Options
2004
Report
Title
Improving IP accounting for secure border routers
Abstract
Today, security is a major issue in design and operation of computer networks. To reduce a network's vulnerability, the effort should not be restricted to a firewall as a single point of network traffic control. Only multi-layered security models can effectively protect a network. Thus, a border router with proper access control embodies the outermost security layer. Unfortunately, the rejection of potentially harmful packages can have a negative impact on traffic accounting mechanisms applied on a border router that has been secured this way. In this paper we discuss the state of the art for both access control and traffic accounting techniques. We show that one cannot solely trust current accounting mechanisms because they often suffer from inadequate accuracy and that this problem becomes even worse in secure environments with consequently applied access control. We confirm this statement with an experiment using Cisco's accounting technologies IP Accounting and NetFlow. Going on, we demand a better traffic measurement to meet the security requirements in future network operations and make a first proposal to enhance NetFlow in this direction.
Publishing Place
Kaiserslautern