ABSTRACT

Computer and Network security are the means of prevention and detection of unauthorized actions by users of computer system. The unauthorized action can be defined by the security policies which defines the security rules of a system. In most of the systems, the network security is achieved by firewall. A firewall is typically placed at the edge of a system and acts as a filter for unauthorized traffic. But there are some problems with these traditional firewalls like they rely on the notation of restricted topology and controlled entry points to function. Restricting the network topology, difficulty in filtering of certain protocols, end-toend encryption problem and few more problems lead to the evolution of Distributed Firewalls. Distributed Firewall is a mechanism to enforce a network domain security policy through the use of a policy language, policy distribution scheme enabling policy control from a central point and certificates, enabling the identification of any member of the network policy domain. It secures the network by protecting critical network endpoints, exactly where hackers want to penetrate. It filters traffic from both the Internet and the internal network. They provide unlimited scalability and also they overcome the single point of failure problem presented by the perimeter firewall.
In this paper I am dealing with distributed firewall concepts, its evolution, its components, and the policies.