By Topic

Work in Progress: Bro-LAN Pervasive Network Inspection and Control for LAN Traffic

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)

Network intrusion detection and prevention systems (NIDS and NIPS) have to date focused on protecting external access links, or, when internally deployed, links between major enclaves in an enterprise. As previously argued, major threats (worms, insiders, and attackers with a toehold) come from inside the local network, rather than outside. Recently, two approaches have arisen to address this threat: ubiquitous deployment of end system monitors and custom hardware to replace switching infrastructure. This paper presents a third way: exploiting the VLAN capabilities of modern switches to enforce that all LAN communications must traverse and meet the approval of an intrusion detection monitor that operates separately from the switches. This architecture can realize two key benefits: (1) deployment and operation in today's enterprise networks without requiring replacement of existing network infrastructure, and (2) the use of highly flexible, commodity PCs for LAN monitoring, rather than algorithms embedded in difficult-to-reprogram custom hardware

Published in:

Securecomm and Workshops, 2006

Date of Conference:

Aug. 28 2006-Sept. 1 2006