A New Firewall Architecture for Multimedia and High Performance Networks--Secure Computing Corporation, 2675 Long Lake Road, Roseville, MN 55113-1117; (612) 628-2733
Mr. Maris Bergmanis, Principal Investigator
Mr. Bill Erbes, Business Official
DOE Grant No. DE-FG02-98ER82667
Amount: $74,949

Given the diversity of network traffic, current firewall architectures impose severe limitations on network bandwidth. Customers need improved firewall performance and throughput for Virtual Private Networks and multimedia traffic as they move to higher performance T3 and Asynchronous Transfer Mode lines. Neither faster firewall processors nor more memory will provide the necessary performance boost. To significantly reduce latency and increase firewall performance for both real time (multimedia) and encrypted data, security coprocessing features can be added to the Input/Output subsystems by exploiting the emerging Intelligent Input/Output architecture. Phase 1 will provide a detailed feasibility analysis of the proposed architecture. The analysis will also include a security vulnerability assessment and performance projections.

Commercial Applications and Other Benefits as described by the awardee: The benefits to government and industry include significant throughput improvements for Virtual Private Networks, multimedia, and encrypted traffic. The proposed architecture is based on industry standards, is scalable, and can be incorporated in Windows NT and UNIX firewalls and other systems supporting the platform independent Intelligent Input/Output architecture.