Integrated Scalable Parallel Firewall and Instrusion Detection System for High-Speed Networks

A number of simulataneous trends (ever-increasing network speeds and throughput, escalating sophistication of attacks, regulatory initiatives, and integration of networks within and without the enterprise) can cause both bottlenecks and quality-of-service degradation within the firewalls of computing systems used by the DOE and large corporations. This project will develop an advanced, scalable, function-parallel firewall methodology that is capable of maintaining an optimized set of firewall rules, in order to maximize performance and better mitigate new security threats. Unlike current firewall systems, which are not scalable and require an appliance swap to upgrade, the new methodology will provide a low-cost, scalable, high-speed firewall, with intrusion detection and prevention capabilities, that addresses markets for 1-gigabit. Phase I will determine the feasibility of a device that leverages new optimization and parallelization techniques, leading to higher throughput with lower delays. The benefits of policy optimization, function-parallel firewall, and designs for intrusion detection systems will be evaluated through modeling, simulation, and the development of a prototype device. Commercial Applications and Other Benefits as described by the Applicant: The new methodolgy should find application at various sites connected via the DOE UltraScienceNet, specifically at ORNL, BNL, and LANL. Furthermore, any corporation (i.e. banks, insurance, airlines, manufactures, etc.) that must move large amounts of critical data in real time across the network would benefit from this technology.