firewalls

From: "H. Morrow Long" <morrow.long () YALE EDU>
Date: Thu, 9 Jan 2003 16:40:04 -0500
Crawford, Charles D wrote:

I am in the process of researching the benefits/drawbacks of using a
Distributed Firewall architecture campus wide.  I am curious as to what
experiences other Universities might have with this type of architecture or
layout?  Or, are other Universities doing this type of layout.

Any information would be great.


UC Berkeley, U of Washington, Columbia and others have all done work or
analysis in this area I believe. Here are a few documentation pointers :

1.  I would read the UC Berkeley Firewall Task Force report at:
       http://fwtf.berkeley.edu/fwtf_report/
    And in particular the section in the Technical Analysis section on "Hidden VLANs":
       http://fwtf.berkeley.edu/fwtf_report/Technical.htm
    The entire site (http://fwtf.berkeley.edu/) is interesting.

2.  Great reading on academic firewalls and distributed firewalls in particular:
    Firewalls for Open Networks (Terry Gray, CSG May 2002)
       http://www.stonesoup.org/Meetings/0205/security.pres/gray.htm
       http://www.stonesoup.org/Meetings/0205/security.pres/gray.ppt
    Network Security Credo (Terry Gray et. al):
       http://staff.washington.edu/gray/papers/credo.html
    Firewalls, Friend or Foe (Terry Gray - Educause Review version):
       http://staff.washington.edu/gray/papers/fff-final.htm

- H. Morrow Long
  University Information Security Officer
  Yale University, ITS, Dir. InfoSec Office

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: