This paper presents the novel idea of route normalization by correcting on the fly routing traffic on behalf of a local router to protect the local network from malicious and misconfigured routing updates. Analogous to traffic normalization for network intrusion detection systems, the proposed RouteNormalizer patches ambiguities and eliminates semantically incorrect routing updates to protect against routing protocol attacks. Furthermore, it serves the purpose of a router firewall by identifying resource-based attacks against routers. Upon detecting anomalous routing changes, it suggests local routing policy modifications to improve route selection decisions. Deploying a RouteNormalizer requires no modification to routers if desired using a transparent TCP proxy setup.
Did you find this white paper useful?
Related white papers
Balancing Security Against Productivity
What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Novell Zenworks Endpoint Security Management: Total Control from a Single Console
Still super gluing your USB ports shut? Unauthorized access to networks, lost or stolen laptops and other mobile hardware, and theft of proprietary information or intellectual property accounted for more...
Engineering e-Business Applications for Security
Without on-demand security there's no on-demand business. Today e-business applications provide critical links among businesses, customers and partners. Any vulnerability translates quickly into loss of revenue, confidence and trust. Traditionally,...
Take the Sophos Threat Detection Test: Is your current anti-virus catching everything it should?
Use the Sophos Threat Detection Test to quickly perform a scan and find any viruses, spyware, adware or zero-day threats that might have by-passed your existing protection. The test can...
Free 30 Day Trial: Sophos Endpoint Security and Control
Sophos Endpoint Security makes it easy to secure your desktops, laptops, mobile devices and file servers from viruses, spyware, adware, potentially unwanted applications (PUAs), and hackers, so you no longer...
Protecting the Enterprise Network: Layered Network Security Defense
Securing the network perimeter and prohibiting unauthorized access from within can prove to be a daunting challenge. Today's businesses must guarantee uninterrupted access to network resources. Products must be designed...
