IST LOGO

 DIADEM FIREWALL    FP6 IST-2002-002154

 

DIADEM FIREWALL LOGO

 

Home

Overview

Partners

Events

Documents

Software

Publications

Press

Links

Contact


MonAM 2006
Workshop

Welcome to the DIADEM FIREWALL homepage.

Abstract

The vision of the project is to develop a novel and comprehensive security solution for secure broadband services, by combining the following:

  • flexible implementation techniques for high-speed packet processing,
  • algorithms for intrusion detection,
  • and policy-based techniques for automated configuration and decision-handling.

The project aims for the general goal of development and deployment of innovative network components that enable service providers to offer to their customers secure broadband services in an effective and cost-efficient way. In order to achieve this overall goal, the project pursues the following individual objectives:

  • Design and implement an innovative architecture for provider-controlled distributed high-speed edge devices, aimed to become a new generation of distributed high-speed broadband firewalls with policy-based control, that are suitable to provide a comprehensive security solution meeting the needs of customers and service providers.
  • Develop and deploy enhanced techniques capable of detecting a wide range of security violations, in particular detecting DDOS (Distributed Denial of Service) attacks, but also suitable for detecting and identifying other types of malfunctioning.
  • Achieve enhanced detection capabilities by designing flexible and effective solutions for distributed monitoring of application traffic.
  • Establish techniques for intelligent response to security violations, in particular providing an effective protection against DDOS attacks.
  • Ensure fair, coherent, and efficient enforcement of security policies by management and control of the distributed firewall components.
  • Define use-cases for the new technology, deploy them in meaningful test beds, and disseminate know-how and training of target people.

The architecture ensures high performance in combination with functional flexibility using programmable hardware for classification, filtering, sampling and measurements.