A High Assurance Firewall In A Cloud Environment Using Hardware And Software

Abstract

Cloud computing is becoming increasingly popular and offers a wide variety of advantages over conventional networking, including the ability to centralize resources both physically and financially. While implementing a cloud infrastructure does raise security concerns, a secure cloud infrastructure similar to that of a conventional network can be achieved using tools and tactics deployed to protect the network from adversaries and various malicious attacks. One primary component in any secure network, cloud or otherwise, is a firewall that examines inbound and outbound traffic on the network to ensure that it is authentic and based on a set of rules, as well as enables the network administrator to permit safe content. A cloud infrastructure differs from a conventional network mainly in its logical implementation, so building a secure cloud network will differ logically. Finding the best combination of a virtual firewall and its implementation is instrumental to building a fast, efficient cloud network that also has all the properties of a secure conventional network. This dissertation will focus on analyzing the characteristics of firewalls and implementing them in a virtual environment as both software- and hardware-based solutions that retain the security features of a traditional firewall. The virtual firewall's effectiveness will be measured according to existing federal standards and definitions regarding network security. In addition, several scenarios will be evaluated to discover vulnerabilities that are present in virtual firewalls in order to offer potential solutions that will mitigate them.