Firewalls are popular cyber-security countermea-sures that are increasingly used in industrial environments to protect the network infrastructure from attacks and malicious behavior. Unfortunately, they can also become inadvertent bot-tlenecks when the traffic load they have to filter grows larger. Among the different solutions that have been proposed to mitigate this aspect and improve performance of devices, rule migration looks appealing also in industrial multi-firewall systems because, differently from other techniques appeared in the literature, it neither requires interventions on the network topology nor it is based on non-standard packet formats and protocols. This paper is aimed at presenting some preliminary results about performance achievable with the rule migration approach, when it is applied to the popular Iptables open source firewall, in the light of its possible adoption in industrial application scenarios.
Improving performance and cyber-attack resilience in multi-firewall industrial networks
Seno L
;Cheminod M;Cibrario Bertolotti I;Durante L;Valenzano A
2022
Abstract
Firewalls are popular cyber-security countermea-sures that are increasingly used in industrial environments to protect the network infrastructure from attacks and malicious behavior. Unfortunately, they can also become inadvertent bot-tlenecks when the traffic load they have to filter grows larger. Among the different solutions that have been proposed to mitigate this aspect and improve performance of devices, rule migration looks appealing also in industrial multi-firewall systems because, differently from other techniques appeared in the literature, it neither requires interventions on the network topology nor it is based on non-standard packet formats and protocols. This paper is aimed at presenting some preliminary results about performance achievable with the rule migration approach, when it is applied to the popular Iptables open source firewall, in the light of its possible adoption in industrial application scenarios.| File | Dimensione | Formato | |
|---|---|---|---|
|
prod_476840-doc_195023.pdf
solo utenti autorizzati
Descrizione: Improving performance and cyber-attack resilience in multi-firewall industrial networks
Tipologia:
Versione Editoriale (PDF)
Licenza:
NON PUBBLICO - Accesso privato/ristretto
Dimensione
525.5 kB
Formato
Adobe PDF
|
525.5 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
|
WFCS_2022_AAM.pdf
accesso aperto
Descrizione: Improving performance and cyber-attack resilience in multi-firewall industrial networks
Tipologia:
Documento in Post-print
Licenza:
Creative commons
Dimensione
634.65 kB
Formato
Adobe PDF
|
634.65 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
