A1 Vertaisarvioitu alkuperäisartikkeli tieteellisessä lehdessä

Study of methods for endpoint aware inspection in a next generation firewall




TekijätHeino Jenny, Hakkala Antti, Virtanen Seppo

KustantajaSpringer

Julkaisuvuosi2022

JournalCybersecurity

Artikkelin numero25

Vuosikerta5

Aloitussivu1

Lopetussivu15

eISSN2523-3246

DOIhttps://doi.org/10.1186/s42400-022-00127-8

Verkko-osoitehttps://cybersecurity.springeropen.com/articles/10.1186/s42400-022-00127-8

Rinnakkaistallenteen osoitehttps://research.utu.fi/converis/portal/detail/Publication/176187266


Tiivistelmä

Given the global increase in remote work with the COVID-19 pandemic and deperimeterization due to cloud deployment of next generation firewalls, the concept of a next generation firewall is at a breaking point. It is becoming more difficult to define the barrier between the good and the bad. To provide the best security for an endpoint with minimal false positives or false negatives it is often necessary to identify the communicating endpoint application. In this study, we present an analysis of key research and methods for providing endpoint aware protection in the context of a next generation firewall. We examine both academic research as well as state-of-the-art of the existing next generation firewall implementations. We divide endpoint application identification into passive and active methods. For passive endpoint application identification, we study several traffic fingerprinting methods for different protocols. For active methods we consider active scanning, endpoint metadata analysis and content injection and reference existing implementations. We conclude that there are several open areas for future research, and that none of the considered methods is a silver bullet solution for endpoint aware inspection in the context of a next generation firewall. To our best knowledge, this is the first study to examine current research and existing implementations of endpoint aware inspection.


Ladattava julkaisu

This is an electronic reprint of the original article.
This reprint may differ from the original in pagination and typographic detail. Please cite the original version.





Last updated on 2024-26-11 at 23:41