SBIR-STTR Award

  1. You are here:    Home
  2. Search Databases
  3. Search SBIR-STTR Awards
  4. SBIR-STTR Award

A New Firewall Architecture for Multimedia and High Performance Networks
Award last edited on: 4/4/02

Sponsored Program
SBIR
Awarding Agency
DOE
Total Award Amount
$824,753
Award Phase
2
Solicitation Topic Code
-----
Principal Investigator
Maris Bergmanis

Company Information

Secure Computing Corporation (AKA: Secure Computing Technology Corporation)

4810 Harwood Road
San Jose, CA 95124
   (408) 979-6100
   info@securecomputing.com
   www.securecomputing.com
Location: Multiple
Congr. District: 18
County: Santa Clara

Phase I

Contract Number: DE-FG02-98ER82667
Start Date: 00/00/00    Completed: 00/00/00
Phase I year
1998
Phase I Amount
$74,949
Given the diversity of network traffic, current firewall architectures impose severe limitations on network bandwidth. Customers need improved firewall performance and throughput for Virtual Private Networks and multimedia traffic as they move to higher performance T3 and Asynchronous Transfer Mode lines. Neither faster firewall processors nor more memory will provide the necessary performance boost. To significantly reduce latency and increase firewall performance for both real time (multimedia) and encrypted data, security coprocessing features can be added to the Input/Output subsystems by exploiting the emerging Intelligent Input/Output architecture. Phase 1 will provide a detailed feasibility analysis of the proposed architecture. The analysis will also include a security vulnerability assessment and performance projections.

Commercial Applications and Other Benefits as described by the awardee:
The benefits to government and industry include significant throughput improvements for Virtual Private Networks, multimedia, and encrypted traffic. The proposed architecture is based on industry standards, is scalable, and can be incorporated in Windows NT and UNIX firewalls and other systems supporting the platform independent Intelligent Input/Output architecture.

Phase II

Contract Number: DE-FG02-98ER82667
Start Date: 00/00/00    Completed: 00/00/00
Phase II year
1999
Phase II Amount
$749,804
Given the diversity of network traffic, current firewall architectures impose severe limitations on network bandwidth. Customers need improved firewall performance and throughput for Virtual Private Networks and multimedia applications as they move to higher performance T3 and Asynchronous Transfer Mode lines. Neither faster firewall processors nor more memory will provide the necessary performance boost. This project will develop a firewall prototype that supports significantly higher bandwidth and reduces latency for multimedia, Virtual Private Networks, and large file transfers. Support for high bandwidth will be achieved by adding security co-processing features in the I/O subsystem. Phase I identified the hardware and software changes that have to be made to enable the firewall to support security co-processing in the I/O subsystem. It was shown that a significant performance boost is achievable without introducing security vulnerabilities. Phase II will construct a prototype firewall using commercially available components. Security filtering software will be developed for multimedia applications, Virtual Private Networks, and file transfer protocol (FTP) in order to demonstrate the expected performance boost.

Commercial Applications and Other Benefits as described by the awardee:
Government and industry should benefit from the significant throughput improvement for Virtual Private Networks, multimedia, and large file transfers that would be provided by this scalable firewall. Organizations should be able to take advantage of higher performance networks without sacrificing security.