OPTWALL: A Hierarchical Traffic-Aware Firewall
The overall efficiency, reliability, and availability of a firewall is crucial in enforcing and administrating security, especially when the network is under attack. The continuous growth of the Internet, coupled with the increasing sophistication of the attacks, is placing stringent demands on firewall performance. These challenges require new designs, architecture and algorithms to optimize firewalls. In this paper, the authors propose OPTWALL, an adaptive hierarchical firewall optimization framework aimed at reducing operational cost of firewalls. The main features of the proposed approach are the hierarchical design, splitting techniques, an online traffic adaptation mechanism, and a strong reactive scheme to counter malicious attacks (e.g. Denial-of-Service (DoS) attacks).