Extending Firewall Session Table to Accelerate NAT, QoS Classification   and Routing

Mahmoud Mostafa (IRIT); Anas Abou El Kalam (IRIT); Christian Fraboul; (IRIT)

arXiv:0911.4033·cs.CR·November 23, 2009·2 cites

Extending Firewall Session Table to Accelerate NAT, QoS Classification and Routing

Mahmoud Mostafa (IRIT), Anas Abou El Kalam (IRIT), Christian Fraboul, (IRIT)

PDF

Open Access

TL;DR

This paper proposes extending the firewall session table to improve processing speed for NAT, QoS classification, and routing, aiming to balance security and performance in network systems.

Contribution

It introduces a novel extension to the firewall session table that accelerates key network functions without compromising security.

Findings

01

Significant reduction in processing delay for NAT, QoS, and routing.

02

Maintains security level while improving performance.

03

Enhances network efficiency by optimizing session management.

Abstract

security and QoS are the two most precious objectives for network systems to be attained. Unfortunately, they are in conflict, while QoS tries to minimize processing delay, strong security protection requires more processing time and cause packet delay. This article is a step towards resolving this conflict by extending the firewall session table to accelerate NAT, QoS classification, and routing processing time while providing the same level of security protection. Index Terms ? stateful packet filtering; firewall; session/state table; QoS; NAT; Routing.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsNetwork Packet Processing and Optimization · Network Security and Intrusion Detection · Network Traffic and Congestion Control