Skip to Main Content
Operators of IP-based multi-service networks have to maintain increasingly complex management architectures which need tight protection as their in-band signaling and control protocols are inherently susceptible to attacks from outsiders. Operators therefore need an efficient management of local security functions distributed among network components that enforce a coherent global network security policy. In this paper, a flexible and scalable approach for the management of distributed packet filters in IP-based multi-vendor environments is presented that allows the operator to incorporate filter capability restrictions within nodes and the trade-off between operational risk and attack risk into their management decisions.
Date of Conference: May 21 2007-Yearly 25 2007