Denial-of-Service attacks are a major concern in VoIP deployments. IP phones are especially vulnerable because of their inherent imbalance in network capacity and processing power. In other words, a packet flood can easily bring an IP Phone down long before the network saturation point is reached. This paper presents the ideas behind the design of an efficient firewall to protect against DoS attacks. The main contribution lies in the novelty of packet classification heuristics by leveraging the behavior specific to VoIP. These include state based rule-partitioning and flow-rate based rule update. The ideas and the evident contrast to generic firewalls should also facilitate firewall design for other applications.
Did you find this white paper useful?
Related white papers
Balancing Security Against Productivity
What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Novell Zenworks Endpoint Security Management: Total Control from a Single Console
Still super gluing your USB ports shut? Unauthorized access to networks, lost or stolen laptops and other mobile hardware, and theft of proprietary information or intellectual property accounted for more...
Accountancy Firm Gain a Powerful New Tool for Laptop Security
Since 1997, Anderson Hubertz, Kirkhof (AHK) has been serving small to medium-sized companies throughout Denmark. With all 80 employees at AHK using corporate laptops, network security is crucial. AHK felt...
Live video broadcast: Data Loss Prevention from the Inside Out
Firewalls and intrusion prevention systems can protect your network from outside threats, but they will not stop one of your biggest security risks: well-meaning employees who accidentally expose or release...
Intel Reference Design Helps eSoft Build "Firewall With a Future"
Firewall security and virtual private network (VPN) technology is becoming a key issue for small to mid-sized businesses. This case study shows how a software company used the Intel 810...
Firewalls White Paper
With the whole of the networking world moving toward inhabiting a single global village, we inevitably have to start thinking about locking our doors and bolting our windows. It has...
