120 likes | 330 Views
Intelligent Firewall Technology. Carnegie Mellon University Security Trust Symposium 27 November 2001. “Security is mostly a superstition. It does not exist in nature…”. “Security is mostly a superstition. It does not exist in nature…”. - Helen Keller. Traditional Firewall Technology.
E N D
Intelligent Firewall Technology Carnegie Mellon University Security Trust Symposium 27 November 2001
“Security is mostly a superstition.It does not exist in nature…”
“Security is mostly a superstition.It does not exist in nature…” - Helen Keller
Traditional Firewall Technology • Packet Filtering • Network Proxy • Application Proxy • Stateful Inspection
Traditional Firewall Enhancements • Hardened OS • Sanity Checking • Imbedded VPN & IDS • Automated Rule Updates
Traditional Firewall Weaknesses • The Rule Base • Human Factor • Built-in “Features” • Limited Data Scrutiny
“[We] need to learn to launch an electronic attack on an enemy and ensure electromagnetic control in an area and at a time favorable to us.”
“[We] need to learn to launch an electronic attack on an enemy and ensure electromagnetic control in an area and at a time favorable to us.” - China’s Army Newspaper
Intelligent Firewall Technology • Neural Network Engine • Online Full Packet Analysis • Offline Buffered Analysis • Dynamic Self Updating
TechGuard Neural Engine • Trained on Good/Bad Traffic • Generalization • Parallel Architecture • Granularity
Applications • Enterprise Firewall • Server (Farm) Specific Firewall • Mainframe Firewall • Imbedded Firewall
Good Company • The Biplane • The Edsel • The Apple IIe • The Rule Based Firewall